Peaches

'Critical' Windows Bug Threatens Launch Analysis: An apparent fatal flaw in the NTFS driver stack may bring Microsoft's Windows 7 impending victory parade to a grinding halt. Randall C. Kennedy, InfoWorld Oh boy! It appears that Microsoft's glowing track record with Windows 7 is about to come to an abrupt and unceremonious end. According to various Web sources, the RTM build 7600.16385 includes a potentially fatal bug that, once triggered, could bring down the entire OS in a matter of seconds. Bug Details The bug in question -- a massive memory leak involving the chkdsk.exe utility -- appears

6 August 2009, 15:45 Naming trick opens mail servers A number of Vietnamese spam sources are currently attracting attention because the spammers have equipped the relevant hosts with DNS pointer records called "localhost". As a result, IP addresses like 123.27.3.81, 222.252.80.188 or 123.16.13.188 produce this name when a reverse look-up occurs. The problem is caused by badly configured Domain Name Systems, as "localhost" should generally translate to a single IP address – 127.0.0.1 – which is reserved for local system loopback. Some mail servers are configured in such a way that they don't e

August 6, 2009 4:00 AM PDT Is Adobe the next (pre-2002) Microsoft? by Elinor Mills If you're a criminal and you want to break into a network, a common attack method is to exploit a hole in software that exists on most computers, has its fair share of holes, and isn't automatically updated. In 2002, that would have been Windows. Today, it's likely to be Adobe Reader or Flash Player, whose share of vulnerabilities and exploits are on the rise while Microsoft's is falling. Nearly half of targeted attacks exploit holes in Acrobat Reader, which is used to read PDF (portable document format) fil

August 6, 2009 12:09 PM PDT Microsoft to fix critical Windows, Office holes by Elinor Mills Microsoft will issue fixes for five critical holes affecting Windows and a variety of other software on Patch Tuesday next week. The critical holes, which could allow an attacker to remotely run code on a PC and take control of it, affect Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and 2008, Windows Client for the Mac, Office 2000, XP and 2003, Microsoft Office Small Business Accounting 2006, Visual Studio .NET 2003, Microsoft Internet Security and Acceleration Server 2004 and 2006, a

Microsoft releases Windows 7 to MSDN, TechNet today Final code reaches select few By Kelly Fiveash Microsoft is shoving the finalised version of Windows 7 out the door today for a select bunch of customers. The operating system, which was released to manufacturing last month, is now available to TechNet and MSDN subscribers. Additionally, some independent software and hardware vendors can also expect to get their mitts on the goods from today. On Friday Software Assurance subscribers - typically corporates with volume licence deals for the OS - will be able to download the official RTM English

Twitter hit by denial-of-service attack 6 August 2009, 17:34 Twitter hit by denial-of-service attack At approximately 15:00 GMT, the popular Twitter microblogging service website and API that powers various Twitter clients went down. According to Twitter's status web page, the service has been hit by a massive denial-of-service attack (DoS). The service has been down for over two hours and the team are still "continuing to defend against and recover from this attack". The status blog updates advise that the site should be back online, but some users are still encountering problems accessing

Aug6 2009 The Real Face of KOOBFACE 1:03 am (UTC-7) | by Ryan Flores (Advanced Threats Researcher) A year after its first discovery, Koobface is still generating a lot of noise, no thanks to its high activity level over the past several weeks. But one year is a long time for a malware to stay alive. Storm didn’t make it out of its first year. Waledac has been around for a while, but it sleeps and wakes up only when it wants to. But Koobface? It has continued to maintain its success and just seems to keep on improving. Although not as large and widespread compared to Storm or Waledac duri

Windows 7: Four Reasons to Upgrade, Four Reasons to Stay Away Matt Lake, Computerworld Aug 4, 2009 6:10 am The release of Windows 7 to manufacturing begins a tale of two operating systems: the one you want and the one you don't. It is packed with improvements and cool stuff, but it still carries a whiff of Vista that may put XP diehards off. That said, people who have gotten used to Vista will enjoy the fact that Windows 7 looks the same but acts a whole lot better. Like many people who compute both at home and at work, I use XP and Vista as well as Mac OS X Leopard, and I like elements of al

