New Windows attack can kill firewall

Hackers have published code that could let an attacker disable the Windows Firewall on certain Windows XP machines.

The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users.

The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc., who has blogged about the issue.

http://www.networkworld.com/news/2006/103006-new-windows-attack-can-kill.html

FTC launched online quiz-show style game (New Game Tests Who to Approve and Who to Remove)

The Federal Trade Commission today announced a new game that quizzes players on their online social networking practices and offers tips to help keep kids and teens safe online. The game, “Buddy Builder,” is available in English and Spanish.

In the game, players move through different rounds by correctly reacting to common requests found on social networking sites. For example:

Accept or Deny: It’s me, your Uncle John! Thanks for the link – Aunt Mary and I love your page… can you add us to your buddy list?
When players accept, they are advised: Yes, this is a fairly safe bet (assuming you actually had an Uncle John and Aunt Mary, and you invited them to visit your page!) If you’re at all unsure, why not call or e-mail him to check?

Accept or Deny: Wazzup? I think I know U – send me your pic (in swimsuit, pls!)?
When players deny, they are advised: Good thinking. Consider not posting your photo online – not only could it be altered in embarrassing ways, but do you really want strangers to know what you look like?

The quiz is one of several offered by OnGuardOnline, a multimedia, interactive consumer education campaign launched by the FTC and a partnership of other federal agencies and the technology industry.

More at http://www.ftc.gov/opa/2006/10/fyi0669.htm

Webroot offers SpySweeper with Antivirus

Webroot announced the availability of Spy Sweeper with AntiVirus. Developed specifically for consumers seeking an effective, yet easy–to–use program to protect their PCs from the two most damaging types of Internet threats, Spy Sweeper with AntiVirus integrates best–of–breed anti–virus technology from Sophos into Webroot’s award–winning line of Spy Sweeper anti–spyware products.

http://www.webroot.com/company/pressroom/pr/ssav.html

Free Vista to PC Buyers (October to December 2006)

http://www.windowsvista.com/expressupgrade 

Microsoft is working with PC manufacturers (e.g. Dell, HP etc) to provide free Vista to PC buyers.  PC buyers from October to December 2006 that has Windows XP as pre-installed will be able to get free Vista as upgrade.  Check out the above link.

Read the press release at http://www.microsoft.com/presspass/press/2006/oct06/10-24TechGuaranteePR.mspx

CA is offering up to $6,500 in Identity Theft and Virus Protection Coverage on CA Internet Security Suite 2007

http://home2.ca.com/DRHM/Storefront/Company/caconsum/staticContent/SecurityPost/october06/index.html#1

Computer Associates (CA) is offering the following to new and existing customers:

  • Identity Theft Coverage
    CA Internet Security Suite 2007 users can safeguard data on one PC with Mobile Lifeline™ that includes powerful identity theft protection worth up to $5,000 if your identity is compromised. Plus,
  • Virus Protection Coverage
    If a PC fails due to a virus infection after CA Internet Security Suite or CA Anti-Virus is properly installed, the user can receive up to $1,500 in technical service and hardware replacement.

Read more on the above link.  Take note of the footnotes.

Hard to work if there’s only one

I enjoy beta-testing a lot but it's kind of hard to work and to beta-test if I only have one machine.  My 2 desktops were dead.  They died when I moved house.  The 'movers' accidentally dropped BOTH desktops.  All are in pieces.  My external drive is working though so that helps in storing anything I can't afford to lose this time and until I get a new desktop.  I'm planning to get from Dell again.  I was very disappointed with Dell Inspiron 630m and Inspiron 9400 (hardware issue out-of-the-box).  I thought I will never order from Dell again.  I am happy that the Dell XPS M1210's hardware didn't have problem from out of the box.  Anyway, I'm thinking to get either Dell Dimension E520 or 9200.  I like the look of Dimension C521 because it is slim but it has AMD.  I prefer Intel processors. 

 

Symantec Device Driver Elevation of Privilege

Symantec was notified of a vulnerability in a device driver which, if successfully exploited, could allow a local attacker to execute arbitrary code with elevated privileges or to crash the system.

Affected Products

ProductVersionSolution
Symantec AntiVirus Corporate Edition8.18.1.1 MR9
https://fileconnect.symantec.com/
Symantec AntiVirus Corporate Edition9.0.3 and earlier 9.0.4 MR4 build 1000 or later
https://fileconnect.symantec.com/
Symantec Client Security1.11.1.1 MR9 Build 393
https://fileconnect.symantec.com/
Symantec Client Security2.0.3 and earlier2.0.4 MR4 build 1000
https://fileconnect.symantec.com/

More at http://securityresponse.symantec.com/avcenter/security/Content/2006.10.23.html