Lavasoft announces the launch of Ad-Aware SE

NEW features in Ad-Aware SE Professional edition New command line parameters that allow for silent and automated operation of Ad-Aware UNC support for remote storage of Preferences, definitions, and log files New results screens and detailed statistics Improved logging and reporting Hardened against third party uninstall with encrypted preference files Links to more information on detected content from our website New safety option that allows you to write protect sensitive system files such as the Hosts file Scanning engine improvements Extended Memory scanning Now scans all modules loaded by a process Uses our all new CSI (Code Sequence Identification) technology … Continue reading Lavasoft announces the launch of Ad-Aware SE

Windows XP SP2 may stop the worms

Service Pack 2, the long-awaited upgrade to Windows XP, will prevent the rapid spread of worms such as Sasser, according to a security company that has reverse-engineered some of the code   Windows XP SP2, which has finally been released for manufacturing, is designed to make the Windows operating more secure by offering a host of new features and functionality. Part of that increased security is protection against buffer overflows, which are a vulnerability that has been exploited to great effect by high-profile worm attacks such as Sasser, Slammer, and Blaster. Security company F-Secure has reverse-engineered SP2, a process the company compares … Continue reading Windows XP SP2 may stop the worms

AOL Instant Messenger “Away” Message Buffer Overflow Vulnerability

Secunia Advisory: SA12198    Release Date: 2004-08-09  Critical: Highly critical Impact: System access Where: From remote Software: AOL Instant Messenger 5.x Ryan McGeehan has reported a vulnerability in AOL Instant Messenger (AIM), which potentially can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error within the handling of “Away” messages and can be exploited to cause a stack-based buffer overflow by supplying an overly long “Away” message (about 1024 bytes). A malicious website can exploit this via the “aim:” URI handler by passing an overly long argument to the “goaway?message” parameter. Successful exploitation may allow execution of arbitrary code on … Continue reading AOL Instant Messenger “Away” Message Buffer Overflow Vulnerability

Mozilla Application Suite for Tru64 UNIX libpng Vulnerabilities

Secunia Advisory: SA12240    Release Date: 2004-08-09  Critical: Highly critical Impact: DoSSystem access Where: From remote Software: Mozilla Application Suite for Tru64 UNIX 1.x Description:HP has confirmed some vulnerabilities in the Mozilla Application Suite for Tru64 UNIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerabilities affect versions prior to 1.7. Solution:Install Mozilla Application Suite for HP Tru64 UNIX V1.7.http://h30097.www3.hp.com/internet/download.htm http://secunia.com/advisories/12240/

Windows XP Service Pack 2 distribution plan

On Friday August 6th, Microsoft released Windows XP Service Pack 2 to manufacturing. On-line distribution will be the primary distribution vehicle for Windows XP Service Pack 2 and below is a summary of the key milestones of the distribution plan: 8/6   Release to manufacturing8/9  Release to Microsoft Download Center (network installation package)8/9  Release to MSDN subscription site (CD ISO image)8/10  Release to Automatic Updates (for machines running pre-release versions of Windows XP Service Pack 2 only)8/16  Release to Automatic Updates (for machines NOT running pre-releases versions of Windows XP Service Pack 2)8/16  Release to Software Update ServicesLater in August Release … Continue reading Windows XP Service Pack 2 distribution plan

Pocket PC Trojan Found In the Wild

Pocket PC Trojan Found In the Wild … by an antivirus company, Kaspersky Labs. Either way, this is an interesting development and indicates that the race to own the mobile PCs of the world is well underway. Details on “Backdoor.WinCE.Brador.a” are available at Viruslist. http://www.viruslist.com/eng/viruslist.html?id=1984055 Source: http://isc.sans.org/diary.php?date=2004-08-05  

Microsoft Releases Windows XP SP2 To OEMs

Windows XP Service Pack 2 released to manufacturing today after an unexpected two-day-long delay due to some unspecified issues. Microsoft is simultaneously releasing the final code and a Preinstall Kit to OEMs. The Redmond, Washington software giant will also be refreshing the Windows XP retail package gradually, so by the end of October, consumers will be able to buy a boxed version of Windows XP SP2. http://www.extremetech.com/article2/0,1558,1632918,00.asp

Yahoo clamps down on Claria adware

Yahoo strengthened its new anti-spyware application to detect pop-up advertising software, including that of its longtime partner Claria, formerly known as Gator. The Web portal said this week it updated and widely released Anti-Spy, software built into its pop-up blocking toolbar that helps consumers identify nefarious applications known as spyware that can overtake the PC with ads or sniff out personal data such as credit card information. The update includes detection for adware, or software that monitors Web surfing behavior to deliver online ads, but which is thought of as a less-threatening cousin to spyware. http://news.com.com/Yahoo+clamps+down+on+Claria+adware/2100-1024_3-5300287.html

Yahoo’s Anti-Spy toolbar feature buggy

Yahoo on Friday confirmed that its recently released toolbar has mistakenly linked an alleged spyware program with a product that has nothing to do with the application in question. A company representative said late Friday that its toolbar’s Anti-Spy feature incorrectly identified alleged “hijacker” software known as SearchCentrix as being bundled with Claria’s Gator eWallet product, which is designed to manage usernames and passwords. Hijacking programs redirect search results or tamper with browser settings, according to Yahoo. “The SearchCentrix hijacker was incorrectly identified by our application” as a component of Claria’s eWallet software, a Yahoo representative said. “We have no … Continue reading Yahoo’s Anti-Spy toolbar feature buggy

What an SP2 day today again :-)

Few days ago I removed XP SP2 RC2 Build 2162.  Add/Remove programs handled it well.  Did this to make way for this much awaited final build of XP SP2. Yes, finally it is finalized by Microsoft. So far so good.  You’ll see prompts here and there but that’s OK because it will protect you.  With IE SP2 – you’re protected from auto-installs of anything or auto-run of anything while viewing any site because it will prevent any automatic installation of anything from sites without your approval.  MSDN subscribers can download the final build.  XP SP2 beta-testers can grab it too from Microsoft … Continue reading What an SP2 day today again 🙂