Peaches

MacBook Pro EFI Firmware Update 1.7 Available for Download Apple has recently released a new EFI Firmware update for MacBook Pro users, namely version 1.7. According to the company, the update addresses some issues that have been experienced on MacBook Pro 13-inch, Mid 2009; MacBook Pro 15-inch, Mid 2009; and MacBook Pro 15-inch, 2.53GHz, Mid 2009. The change log for the new MacBook Pro EFI Firmware Update 1.7 shows that it is meant to fix some problems that a small number of customers have reported and that surfaced while using drives based on the SATA 3Gbps specification on the June 2009 Mac

23 June 2009, 11:27 Camino web browser updated to 1.6.8 The Camino developers have announced the release of version 1.6.8, a maintenance release that includes several security and stability updates. Camino is a Mac OS X open source browser that's based on Mozilla's Gecko rendering engine and the update upgrades to Gecko version 1.8.1.22, closing several critical security and stability issues. The release also includes improved ad-blocking and fixes for invalid cookies, which previously prevented displaying the list of stored cookies. Typing to choose an item has also been fixed to function pr

23 June 2009, 11:13 SquirrelMail open source project's web server hacked It has just become apparent that, on June 16, attackers hacked into the web server of the SquirrelMail open source project. The operators have suspended all accounts and reset all crucial passwords. Access to the original server and to all the available plug-ins has also been disabled. The operators believe that none of the plug-ins has been compromised, but investigations are still in progress. Third party plug-ins can be used to add features to SquirrelMail. It is currently unknown as to how the intruders hacked into t

23 June 2009, 10:22 Thunderbird 2.0.0.22 fixes vulnerabilities The Mozilla developers have announced the release of Thunderbird 2.0.0.22, fixing several security vulnerabilities in the open source email client. The security and stability update addresses a total of seven security vulnerabilities, most of which were also patched in the recent Firefox 3.0.11 security update. The update fixes a vulnerability, classified as "high", that could result in an exploitable crash when viewing a multipart/alternative mail message that includes a text/enhanced section. Six vulnerabilities related to JavaS

Spammers cashing in on Twitter, Iran, new iPhone IDG News Service - Spammers are never far from a hot story, it seems, and in the past day they've been flooding Twitter with phoney messages about Iran and the latest iPhone 3.0 operating system. In one campaign, the spammers apparently took their lead from a Mobile Crunch article about 20 things to check out in iPhone 3.0. They've set up fake Twitter accounts and posted Twitter messages that link to a Web site promoting male enhancement products. The Twitter messages say things like "iPhone OS 3.0 Just Launched. Here are 20 Things To Do With It

Facebook tackles potent click fraud scam Disgruntled advertisers turn anti-social By John Leyde Facebook is investigating reports that advertisers on the social networking site have been left well out of pocket as a result of click fraud. Networks of compromised PCs are often used to click on banner ads, generating income for unscrupulous affiliates at the expense of online advertisers, who effectively wind up paying for a bot to visit their sites. Such visits, of course, never result in any purchases. The issue has affected pay-per-click schemes such as Google Adsense for years, despite the b

22 June 2009, 16:41 Lost+Found: Risk analysis, nmap and LinkScanner Too short for news, too good to lose; lost+found is a round up of useful security information. Today, Risk analysis, nmap and LinkScanner According to the Finish CERT, many networking product vendors are still working on a patch for the DoS problem discovered in a number of TCP stacks in October 2008: CERT-FI Statement on the Outpost24 TCP Issues. Experiments carried out on four software developers have shown that too much risk analysis can lead them to develop a false sense of confidence. Rather than reaching a more realisti

22 June 2009, 16:08 IrfanView 4.25 image viewer fixes critical vulnerability A highly critical vulnerability has been found in the popular image viewer IrfanView that can lead to a heap-based buffer overflow. According to the security service provider Secunia, the problem is caused by an integer overflow when re-sampling certain 1 BPP images and potentially can be used to compromise a user's system. For an attack to be successful, a victim must first be tricked into opening a specially crafted TIFF image file and also re-sample the image, or use the screen fitting option. The 4.25 release res

