|
|
|
|
browsersFebruary 6, 2008
Wednesday, February 06, 2008 10:36 PM/EST
Reminder - IE7 Coming on WSUS 2/12It's been reported in the past, but it's a real issue next week. Next Tuesday—not coincidentally Patch Tuesday—Microsoft will make Internet Explorer 7 available on WSUS (Windows Software Update Services) as an Update Rollup package. It's not the default, but... July 11, 2007
Wednesday, July 11, 2007 4:29 PM/EST
30MB PatchThanks to our own Cameron Sturdevant for pointing out on his own blog that one of the the patches released in this week's Patch Tuesday is 30MB large. You probably need a special strategy before deploying such a patch in... July 5, 2007
Thursday, July 05, 2007 12:05 PM/EST
Code Insertion Through ARP SpoofingOnce you've got control of a system inside a network, it's amazing what you can do with it. Neil Carpenter of Microsoft's Security Incident Response team recently ran into an example of a particularly powerful and scary attack using ARP... June 18, 2007
Monday, June 18, 2007 8:43 PM/EST
The Anti-phishing API WarI saw it coming back when all the phishing URL databases were being built: Not only were all the databases going to compete, but there would be different access methods. We saw another stupid battle in that war today with... June 14, 2007
Thursday, June 14, 2007 4:35 PM/EST
IE6 on Dell XP SystemsI was surprised to find out today that when you buy a Windows XP system from Dell, even today, it comes with Internet Explorer 6. This is some time since IE7, clearly a better, more secure browser, shipped. I asked... June 11, 2007
Monday, June 11, 2007 9:49 PM/EST
Safari Exploits Come Fast and FuriousIt didn't take long after the beta of Apple's Safari for Windows became available before the vulnerabilities and exploits started hitting the fan. Attacking Safari appears to be one of those shooting fish in a barrel deals, and there hasn't... May 28, 2007
Monday, May 28, 2007 6:46 AM/EST
More From Symantec on MPackA Symantec Security Response blog this morning goes into more detail on the attack I mentioned earlier. It confirms, as I suspected, that the server side of the attack is all PHP-based. PHP servers are the overwhelming focus of server-side... May 26, 2007
Saturday, May 26, 2007 10:49 PM/EST
The Google CrappletWord is spreading about the latest development in crapware: An obscure software component on Dell PCs redirects certain browser operations to a special Google search page, one overflowing with ads. The component, officially called the "Browser Address Error Redirector," takes...
Saturday, May 26, 2007 10:20 PM/EST
Major Web-Based Attack UnderwaySymantec is reporting a widespread Web-based attack underway that is believed to have affected over 10,000 computers so far. As of the time of the report, 788 Web sites were known to be spreading the attack. Some of the sites... May 20, 2007
Sunday, May 20, 2007 6:27 PM/EST
The .bank Debate ContinuesMikko Hypponen of F-Secure has responded to the criticism of his .bank proposal, and specifically my criticism of it. He acknowledges the obvious, that phishers would still be able to use tricky domain names (one person has suggested .ba.nk, such...
|
|
|
|
|
