In brief: Microsoft, Yahoo reach IM accord

Microsoft and Yahoo will make their respective consumer instant-messaging networks partly interoperable in the second quarter of next year, the companies announced last week.

This is the first such agreement between major providers of this popular online service, which lets users communicate in a variety of ways, such as text-message exchanges, PC-to-PC voice chats, VoIP phone calls, photo sharing, file sharing, Webcam video transmission and gaming. However, communications between MSN Messenger and Yahoo Messenger users will be limited to exchanging text messages, PC-to-PC voice chatting, sharing some emoticons and adding contacts from both services to their contact lists. Combined, MSN Messenger and Yahoo Messenger will have an estimated 275 million users.

The number of days a phishing site remains online has dropped to an average of 5.5 - down from a high of more than a week - a sign that countermeasures against fraudulent Web sites are being enacted with increased speed, according to the Anti-Phishing Working Group, which monitors phishing trends and online crime. In its August 2005 phishing report, released last week, the APWG found that for the second consecutive month, the number of reported new phishing campaigns declined, but the number of new phishing sites reached an all-time high of 5,259. In July, 4,564 sites were reported, the APWG said.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Microsoft and Yahoo will make their respective consumer instant-messaging networks partly interoperable in the second quarter of next year, the companies announced last week.

This is the first such agreement between major providers of this popular online service, which lets users communicate in a variety of ways, such as text-message exchanges, PC-to-PC voice chats, VoIP phone calls, photo sharing, file sharing, Webcam video transmission and gaming. However, communications between MSN Messenger and Yahoo Messenger users will be limited to exchanging text messages, PC-to-PC voice chatting, sharing some emoticons and adding contacts from both services to their contact lists. Combined, MSN Messenger and Yahoo Messenger will have an estimated 275 million users.

The number of days a phishing site remains online has dropped to an average of 5.5 - down from a high of more than a week - a sign that countermeasures against fraudulent Web sites are being enacted with increased speed, according to the Anti-Phishing Working Group, which monitors phishing trends and online crime. In its August 2005 phishing report, released last week, the APWG found that for the second consecutive month, the number of reported new phishing campaigns declined, but the number of new phishing sites reached an all-time high of 5,259. In July, 4,564 sites were reported, the APWG said.

As recently as 18 months ago, operators of phishing sites could be confident a site would function for a week or more, collecting information such as user names and passwords to banking sites and other sensitive data. But the working group said now when phishing sites are detected, ISPs are contacted and the sites are removed faster.

Long inaccessible in China without the use of a proxy server, Google's free Weblog service, Blogger, can now be directly accessed by Internet users in Beijing. In addition, Chinese Internet users can now access cached Web pages on Google's search engine. Chinese access to Blogger was apparently blocked by government censors starting in 2002. When Chinese users attempted to access Google's Web site, they were redirected to one of several Chinese search engines, which indicated DNS records had likely been changed to block access to the U.S.-based search engine.

This virtual hijacking of Google's domain name was short-lived, but the apparent blocking of Blogger - likely implemented to shut out sites that contained information government censors didn't want disseminated in China - persisted for three years. Google executives were not available to comment. The Chinese government does not acknowledge whether it takes actions to block specific Web sites.

Security assessment vendor Immunity has discovered a way to exploit a recently disclosed bug in Microsoft's Windows operating system, and researchers are concerned that a new worm attack, similar to August's Zotob outbreak, may be imminent. The bug, which Microsoft patched last week, primarily affects users of Windows 2000, the same operating system that was targeted in the Zotob attacks. It concerns the Microsoft Distributed Transaction Coordinator, a component of the operating system that is commonly used by database software to help manage transactions. Microsoft rated the vulnerability as critical for Win 2000 users and said that, if exploited, it could be used to seize control of an unpatched system. More details on the MSDTC bug, including Microsoft's patch, can be found in Microsoft Security Bulletin MS05-051

Symantec has patched a critical vulnerability in its Veritas NetBackup software that could be used to seize control of an unpatched system. A bug in the Java authentication service, used by NetBackup servers and clients, could be exploited by a specially crafted command that could give attackers control of the system, said the French Security Incident Response Team, in a bulletin posted Wednesday.

The vulnerability affects NetBackup Versions 4.5, 5.0, 5.1 and 6.0, on virtually all operating system platforms, Symantec said in a statement. The software vendor is not aware of any exploits for this problem, but the company strongly recommends that customers update their software with patches.

Read more about security in Network World's Security section.