Twitter blocks malicious links in tweets But TinyURL and Bit.ly offer easy workaround Robert McMillan Twitter has introduced a feature to prevent users from posting links to malicious websites, althuogh security experts warn that it can be easily circumvented. The feature was first noticed by Mikko Hypponen, chief research officer with security company F-Secure. When someone tries to post a link to a malicious website, Twitter pops up a short notification saying "Oops! Your tweet contained a URL to a known malware site," and, after a few seconds, deletes the post. Twitter is using Google's Sa

5 August 2009, 11:21 Java 6 Update 15 available Sun has released JDK and JRE 6 Update 15 as well as JDK and JRE 5.0 Update 20 of its Java development and run time environment. With these versions, the developers fixed numerous bugs and resolved several security issues. One of the security problems gives untrusted applets access to a system, allowing attackers to gain control of a PC. Some of the holes are based on integer overflows when processing images and in connection with the Unpack200 JAR tool. Sun had to fix a similar flaw in the JAR tool in March 2009. details heise security - http://

Web Surfers Forced to Choose Security or Anonymity Tim Greene, Network World Sunday, August 02, 2009 10:22 AM PDT A Google service that helps protect Internet surfers from malicious sites also gathers data about browsing activities that users are trying to keep secret, a researcher told attendees at the Black Hat security conference last week in Las Vegas. Take our quiz on Black Hat's most notorious incidents Google Safe, a database service that warns Internet users when they are about to enter infected pages, marks browsers so the users can be identified even if they proxy all their traffic

Microsoft Releases Windows XP Mode RC for Win7 Jason Cross Aug 4, 2009 12:33 pm Announced today on the official Windows 7 Team Blog, Microsoft has just made available the release candidate for Windows XP Mode. You can grab it here. http://www.microsoft.com/windows/virtual-pc/download.aspx Windows XP Mode, for those that don't know, is a free downloadable "virtual XP environment" for Windows 7. It's provided mainly as a way for businesses to migrate to Windows 7 without worrying about that one application they rely on that just won't run on Vista or Win7. We gave five reasons why it's not good

If you are having issues getting the patch for adobe flash ... you can download it from here: http://www.adobe.com/support/flash/downloads.html Adobe Flash Player 10 Security Release Update for Flash CS4 Professional 07/30/2009 This download contains fixes for critical vulnerabilities identified in Security Bulletin APSB09-10 Flash Player update available to address security vulnerabilities. The update replaces the Debug and Release versions of Flash Player 10 browser plugins and standalone players that are included in the initial release of Flash CS4 Professional (player version 10.0.2.54).

Sun Java JDK / JRE Multiple Vulnerabilities Highly critical Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. 1) An error in the JRE SOCKS proxy implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtain the username of the user running the applet or application. 2) An error in the JRE proxy mechanism implementation can be exploited by untrusted applets or untrusted Java Web Start applications to obtai

Apple fixes hole with Mac OS X image viewing by Elinor Mills Apple on Wednesday issued a security update that fixes 18 vulnerabilities including several that put computers running Mac OS X at risk of remote code execution if a maliciously crafted image is viewed. In addition to fixing a problem with how PNG images are handled, Security Update 2009-003 fixes issues related to ImageIO's handling of OpenEXR images, EXIF metadata, as well as Canon RAW images and images with an embedded ColorSync profile. The update, which arrives as part of the release of Mac OS X v10.5.8, extends the list of con

Windows 7 Activation Already Hacked Gregg Keizer, Computerworld Pirates have cracked Windows 7's product activation just a week after the operating system made RTM and a week before it's slated to reach users, Microsoft confirmed today. he product key posted on the Web purportedly comes from Lenovo, one of Microsoft's major OEM partners, and allows users to activate downloaded copies of Windows 7 Ultimate RTM (release to manufacturing), which leaked to the Internet last week, shortly after Microsoft announced it had finished the operating system. According to Windows enthusiast site Neowin, o

