Taiwan’s hi-tech police have voiced serious concerns about the lack of cooperation from US authorities on important cybercrime issues. Lee Hsiang-chen, head of the Hi-tech Criminal Centre at the National Police Agency of Taiwan, has gone on record as saying that requests for assistance from his unit routinely go unanswered. And all this is happening while serious cybercrimes are being committed, including fraud, piracy and the spread of child pornography. http://www.viruslist.com/en/news?id=208274008
The following bulletins have undergone a minor revision increment. * MS06-059 – http://www.microsoft.com/technet/security/bulletin/ms06-059.mspx – Reason for Revision: Bulletin updated the Knowledge Base Article for “Microsoft Office Excel Viewer 2003” in the “Affected Products” section. – Originally posted: October 10, 2006 – Updated: November 29, 2006 – Bulletin Severity Rating: Critical – Version: 1.1 * MS06-056 – http://www.microsoft.com/technet/security/bulletin/ms06-056.mspx – Reason for Revision: Bulletin updated “Caveats” Section and “What are the known issues that customers may experience when they install this security update?” under the “Frequently Asked Questions (FAQ) Related to This Security Update” section. – Originally posted: October 10, … Continue reading 5 Microsoft Security Bulletin Minor Revisions
F-Secure Security Bulletin FSC-2006-6OpenSSL denial of service vulnerability in F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper Date issued 2006-11-29Last updated 2006-11-29Risk factor Medium (Low/Medium/High/Critical)Brief description OpenSSL has released a security advisory on several vulnerabilities on OpenSSL. These vulnerabilities in OpenSSL can cause Denial of Service Attacks, buffer overflows or client crashes. F-Secure products are only affected by the possible ASN.1-related DoS attacks. (CVE-2006-2937) Versions of F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper use OpenSSL in the administrator web interface. By default the access to the web interface is accepted only from the same host but it can be configured to … Continue reading F-Secure Security Bulletin FSC-2006-6: OpenSSL denial of service vulnerability in F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper
Apple Mac OS X AppleTalk “AIOCREGLOCALZN” Denial of Service Vulnerabilityhttp://www.frsirt.com/english/advisories/2006/4746 A vulnerability has been identified in Apple Mac OS X, which could be exploited by malicious users to cause a denial of service. This flaw is due to an error when calling “ioctl()” on certain AppleTalk sockets with an “AIOCREGLOCALZN” request, which could be exploited by local attackers to panic a vulnerable system, creating a denial of service condition. Affected ProductsApple Mac OS X version 10.4.8 and prior SolutionThe FrSIRT is not aware of any official supplied patch for this issue. Apple Mac OS X “shared_region_make_private_np()” Memory Corruption Vulnerabilityhttp://www.frsirt.com/english/advisories/2006/4762 … Continue reading Multiple Vulnerabilities in Apple Mac OS X
Summary Adobe is aware of a recently published report of potential vulnerabilities in Adobe Reader and Acrobat. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system. Affected software versions Adobe Reader 7.0.0 through 7.0.8 and Adobe Acrobat Standard and Professional 7.0.0 through 7.0.8 on the Windows platform when using Internet Explorer. Users of other browsers are not affected. Solution The Secure Software Engineering team is working with the Adobe Reader Engineering team on an update to Adobe Reader and Acrobat 7.0.8 that will resolve these issues, which is … Continue reading Adobe Security Advisory: Potential vulnerabilities in Adobe Reader and Acrobat
I mentioned earlier that I’m enjoying Vista a lot and here I am again, talking about Vista in a Dell small notebook (XPS M1210) [:D] Watch the video that I created using TechSmith’s SnagIT (thanks TechSmith!). The video is simpy showing that the wifi catcher in the notebook XPS M1210 still works after installing Vista as upgrade or clean-install.
I blogged last October 10th about the Dell fake email that contain an infected file. Dell finally warned their customers via their blog on 26th of November. That’s a bit late Dell but it’s better than never [Y] Laura Bosworth of Dell recommends Dell customers to visit www.dell.com/spoof for more information and how to protect yourself against them. The said www.dell.com/spoof page was published by their Customer Care team or department on 10/20/2006 as Document Number: 310541.
Apple Mac OS X Mach-O Universal Binary Local Privilege Escalation Vulnerabilities http://www.frsirt.com/english/advisories/2006/4714 Two vulnerabilities have been identified in Apple Mac OS X, which could be exploited by local attackers to execute arbitrary code or cause a denial of service. The first flaw is due to an integer overflow error in the “fatfile_getarch2()” function when processing a malformed Mach-O Universal binary, which could be exploited by malicious users to obtain elevated privileges via a specially crafted Mach-O Universal file. The second issue is due to a memory corruption error when handling Mach-O binaries with malformed “load_command” structures, which could be exploited … Continue reading 3 Vulnerabilities in Apple Mac OS X
I created a survey about the above title. It’s in http://www.dozleng.com/updates/index.php?showtopic=12088 OK.. Vista isn’t out-there for home users yet but it is out since Nov. 17 to MSDN, Technet Plus subscribers and others (business – small or big) and most Microsoft MVPs has it now through those subscription/s. So there must be some of you who are reading here or beta-tests Vista before and you might want to participate. Require membership though. It’s free to join! so share us what is your Windows Vista Experience Index Score.
I have something to reveal… I can’t blog much or visit forums (I vist my baby CoU though but I’m not also posting much) because something … got me busy online (not offline). It’s Vista Ultimate. Blame Vista because I’m spending so much time using it! There are many things about Vista that really makes me busy. It has the application that I need and want. To be honest, I haven’t install much stuff in Vista like I used in Windows XP. Reason is not because of compatibility issue but because most of the stuff I need in my daily computing is … Continue reading Vista got me!