Review: Yoggie Pico personal firewall
,----[ Quote ]
| In summary, the Yoggie Pico appears to perform as advertised,
| silently thwarting attacks and exploits, and without requiring
| installation expertise. Unlike our ZoneAlarm and other software
| firewalls we have used, the device was refreshingly silent, never
| producing esoteric, jargon-rich error messages that made us stop
| and scratch our heads -- after the initial browser certificate
| message, at least.
|
| Technical users, though, may not appreciate the Yoggie's stoic
| nature. A richer Web interface with easier log file viewing and
| sorting might make the device more appealing to power users.
`----
http://www.linuxdevices.com/articles/AT8368967523.html
Related:
Windows cursor patch causing trouble
,----[ Quote ]
| Installing Microsoft's Tuesday patch for a "critical" Windows
| vulnerability is causing trouble for some users.
`----
http://news.com.com/Windows+cursor+patch+causing+trouble/2100-1002_3-6173413.html
Vista affected as well.
Microsoft fixes nasty DNS server, Exchange flaws
,----[ Quote ]
| The Exchange update fixes previously undisclosed flaws in
| Microsoft's messaging software that could be exploited to
| seize control of the server, said Paul Zinski, director of
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^
| product and market strategy at PatchLink Corp.
`----
http://news.yahoo.com/s/infoworld/20070508/tc_infoworld/88368
Microsoft Better at Patching XP Than Vista
,----[ Quote ]
| A Microsoft Corp. security executive released data Thursday showing that,
| six months after shipping Windows Vista, his company has left more
| publicly disclosed Vista bugs unpatched than it did with Windows XP.
|
| [...]
|
| "This is an apples-to-oranges comparison," said HD Moore, one of the hackers
| behind the popular Metasploit penetration testing toolkit. "If you want a
| more accurate view, try comparing the number of flaws between
| Microsoft-developed software and vendor-X-developed software. Most Linux
| vendors don't actually write the majority of the packages they include," he
| said via e-mail.
|
| "Alternatively, force Microsoft to include all vulnerabilities in common
| third-party software," he added. "For example, the thousands of exploitable
| ActiveX controls that... vendors include with a Windows system."
`----
http://news.yahoo.com/s/pcworld/20070622/tc_pcworld/133308
Microsoft is Counting Bugs Again
,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a
| good accounting.
|
| [...]
|
| The point: Don't count on security flaw counting. The real flaw is
| the counting.
`----
http://www.microsoft-watch.com/content/security/microsoft_is_counting_bugs_again.html?kc=MWRSS02129TX1K0000535
Skeletons in Microsoft’s Patch Day closet
,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.
`----
http://blogs.zdnet.com/security/?p=316
Beware of undisclosed Microsoft patches
,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----
http://blogs.zdnet.com/microsoft/?p=527
|
|
