- Is the Cisco MARS mission going to abort?
- First iPhone worm spreads Rick Astley wallpaper
- 10 stunning 3D buildings made with Google SketchUp
- Open source software ready for big business
- Four reasons to buy (and one reason to avoid) the Droid
Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.
Microsoft fixes critical Web bugs with security updates
Microsoft released two security updates for its Windows operating system Tuesday to patch flaws that could give attackers
new ways to install malicious software on a victim's computer. IDG News Service , 11/11/2008.
Also:
Microsoft patch closes 7-year-old OS hole, expert says
A former Microsoft employee who's now CTO for a patch management firm says an update issued by Microsoft on Tuesday closes
a vulnerability that has been exploited for almost seven years and that he first identified while working for the company.
Network World, 11/12/2008.
**********
Flawed AVG antivirus update cripples Windows XP PCs
A flawed signature update to AVG Technologies' antivirus software over the weekend crippled some Windows XP PCs by mistakenly
deleting a critical system file, the company has confirmed. Computerworld, 11/11/2008.
AVG's FAQ on how to fix the issue
**********
IBM's ISS blasts security rival Trend Micro over bugs
In an unusual move, a security company owned by IBM has publicly blasted a rival for not patching reported bugs in its enterprise-grade,
server-side antivirus software. On Monday, David Dewey, a researcher with IBM's Internet Security Systems, explained why his
company had released several advisories that covered multiple vulnerabilities in Trend Micro's ServerProtect software, even
though according to IBM, Trend has not fixed the flaws. Computerworld, 11/12/2008.
IBM Frequency X blog: The Scoop on the X-Force TrendMicro Advisories
**********
Apple releases iLife Support 8.3.1 to fix flaws
An image handling flaw in Apple's iLife Support module, which is used by Aperture and other imaging applications, could be
exploited to run malicious code on an unpatched machine. The new update repairs the bug.
**********
Four new updates for rPath:
initscripts (denial of service)
postfix (denial of service)
**********
Three new patches from Gentoo:
Graphviz (buffer overflow, code execution)
FAAD2 (buffer overflow, code execution)
Gallery (multiple flaws)
**********
Two new fixes from Debian:
libcdaudio (heap overflow, code execution)
ekg (denial of service)
**********
Today's malware news:
Facebook hit by Nigerian 419 scam
Scammers are trawling Facebook for victims using a convincing twist on the notorious 'Nigerian 419' scam. TechWorld, 11/10/2008
Jason Meserve is multimedia editor at Network World.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment