Microsoft Files More Anti-Spam Lawsuits in Conjunction With Leading ISPs

 Microsoft Joins America Online, EarthLink and Yahoo! Against Alleged Spammers Microsoft Corp. today announced the filing of three new anti-spam lawsuits under the CAN-SPAM federal law as part of its continued commitment to solving the spam problem for Internet users worldwide. The announcement was made in conjunction with industry partners America Online Inc., EarthLink Inc. and Yahoo! Inc., who also filed separate lawsuits against accused spammers today in courts in Virginia, Georgia and California. America Online filed two lawsuits, and EarthLink and Yahoo! each filed a single lawsuit. http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/10-28-2004/0002315489&EDATE=

Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability

Vulnerable:Microsoft Internet Explorer 6.0 SP1Microsoft Internet Explorer 6.0   – Microsoft Windows 2000 Advanced Server   – Microsoft Windows 2000 Advanced Server SP1   – Microsoft Windows 2000 Advanced Server SP2   – Microsoft Windows 2000 Datacenter Server   – Microsoft Windows 2000 Datacenter Server SP1   – Microsoft Windows 2000 Datacenter Server SP2   – Microsoft Windows 2000 Professional   – Microsoft Windows 2000 Professional SP1   – Microsoft Windows 2000 Professional SP2   – Microsoft Windows 2000 Server   – Microsoft Windows 2000 Server SP1   – Microsoft Windows 2000 Server SP2   – Microsoft Windows 2000 Terminal Services   – Microsoft Windows 2000 Terminal Services SP1   – Microsoft Windows 2000 Terminal … Continue reading Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability

Internet Explorer HHCtrl ActiveX Control Cross-Domain Scripting Vulnerability

Vulnerable: Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer is reported prone to a cross-domain scripting vulnerability. The vulnerability is reported in the ‘hhctrl’ Internet Explorer ActiveX control and could allow an attacker to influence Internet Explorer into running script in the context of a foreign domain. http://www.securityfocus.com/bid/11521/discussion/

Finnish Linux vendor offers Red Hat legacy customers a security lifeline

“Less than a week after Red Hat discontinued update services for its Red Hat Enterprise Linux 3.0 customers who do not renew their subscriptions, Finnish Linux vendor Lineox has announced unified security and bug fix update services for its Linux operating system that is based on Red Hat Enterprise Linux source code. Lineox also says they are teaming up with Linux software management tool provider Open Country so joint customers can utilize Lineox Update Services and OC-Manager system management software for new system provisioning, software management, asset management, backup/restore, remote administration and remote desktop sharing. Starting last Friday Red Hat … Continue reading Finnish Linux vendor offers Red Hat legacy customers a security lifeline

AOL Reverse Course, Readopts Microsoft Antispam Tech

After dropping support for Microsoft’s Sender ID antispam technology last month, AOL announced this week that it’s once again supporting the technology, thanks to some changes Microsoft recently made. The changes make Sender ID compatible with the Sender Policy Framework (SPF) antispam technology that AOL and other companies are currently testing. AOL says it will begin testing Sender ID on inbound email to its online service by the end of 2004. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=44317

New Caller I.D. spoofing site opens

Web-based caller I.D. spoofing is back, and this time it’s available to everyone. A new website offer subscribers a simple Web interface to a caller I.D. spoofing system that lets them appear to be calling from any number they choose. Called “Camophone,” the service functions much like the Star38.com site that struggled with an abortive launch last month: a user types in their phone number, the number they wish to call, and the number they’d like to wear as a disguise. The system instantly dials back and patches the call through with the properly-forged caller I.D. http://www.securityfocus.com/news/9822

AOL to offer free antivirus protection

America Online on Wednesday said it will bundle McAfee antivirus software for free into its proprietary service and no longer charge a subscription for it. AOL will offer the software, McAfee VirusScan Online, as part of AOL 9.0 Security Edition, debuting in November. AOL said the McAfee product can scan for and remove harmful viruses delivered via peer-to-peer software, Web downloads, CD-ROMs and media files, to name a few. http://news.com.com/AOL+to+offer+free+antivirus+protection/2100-1038_3-5429567.html

EBay virus fears dismissed as scaremongering

Security fears sparked by the recently identified W32/Myfip virus are unfounded, according to a security industry executive who claims the concern is nothing more than empty scaremongering by antivirus firms. The malicious code, branded “the start of a worrying trend” this week by security and antivirus firm MessageLabs, purports to have been sent from eBay.com and uses a previously undocumented packer to make it harder for antivirus software systems to identify. http://www.vnunet.com/news/1159008

Windows Genuine Advantage Offers

Users of genuine Windows XP operating systems are invited to take advantage of the following special offers. Free Offers Photo Story 3 for Windows Bring life into your favorite memories with Photo Story 3 for Windows® by adding motion, effects, music, and more to your digital photos. Easily retouch your images with a single click and add slick-looking titles, or add dramatic pans and zooms that give your creations a professional finish, create a soundtrack—even record narration. Then enjoy the show. Start sharing your stories today! Holiday Fun Pack for Windows XP Coming soon Get the Holiday Fun Pack for … Continue reading Windows Genuine Advantage Offers

Apple released Security Updates

Security Update 2004-10-27Apple Remote DesktopAvailable for: Apple Remote Desktop Client 1.2.4 with Mac OS X 10.3.xCVE-ID: CAN-2004-0962Impact: An application can be started behind the loginwindow and it will run as root.Description: For a system with these following conditions * Apple Remote Desktop client installed* A user on the client system has been enabled with the Open and quit applications privilege* The username and password of the ARD user is known* Fast user switching has been enabled* A user is logged in, and loginwindow is active via Fast User Switching If the Apple Remote Desktop Administrator application on another system is … Continue reading Apple released Security Updates