SANS Internet Storm Center weekend monitor is reporting “WebViewFolderIcon ActiveX control exploit(s) in the wild, (Sat, Sep 30th). Rise and shine. This vulnerability is being actively exploited in the wild …” (more)
If you must run IE, restrict ActiveX controls to the highest level possible. And use a safer browser, like FireFox or SeaMonkey or Opera or Konqueror or Camino or Safari for all those web sites that don't require you to use IE.
Redhat has posted an interesting “Risk Report” outlining the security experiences with the first year of RedHat Enterprise Linux. A frank discussion of positives and negatives, with some good reminders on basic Best Practices. Worthy of a read.
I've always wanted an excuse to build one of those lunch-box sized PCs. I haven't come up with a good excuse yet, but Ars Technica has some recommendations on the components to build the box, whether you want a Budget Box or a top-of-the-line machine.
IBM joins in the fray by recalling over half a million laptop batteries. PC Magazine covers the story.
“Customers are encouraged to call Lenovo at (800) 426-7378 anytime or log on to Lenovo's battery recall web site to determine if they have an affected battery.”
I don't intend this blog to be a security blog; that's a full time job better served by others. However, you ought to be alert to what's going on out there:
MS “re-released” MS06-049 as version 2.0 (new and improved!) to patch NTFS file compression on Windows 2000 SP4.
The Internet Storm Center is reporting yet another Internet Explorer exploit, taking advantage of a bug in an ActiveX control.
The ISC is also pointing to reports of an exploit packaged in a PowerPoint file. I may have mentioned it before: Do not open attachments from untrusted sources and… there are no trusted sources. I wouldn't advise anyone to open a PowerPoint until they are sure their anti-virus scanners have been updated and clear the file. Better yet, open it in OpenOffice.org. Better yet… imagine a day with no PowerPoint. Wow.
Slashdot is noting that Microsoft Patches VML Vulnerability. “Microsoft has quietly released an official patch for the zero-day VML vulnerability. The patch was publicly available yesterday, But Microsoft has just added it to the Security Bulletin Index.” Eight days from time of first report to patch is pretty fast for Microsoft, and is almost two weeks ahead of their normal patch schedule. This security flaw was being aggressively exploited out in the wild.”
For Microsoft to break their usual once-a-month patch cycle is pretty unusual, so I'd consider this patch sooner rather than later. Get patching!
InfoWorld's Off the Record column continues to supply great tales of the software world's mis-steps, like this one:
“Ten years ago, I was the IT manager at a successful software company whose main product was aimed at large insurance companies. It was a DOS app that read records from large data files, did a little processing, and passed the results to other apps downstream. It wasn't particularly pretty, but it was accurate — and it was fast! It worked in batch mode, processing thousands of records per minute, which was a critical feature, considering how many records our clients needed to manage each day.”
“We were doing well with this app, which was pretty much the industry leader. So in a classic it-ain't-broke-so-let's-fix-it-anyway move, some of our managers and salespeople began complaining that it wasn't written for Windows.”
Betcha can't guess what comes next. Read the whole story here.
InfoWorld's Off the Record column continues to supply great tales of the software world's mis-steps, like this one:
“Ten years ago, I was the IT manager at a successful software company whose main product was aimed at large insurance companies. It was a DOS app that read records from large data files, did a little processing, and passed the results to other apps downstream. It wasn't particularly pretty, but it was accurate — and it was fast! It worked in batch mode, processing thousands of records per minute, which was a critical feature, considering how many records our clients needed to manage each day.”
“We were doing well with this app, which was pretty much the industry leader. So in a classic it-ain't-broke-so-let's-fix-it-anyway move, some of our managers and salespeople began complaining that it wasn't written for Windows.”
Betcha can't guess what comes next. Read the whole story here.
Google sites unavailable in some parts of the U.S..
(InfoWorld) – “Google Inc. users in the U.S. lost access to Google Web sites on Tuesday in a connectivity issue that lit up the blogosphere but whose causes remain unclear… An undetermined number of Google users that connect to the Internet via a specific service provider “experienced problems accessing Google and other services for a short period of time” on Tuesday, a Google spokesman said via e-mail.”
Thats would be COMCAST. We lost connectivity with Google yesterday here in New Hampshire. It felt like half the internet was unavailable. Google ads on pages would grind page loads to a halt. Google Mail lost meant I missed some of my mailing list reading. And I hadn't appreciated how dependent I had gotten on typing whatever I needed into the little box in the upper right of FoxFire: JavaScript syntax questions, contact information. Why bookmark? There's Google. Sure, there were other search engines to switch to, and our business has a business DSL line with another vendor, but it was remarkable how much Google was missed.
I attempted to figure out if we had DNS problems in-house but couldn't find any symptoms, other than lack of Google. Traceroutes and pings and digs seemed to yield correct information. I even tried to contact Comcast to see if they had a page with “known outages” but never located it. Worse, I tried a “Chat with Comcast” session that turned out to be a bot with a single-digit IQ that only knew the answers to 10 questions, none of which were “Why are you blocking Google?” Quite annoying.
Glad to see order has been returned to the universe.
IBM continues its series documenting the knowledge you'll need to pass the Linux Professional Institutes certification exams. This month, they cover a portion of the second exam, LPI 102, “Linux Documentation.”