Foxit Reader JPEG2000/JBIG Decoder Add-On Vulnerability Highly critical Will Dormann has discovered a vulnerability in the JPEG2000/JBIG Decoder add-on for Foxit Reader, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error when parsing boxes in a JPEG 2000 stream and can be exploited to cause a heap-based buffer overflow via a PDF file containing a specially crafted JPEG 2000 image. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 2.0 Build 2009.303. Other versio

Ubuntu update for gst-plugins-good0.10 Moderately critical Ubuntu has issued an update for gst-plugins-good0.10. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library. http://secunia.com/advisories/35526/

Windows 7 Upgrade Tool Released Microsoft Assessment and Planning Toolkit 4.0 will let enterprises know if they're ready for Redmond's next OS. By Paul McDougall InformationWeek June 22, 2009 10:44 AM Microsoft has released a beta version of a toolkit for businesses mulling an upgrade of their desktop systems to the Windows 7 operating system. Microsoft Assessment and Planning (MAP) Toolkit, version 4.0, is designed to analyze computers and other devices on a network to determine if they're compatible with Windows 7, Windows Server 2008, and other software products, including Microsoft O

Jun22 “Critical Update” Leads to Critical Info Theft 12:40 am (UTC-7) | by Argie Gallego (Anti-spam Research Engineer) Microsoft Corporation regularly issues updates to fix bugs and security vulnerabilities in its software products. These updates are meant to protect its users from different attacks that depend mainly on exploiting these documented bugs. Close to the weekend, we identified spam (click Figure 1 thumbnail for larger view) claiming to be a Microsoft Outlook and Outlook Express critical update that “offers the highest levels of stability and security.” A tricky difference he

Parking Meters: The Next Big Hack? Security researcher prepares to outline vulnerabilities at upcoming Black Hat conference Jun 22, 2009 | 04:35 PM By Tim Wilson DarkReading There are a lot of ways for your identity stolen to be stolen. Until last week, however, parking legally wasn't one that had occurred to most of us. Last week, security researcher Joe Grand offered a preview of his upcoming presentation at the Black Hat USA conference, which will take place in Las Vegas next month. The subject of Grand's presentation: parking meters. Grand says that so-called "smart" parking meters --

3 nice little helpers Have some fun with a beautiful desktop wallpaper, an online document reader, and a tool to make reading web pages much, much easier. Desktop Earth As I mentioned in an earlier column (http://rlis.com/columns/column194.htm), I have the most boring desktop imaginable. You can probably guess that I am not a big fan of desktop wallpaper. But I know many of you are, and if so, you might enjoy Desktop Earth (http://codefromthe70s.org/desktopearth_dl.aspx). Desktop Earth is a wallpaper generator for Windows. It runs whenever your computer is connected to the internet and upda

Vista SP2 and Bing Vista Service Pack 2 is available, but not mandatory. Yet. Microsoft's new internet search engine is available, and it's kind of...interesting. Vista Service Pack 2 Is Available Vista Service Pack 2 is available for download. It includes the bug fixes that have already been released for Vista, as well as three major new improvements. WiFi and Bluetooth performance is better with SP2. Another improvement is a cleanup utility, which automatically tidies up after the installation. People have reported regaining tens of gigabytes of hard drive space after installing Service

Get Windows 7 Performance on Your Current PC Windows 7 promises quicker boot-ups, slick tools, and better looks. Here’s how to get the new OS's top features on your current Vista or XP PC without taking a chance on beta software or waiting for the final version of Windows 7 to arrive. Rick Broida, PC World Informal speed tests show that Windows 7 boots faster than Vista, and many users have reported that it "feels" faster during everyday operation. (Maybe that's because the User Account Control is more restrained in Windows 7 than in Vista and doesn't pester them so often.) But you can take so

To all the dads including grand-dads I hope you all had a very nice pampered day today.

