Archive | Security

Security is not a feature; it’s a process. Notes on issues, patches and essays on security.

WMF exploits continue to multiply and mutate…

By Ted Roche on January 4, 2006 in Microsoft, Security

Computerworld News Pre-release Microsoft patch for WMF flaw leaked. “Microsoft today confirmed that a pre-release version of its security update for the recently disclosed WMF vulnerability was briefly posted on the Internet . Users appear divided on whether to install an already available third-party patch for the problem.”

Meanwhile, InfoWorld: Top News is reporting…

Attempts to exploit WMF vulnerability by IM multiply.

(InfoWorld) – Security researchers have logged over 70 variations on instant messages attempting to exploit the WMF vulnerability since the first were reported on Saturday.

Watch out for the WMF exploit!

By Ted Roche on January 2, 2006 in Microsoft, Security, Technology

The Internet Storm Center has set their InfoCon alert to Yellow and is full of information on the recent WMF exploit. They are even promoting a private patch, due to Microsoft’s weak response on this issue. Microsoft has plans to ship a patch with their next regular Tuesday (the 10th) patch. Many of the media are a bit agitated to get a patch out sooner. Let’s see how Microsoft’s evaluation of the threat plays out. If they’re wrong, their customers could spend millions cleaning up the mess. If they’re right, no one will notice. Any change to the bottom line for Microsoft? Time will tell.

Zero-Day Windows Meta File exploit

By Ted Roche on December 28, 2005 in Microsoft, Security, Technology

InfoWorld: Application development reports “Update: Malicious hackers busy exploiting zero-day Windows flaw. Fully-patched systems running Windows XP and Windows Server 2003 can be successfully attacked by malicious hackers, various security firms warned Tuesday and Wednesday. By Juan_Carlos_Perez@idg.com (Juan Carlos Perez).”

Short form: IE seems to be subject to exploitation when navigating to a hostile site and received a Windows MetaFile (wmf). Site Admins should filter .wmf (and possibly .emf) files at the periphery. Limit IE use to a minimum, as always. FireFox users will receive a “what do I do with this file?” dialog. Doesn’t seem to affect Linux or Macintosh users.

Google Print and Hentzenwerke

By Ted Roche on December 28, 2005 in FoxPro, Security, Technology

Just to clarify that last post. Mike Sullivan pointed out that Google is posting pages from Hentzenwerke books with the publisher’s permission and/or cooperation. Google is not infringing on my copyright by doing this. I signed over the right to publish my books to Hentzenwerke, with some limitations, and I believe this is within those terms.

I’ve wanted to get Hacker’s Guide to Visual FoxPro on to the web for the past couple of years, but the publisher and authors couldn’t work out the mechanism. Google has solved that problem, at no cost to us. For some books, it’s possible this will lead to new sales. For others, it can make the work more accessible, perhaps elevating the reputation of the authors, leading to new work, which is the motivation for many technical authors.

Technical books face some unique challenges. Frankly, Sturgeon’s Law dictates that 90% of all technical books are crud. Technical books may even exceed that standard. But the grueling effort of assembling a complex technical book or reference book will have a challenging economic model: will publishers want to advance authors money to write a book that people will read for free on Google? You gotta read a novel from cover to cover, but you usually only need to read a single topic in a reference book. It will be interesting to see how this plays out in the marketplace. For the moment, I’m not inclined to invest a lot of effort in another reference work.

Hentzenwerke Books on Google Print

By Ted Roche on December 28, 2005 in FoxPro, Security, Technology

Via Scripting News: “Steve Rubel discovers how to read O’Reilly books, in full, for free, thanks to Google Books.”

It works the same way for Hentzenwerke books, too. Why lug around a 1300-page reference when you can just look it up on Google. Note that Google watermarks the page with “Copywritten Material” while publishing it for all the world to see for free.

Dangerous flaw in Symantec anti-virus

By Ted Roche on December 22, 2005 in Microsoft, Security

Computerworld News reports “Serious flaw reported in Symantec antivirus software. Symantec’s antivirus software is vulnerable to an attack that could allow a malicious hacker to gain control of a system.”

If you’re using a Symantec product, temporarily stop scanning .RAR files and avoid new RAR files until the flaw can be patched.

Microsoft patch Tuesday for December

By Ted Roche on December 14, 2005 in Microsoft, Security

Microsoft issued two new patches and re-issued one other patch on their monthly patch Tuesday. MS05-054 is “Cumulative Security Update for Internet Explorer,” yes, IE, that exploit delivery engine that also displays web pages. Get it patched, and use it only when absolutely necessary! MS05-055 is a very specific patch for Windows 2000 SP4 that patches an exploit which would allow an elevation of privileges. MS05-050, “Vulnerability in DirectShow Could Allow Remote Code Execution” was re-released to for a “revised version” of the security update for users of Windows 2000 SP4, Windows XP SP1 and Windows 2003 – sounds like a patch to the patch.

Get patching!

Nut-Graph: visualize blackouts

By Ted Roche on December 13, 2005 in LAMP, Linux, MySQL, OpenSource, Security, Technology

And once you have NUT monitoring your UPS serving multiple servers, consider adding Nut-Graph to give you a visual display of incoming voltage, load and battery status. Requires NUT, mod_php, MySQL 4.1 and Perl and jpgraph. Very slick!

Lest We Forget

By Ted Roche on December 7, 2005 in Security

Doc Searls blogs, “The lessons live. December 7, 1941, FDR said, was “a day that will live in infamy”. Now veterans who remember are filling the WWII Memorial at a rate greater than 1000 per day.Most of us who grew up in the 1950s, didn’t know our parents were The Greatest Generation. We just wished they’d quit harping about growing up in the Depression. (“When I was your age, we walked ten miles to school in the snow…”)… Those two subjects, The War and The Depression, gave our parents enormous moral authority, as well as a boundless supply of instructive stories at the dinner table. We didn’t appreciate it much at the time. Now that so many of the old folks are going or gone, we do.”

IE exploit still unpatched six months later

By Ted Roche on November 30, 2005 in Microsoft, Security, Technology

Computerworld News: “Attackers targeting unpatched IE bug, Microsoft warns. Microsoft today warned that attackers could exploit a critical unpatched bug in Internet Explorer, first reported in May, and take over a user’s computer.”

“Microsoft Corp. is warning Internet Explorer users to be careful where they browse because attackers are now targeting a critical unpatched bug in the software. If successful, these attackers could possibly use this bug to seize control of a user’s system, the company said.”

“Be careful?” With clever phishing schemes, unicode obfuscation of URIs, DNS poisoning and adware injection, it’s not possible to “be careful.” Just don’t use IE.

Older posts Newer posts

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Navigation