Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

New Internet Explorer KB articles

September 25th 2006

BUG: The Setup program does not respond when you deploy a ClickOnce application over the Internet or over an intranet and a user clicks Install or Run on a published page in Internet Explorer 6When you deploy an application that uses ClickOnce technology over the Internet or over an intranet, a user on a client […]

Read On Comments Off on New Internet Explorer KB articles

Say what? California Attorney General is suing car makers for damages over global warming

September 23rd 2006

For crying out loud: "In a first-of-its-kind suit, California Attorney General Bill Lockyer is demanding damages from automakers for the impact of global warming."http://www.overlawyered.com/2006/09/calif_ag_sues_automakers_for_g.html

Read On Comments Off on Say what? California Attorney General is suing car makers for damages over global warming

Important – IE VML Vulnerability – IE7 is immune

September 22nd 2006

Internet Explorer 7 is immune to this vulnerability (just like it has been immune to virtually all the other vulnerabilities that have been announced).  I strongly recommend that you update to the IE7 Release Candidate as soon as possible. To quote the IE team themselves back in August "…With the exception of a very short list of issues we’re aware […]

Read On 2 Comments

ActiveNetworks takes a swipe at Microsoft and Internet Explorer – perhaps they should stop allowing Winfixer to be advertised on their site before throwing stones.

September 21st 2006

"Seriously, how many times must users and businesses be kicked in the face before they buy a clue? Before they realize that they don't have to stay in the abusive Microsoft relationship? The answer seems to be: an unlimited number of times. Take, for example, Internet Explorer. In the latest bad news, the newest zero-day […]

Read On Comments Off on ActiveNetworks takes a swipe at Microsoft and Internet Explorer – perhaps they should stop allowing Winfixer to be advertised on their site before throwing stones.

My first foreign language phishing email

September 21st 2006

I've just started working with Windows Mail in Vista.  I was particularly interested in seeing the phishing filter in action. There was the normal paypal phishing, and ebay phishing, and bank phishing, but the two newest phish emails were ones I have not seen before.  They were in Hebrew and *very* simplistic.  No fancy scripting… […]

Read On Comments Off on My first foreign language phishing email

RSS security in IE7 and attachments – how does it work?

September 20th 2006

The RSS team have written a new article about RSS in IE7 and how it handles attachments:http://blogs.msdn.com/rssteam/archive/2006/09/20/763966.aspx Of particular interest is this comment: "We decided not to permit directly-executable (i.e. any file that would execute arbitrary code when double-clicked) or other dangerous files to be downloaded as feed enclosures (there are no common scenarios that […]

Read On Comments Off on RSS security in IE7 and attachments – how does it work?

SPI Dymanics reports on RssReader vulnerability

September 20th 2006

Cite Secunia:http://secunia.com/advisories/21994/ "The vulnerabilities are caused due to input validation errors in the processing of Atom and RSS feeds. This can be exploited to inject and execute arbitrary HTML and script code in context of the feed by tricking a user into adding a malicious feed and then viewing the content of it." Please rest […]

Read On Comments Off on SPI Dymanics reports on RssReader vulnerability

By far the funniest, and the most sale-destroying, product review I have read in a long time.

September 20th 2006

"Uh oh, that didn't go quite as planned" says Sprint Person 1 to Sprint Person 2. Sprint sent Joel Spolsky one of their new phones to review on his blog – an LG Fusic. Joel doesn't like the phone. Joel makes it very clear to his gentle readers that he doesn't like the phone, and […]

Read On 1 Comment

Information about the IE VML Vulnerability

September 19th 2006

Information about IE VML vulnerability posted at MS. http://www.microsoft.com/technet/security/advisory/925568.mspxhttp://support.microsoft.com/kb/925568 Jesper has also posted information about how to mitigate the threat as well: http://msinfluentials.com/blogs/jesper/archive/2006/09/19/Block-VML-Zero_2D00_Day-Vuln-on-a-domain.aspx Microsoft Security Response Centre blog:http://blogs.technet.com/msrc/archive/2006/09/19/457560.aspx Note that there will hopefully be an update released to address the vulnerability on or before 10 October 2006.

Read On 1 Comment

Signs of life in the Windows Genuine Advantage blog

September 19th 2006

They've been too quiet over there, without a single post for the entire month of September. Alex is back now, and being the person that I am, his last paragraph was the one that interested me the most.  He says: "Another thing that has been keeping me pretty busy is the time I’ve spent supporting […]

Read On Comments Off on Signs of life in the Windows Genuine Advantage blog


Archives