Microsoft forbids changes to Windows 7 netbook wallpaper Redmond-approved art only By Austin Modine • 19th June 2009 17:59 GMT Netbook users running Windows 7 Starter Edition better learn to enjoy Microsoft's default desktop background, because that's all they're getting. Windows 7 Starter Edition not only blocks end-users from swapping the original Windows-provided wallpaper, colors, and sound schemes - OEMs and partners aren't allowed into the personalization options either. Within Windows blog first spotted the OEM restrictions, which El Reg has now confirmed with Microsoft. Branding a PC'

Create a windows CD for PC's that do not have one. what can you do? See full details at Pcworld - http://www.pcworld.com/article/136168/slip...dows_xp_cd.html

Back Up Your Windows XP Patches and Service Packs Rick Broida If you're running Windows XP with Service Pack 2 or even Service Pack 3, what happens if you have to perform a system recovery using your original XP CD? Hassles, that's what. Reader Ralph recently experienced that exact scenario, resulting in an awful lot of Windows Updating after the installation. That's because the old CD doesn't have all the patches and updates you've downloaded over the years. It could take hours or even days to re-download and reinstall all that extra stuff, during which time your PC is more vulnerable to viru

Microsoft on New Xbox 360: We're "Not Even Halfway" There Matt Peckham Okay, settle down gossipmongers, Microsoft says all this talk about an upgraded Xbox 360 is not only wrong, it's missing the point. There won't be an upgraded Xbox 360 next year, and in fact, we're only halfway through the current console cycle. What's more, Project Natal, the company's no-controller 3D motion and voice recognition technology is being designed for the existing Xbox 360, not an imaginary "performance-upgraded" one. In an official statement released to the media, a Microsoft spokesperson wrote As the Xbox tea

19 June 2009, 11:33 PHP 5.2.10 released Less than one week after the second release candidate was made available, the PHP developers have announced the final release of version of PHP 5.2.10. Version 5.2.10 of the open source scripting language is a maintenance release for the 5.2 development branch and features over 100 bug fixes, including a fix for a security issue that affected exif_read_data () segfaults on certain corrupted .jpeg files. The developers also announced the availability of the fourth release candidate (RC4) of PHP 5.3.0, a newly developed version of PHP that includes severa

Microsoft To Launch Free Antivirus Product Next Week Public beta of the much-anticipated "Morro" tool debuts June 23, replacing OneCare Live for consumers Jun 18, 2009 | 04:01 PM By Kelly Jackson Higgins DarkReading Microsoft turned a page in consumer antivirus protection today with the official announcement of free anti-malware software that users can download on their Windows machines. The new Microsoft Security Essentials software -- which had been known by the code name "Morro" -- will be available in a public beta version next Tues., June 23. Unlike Microsoft's Live subscription-based

19 June 2009, 12:08 New Google service helps find dodgy advertisers Google's new Anti-Malvertising service is intended to help detect dodgy advertisers who attempt to infect visitors to legitimate websites using specially crafted banner ads or pop-ups. All major websites face the problem of checking the background and integrity of their advertising agencies. A virus-distributing Flash banner loaded from an external server has the potential to put thousands of users at risk – or harass visitors with nagware. Google's service is intended to help users find out whether advertisers or advertising

Microsoft Security Bulletin Minor Revisions‏ From: Microsoft ([email protected]) Sent: June 17, 2009 10:21:58 PM To: ******************************************************************** Title: Microsoft Security Bulletin Minor RevisionsIssued: June 17, 2009 ******************************************************************** Summary=======The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS09-022 - Critical * MS09-021 - Critical * MS09-020 - Important * MS09-018 - Critica l* MS09-010 - Critical