-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
AVG Notes Rise in Number of Malicious Web Sites
,----[ Quote ]
| AVG is seeing between 200,000 to 300,000 new Web sites per day hosting code
| that can in some cases result in a PC being infected with malware just by
| visiting the site, said Roger Thompson, AVG's chief research officer.
`----
http://www.pcworld.com/article/158402/avg_notes_rise_in_number_of_malicious_web_sites.html?tk=rss_news
Recent:
The wonders of Windows: worms, worms, worms
,----[ Quote ]
| It would have been good to have some equivalent of Delilah on Windows to
| negate the role of this browser, but, sadly there is none. There are some
| third-party applications like XPlite , developed by Australian Shane Brooks,
| which do remove most of IE but then which browser do you use to update
| Windows? Only IE supports ActiveX.
|
| You can, of course, move from XP to Vista where the updates are done through
| the control panel but that would be the equivalent of offering a man a choice
| between arsenic and cyanide for breakfast.
`----
http://www.itwire.com/content/view/22527/1148/
Related:
With Vista breached, Linux unbeaten in hacking contest
,----[ Quote ]
| The MacBook Air went first; a tiny Fujitsu laptop running Vista was hacked on
| the last day of the contest; but it was Linux, running on a Sony Vaio, that
| remained undefeated as conference organizers ended a three-way computer
| hacking challenge Friday at the CanSecWest conference.
`----
http://www.linuxworld.com/news/2008/032908-with-vista-breached-linux-unbeaten.html?fsrc=rss-linux-news
Windows Update's Sneaky Updates
,----[ Quote ]
| "The only altered files that have been reported to date are 18 small
| executables used by WU itself. Microsoft is patching these files silently,
| even if auto-updates have been disabled on a particular PC."
`----
http://www.microsoft-watch.com/content/operating_systems/windows_updates_sneaky_updates.html?kc=MWRSS02129TX1K0000535
Microsoft reacts to kernel hacks, defends Vista
,----[ Quote ]
| Microsoft wasn't much help in figuring out exactly what was beefed up by the
| PatchGuard update; the accompanying information was extremely vague. The
| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting
| to the center's blog. "The update adds additional checks to Kernel Patch
| Protection for increased reliability, performance, and security," Conant
| said.
`----
http://www.infoworld.com/article/07/08/15/Microsoft-reacts-to-kernel-hacks_1.html?source=rss&url=www.infoworld.com%2Farticle%2F07%2F08%2F15%2FMicrosoft-reacts-to-kernel-hacks_1.html
Skeletons in Microsoft’s Patch Day closet
,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.
`----
http://blogs.zdnet.com/security/?p=316
Beware of undisclosed Microsoft patches
,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----
http://blogs.zdnet.com/microsoft/?p=527
Microsoft : Arrogance leads to Vulnerability
,----[ Quote ]
| Chatting with the Microsoft senior sales people, I was struck by
| their incredible arrogance. They know the company?s products are good,
| but they have no qualms whatsoever about charging top dollar as a
| result.
|
| It reminds us how Microsoft used to behave when it comes to their
| products' security records. IE5 and 6 were nothing short of being
| proper Swiss Cheese with loads of holes in them but hey, they had 95%
| of the browser market at that time and couldn't care less.
`----
http://securityblog.itproportal.com/?p=514
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkl/hQMACgkQU4xAY3RXLo5K3QCfQRISSOlu7kDn2dVXe/RRc034
OQEAnR3WibrpN0umtP2cgfih3VErJT8z
=mTdT
-----END PGP SIGNATURE-----
|
|