Bugs and Fixes: Grab an Essential Fix for Internet Explorer Plus: Close serious holes in Office, Reader, Shockwave, and Firefox. Erik Larkin, PC World With critical updates from Adobe, Foxit, and Mozilla joining a bevy of essential patches for Internet Explorer and Office, the fixes are running hot this summer. After an ebb of only one patch in Microsoft's previous regular cycle, the flow resumed in force as Microsoft plugged 31 vulnerabilities. The most important update fixes flaws that could allow an attacker to take over your PC or steal data if you view a poisoned Web page. Collectively, t

Top 10 Gaming Desktop PCs These powerful desktops use overclocked CPUs, one or more ultra-high-end graphics cards, and gobs of high-speed storage to put performance above all else. Danny Allen, PC World http://www.pcworld.com/article/134752/top_...esktop_pcs.html

Hackers Rig ATMs In Las Vegas Hotel, Secret Service Investigating While white-hat hackers were trying to stay one step ahead of the bad guys at Black Hat USA and Defcon, a real computer crime was committed nearby Aug 03, 2009 | 03:49 PM By Kelly Jackson Higgins DarkReading While the good hackers were exposing security holes at Black Hat USA and Defcon in Las Vegas, the bad guys were committing the real deal at a nearby Rio All-Suite Hotel & Casino. And now the U.S. Secret Service is investigating reports of a major ATM hack that stole money from users' bank accounts when they tried to w

Symantec Protection Suite Delivers Streaming Defense Against Web 2.0 Threats Web Gateway 4.5, available as part of Symantec Protection Suite Enterprise Edition, protects customers against Web-based threats Aug 04, 2009 | 10:44 AM CUPERTINO, Calif. - August 3, 2009 - Symantec Corp. today expanded its ability to protect enterprises against web-based threats with the addition of Web Gateway 4.5 to its Symantec Protection Suite Enterprise Edition. The Web security appliance provides comprehensive protection by employing multiple layers of antimalware technologies including Symantec's antivirus e

Firefox 3.5.2 and 3.0.13 fix security vulnerabilities The Mozilla Foundation has released new versions of its Firefox browser which fix four security vulnerabilities in the 3.5 branch and three in the 3.0 branch. One of the vulnerabilities enables an attacker to execute JavaScript with maximum browser privileges (chrome). In addition, crashes in specific situations suggest the existence of exploitable memory errors, which the developers have, with their usual caution, classed as critical. The updates also remove a bug which could allow fraudsters to present crafted websites as being SSL prote

Cory Aquino’s Death Used to Spread Another FAKEAV by Det Caraig (Technical Communications) It has only been a few days since former Philippine president Corazon Aquino died of cardio-respiratory arrest last Saturday (August 1). Cybercriminals are already well on their way to use this event for their own selfish gains. Cybercriminals use popular and high interest events to further their cause—in this case, spreading fake antivirus software detected by Trend Micro as TROJ_FAKEALRT.FK. Trend Micro threat analyst Joseph Pacamarra found that searching for details on the former president’s death w

Adobe patches vulnerability in Reader and Acrobat Over the weekend, Adobe released updates for its Reader and Acrobat products for Windows, Mac and Unix. The updates fix critical security vulnerabilities relating to Flash content which affect not only Flash Player, but can also be exploited to inject and execute malicious code through the vendor's PDF applications. A number of anti-virus software vendors report that attackers are already actively exploiting the vulnerabilities to infect Windows PCs with malware. Users should update Adobe Reader to version 9.1.3 using the automatic update func

Ooops ... thought maybe a few of us may have missed it. My apologies.

List of Antivirus Software not Compatible with Windows 7 Antivirus software NOT compatible with Windows 7 Beta Windows Live One Care (ironical!!) McAfee Virus Scan Trend Micro Internet Security 2009 Got a heads up that these antispyware softwares are having problems- Super-Antispyware Antivirus Software which are tested to be compatible with Windows 7 Beta AVG Free Avira Antivir [Get 6 month FREE license key HERE] Norton Antivirus 2009 Avast antivirus Kaspersky antivirus NOD 32 Beta 4 PCGuard Anti-Virus Microsoft Forefront Client Security (Enterprise) COMODO The full compatibility of all of th