Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Window Snyder fesses up – Firefox also passes "bad data"

July 24th 2007

Window says: “Over the weekend, we learned about a new scenario that identifies ways that Firefox could also be used as the entry point. While browsing with Firefox, a specially crafted URL could potentially be used to send bad data to another application. We thought this was just a problem with IE. It turns out, […]

Read On Comments Off on Window Snyder fesses up – Firefox also passes "bad data"

Remote control flaw found in iPhone

July 23rd 2007

Independent Security Evaluators discovered the problem, developed a patch and alerted Apple to the exploits on 17 July 2007.  Vulnerability details will be withheld until 2 August to allow Apple to patch the vulnerabilities. ISE reports that “The most glaring is that all processes of interest run with administrative privileges. This implies that a compromise […]

Read On Comments Off on Remote control flaw found in iPhone

fox news site exposes a working user name and password for ftp.g.ziffdavis.com

July 23rd 2007

Edit: The original source article at linuxinit has been deleted (cue Twilight Theme music)…  Original source: http://linuxinit.net/site/?id=664  Found via http://blogs.securiteam.com/index.php/archives/966 Fox News have got their asses hanging out in the fresh air, waiting to be kicked – there’s no other appropriate description for this. “While browsing around the Fox News website, I found that directory indexes are turned on. […]

Read On Comments Off on fox news site exposes a working user name and password for ftp.g.ziffdavis.com

Firefox vulnerable to username and password theft

July 23rd 2007

Firefox is not having a good week.  Hot on the heels of the “Hey Mozilla: Quotes are not legal in a URL” embarrassment, a vulnerability that exposes the usernames and password of FF users has been reported that apparently affects Firefox 2.0.0.5 and earlier. To quote Heise Security, “Firefox, if allowed, can store usernames and […]

Read On 1 Comment

Jesper is alive and posting … damn it’s good to see him back

July 22nd 2007

And… he hasn’t lost his special knack for being able to aim his riposte just right… My regular readers will remember my indignant reaction to Mozilla.org’s advice that we should use Firefox to browse the web to prevent attackers from exploiting MFSA 2007-23. Well, Jesper took things one step further after he spotted a blog post […]

Read On 1 Comment

even the experts can be fooled by phishing sites

July 21st 2007

Yep, even me. McAfee SiteAdvisor have released a phishing quiz. I went in with supreme confidence … I can ace this quiz said I … nope, I got 9 out of 10. “So which question did you get wrong?:, I hear you ask.  It was the question about Chase Bank – I immediately rejected the […]

Read On 2 Comments

Internet Explorer stops responding when you use the AttachEvent method in an ASP.NET application to embed a Microsoft Office Web Components spreadsheet control in IE6

July 21st 2007

You see the following error messages: Internet Explorer has encountered a problem with an add-on and needs to close. The following add-on was running when the problem occurred: File: owc11.dll Company Name: Microsoft Corporation Description: Microsoft Office Web Components 2003 Learn more about add-ons. When you click on Continue you see… Internet Explorer has encountered […]

Read On Comments Off on Internet Explorer stops responding when you use the AttachEvent method in an ASP.NET application to embed a Microsoft Office Web Components spreadsheet control in IE6

Your questions answered: Smartbridge Alerts problem when using IE7

July 19th 2007

How can I not answer the following plea for help? “how do i get rid of smartbridge alerts , please it is driving me crackers.” I assume that the error the writer is complaining about is very similar, if not identical, to this: “SMARTBRIDGE ALERTS: MOTIVE SB.EXE ENTRY POINT NOT FOUND THE PROCEDURE ENTRY POINT […]

Read On Comments Off on Your questions answered: Smartbridge Alerts problem when using IE7

Your questions answered: IE7 crashes when a window is closed

July 19th 2007

I received this email today: “I use Vista.  Each time I close an I.E. window I get a message that IE has stopped working and, eventually IE restarts when I want it closed,  Can you help?” If I were a betting person I’d put my money on an add-on – most likely a toolbar. You […]

Read On 1 Comment

security update: firefox 2.0.0.5 released

July 19th 2007

It is recommended that you update to this version as soon as possible – download here:http://www.mozilla.com/en-US/firefox/ Vulnerabilities fixed: MFSA 2007-25 XPCNativeWrapper pollution MFSA 2007-24 Unauthorized access to wyciwyg:// documents MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer MFSA 2007-22 File type confusion due to %00 in name MFSA 2007-21 Privilege escalation using […]

Read On Comments Off on security update: firefox 2.0.0.5 released


Archives