AOL acknowledged vulnerability with AIM

AOL has acknowledged a potentially serious security vulnerability affecting users of its popular AOL Instant Messenger software. VENDOR RESPONSE iDEFENSE has been working with AOL since 07/12/2004 regarding this issue to allow the vendor time to implement a patch. However, on 08/09/2004 an advisory was released by Secunia (http://secunia.com/advisories/12198/) as the same issue was discovered by another group of researchers. With the issue is now public, iDEFENSE is proceeding with public disclosure. AOL has provided the following statement: “iDEFENSE, Inc. reported a buffer overflow vulnerability in all Windows versions of AOL Instant Messenger (AIM). The impact of this vulnerability could … Continue reading AOL acknowledged vulnerability with AIM

AOL, Yahoo rolling out sender authentication

ISPs AOL and Yahoo plan to begin using technology to verify the source of e-mail messages in coming months, as both companies step up efforts to stop spam e-mail, according to information provided by the companies. In September, AOL will verify the source of incoming e-mail using a component of Microsoft’s Sender ID authentication architecture. Yahoo will use its DomainKeys authentication technology to sign all e-mail coming out of the company’s mail servers by the end of 2004, according to spokesmen for the companies. The decisions are part of an industry-wide push to thwart spam and online scams known as … Continue reading AOL, Yahoo rolling out sender authentication

Toolkits to Unblock/Block Delivery of Windows XP SP2 – Name it.. they have it!

Microsoft released some interesting toolkits today: Executable to Un-block Delivery of Windows XP SP2 to a PC Through Automatic Updates and Windows Update Executable to Temporarily Block Delivery of Windows XP SP2 to a PC Through Automatic Updates and Windows Update Toolkit to Temporarily Block Delivery of Windows XP SP2 to a PC Through Automatic Updates and Windows While recognizing the security benefits of Windows XP SP2, some organizations have requested the ability to temporarily disable delivery of this update via Automatic Updates (AU) and Windows Update (WU). These organizations have populations of PCs, upon which they have enabled AU. … Continue reading Toolkits to Unblock/Block Delivery of Windows XP SP2 – Name it.. they have it!

Calendar of Updates (CoU) moved

One is enough, two is too much…. [Rant on] My homepage dozleng.com and Calendar of Updates (CoU) – where users tracks and posts software updates was down again.  Kernel issue as per local host.  It was down more than 30 hours.  We lost 3 days of database. After a week, it’s down again.  Server crashed and HD failure as per local host.  No idea yet how much database we lost.  I and the CoU team can’t stand it.  You know what others usually say “one is enough…two is too much.. “ So we decided to make a move. Calendar of … Continue reading Calendar of Updates (CoU) moved

Microsoft Security Bulletins for August 2004

Today Microsoft released the following Security Bulletins. Note: www.microsoft.com/technet/security and www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details. Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided. … Continue reading Microsoft Security Bulletins for August 2004

More on Windows XP Service Pack 2

Windows XP Service Pack 2 Network Installation Package for IT Professionals and Developers is now available.  Note: DO NOT CLICK DOWNLOAD IF YOU ARE UPDATING JUST ONE COMPUTER: A smaller, more appropriate download will be available soon on Windows Update. To receive this download, turn on the Automatic Updates feature in Windows XP to receive an optimized download of SP2.Please visit Protect Your PC http://www.microsoft.com/protect for more information on receiving Windows XP SP2. Some Windows XP SP2 documents & tools: Changes to Functionality in Microsoft Windows XP Service Pack 2 Group Policy Settings Reference for Windows XP Professional Service Pack … Continue reading More on Windows XP Service Pack 2

Banner Ad Networks Used for Attacks

Security problems involving banner advertising networks go beyond the recent distributed denial of service (DDoS) attack on DoubleClick. Banner networks, with their ability to place code on hundreds of outside sites, offer a vehicle for the rapid distribution of trojans and other malware, as well as a way to deface web pages. In a troubling development, phishing scams have recently demonstrated the ability to install keylogging trojans via banner ads. The attack on DoubleClick caused performance problems for the network’s clients. But in recent weeks, several smaller banner networks have been used to inject malicious code into web sites. In … Continue reading Banner Ad Networks Used for Attacks

Firefox has more security holes than Internet Explorer?

Tom Warren posted in Neowin.net the following: “As crazy as the title of this news post may sound, it’s true to some extent. Mozilla Firefox has managed to rack up 10 security holes in 4 months compared to 7 security holes in Internet Explorer within 4 months. The statistics show that having a product that isn’t used by 1000s makes it “more secure” as less hackers/spammers need to attack it. As the release of XPSP2 has just finished up we should see less IE holes over the coming months but if this trend contines then where will Firefox be in … Continue reading Firefox has more security holes than Internet Explorer?