It’s bad when a firm has problems with computer security – it’s even worse, when these problems are specifically created by the security professional who offers to solve them himself. This was the business model employed by one computer expert in Huesca, a town in the Aragon province of Spain. (more…)
An upswing in activity related to a potential Windows Server vulnerability dubbed with a most-dangerous label in early August has been detected by security companies and organizations.
That earlier vulnerability came to light August 8, amid Microsoft’s release of a dozen security bulletins. These included MS06-040, which patched a critical vulnerability in Windows’ Server service. At the time, security analysts warned that the bug might be exploited by a network-attacking worm, ala MSBlast. Although several exploits appeared, their impact was minor. (more…)
Out of the frying pan and into the fire is an apt description for the situation Microsoft finds itself in. aptly describes the situation Microsoft has encountered with one of its nine critical security updates released as part of the biggest “patch Tuesday” in memory. One of the patches which was released as part of the biggest “patch Tuesday” in memory, MS06-042, was soon found to crash Internet Explorer 6.0 SP1 windows when accessing websites that run the HTTP 1.1 protocol and compression. A hotfix was provided and Microsoft also promised to re-release a corrected version of the security update on August 22. (more…)
Security firms reiterated advice to companies and home users to patch their Windows systems, after a bot program was detected last week that used a recently fixed flaw to compromise computers.
The bot has reportedly not spread very widely, according to advisories posted by Microsoft, Symantec, and security firm LURHQ, which labelled the program Graweg, Wargbot and Mocbot, respectively (Symantec is the parent company of SecurityFocus.) (more…)
Virus writers have adapted an existing family of worms to exploit a recently patched, high-profile Windows security vulnerability.
Corporate admins are being are urged to redouble their efforts to roll out security patches as quickly as possible.
The Cuebot-L and Cuebot-M worms spread via AOL instant messenger, exploiting the MS06-040 vulnerability in Windows Server Service. (more…)
nCircle advises customers to use nCircle ASPL Version 141 to identify the vulnerability, complete patching as rapidly as possible, and review other security controls including remote access polices, VPNs and access through any other ingress points for this predicted worm. (more…)
It has been another challenging month for Microsoft in terms of security, as a third month in a row sees many critical updates being released as part of the scheduled monthly update cycle. This time the total number of bulletins is 12, and 9 of them receive a critical rating, one more than the 8 of the huge June update. In total there are 23 vulnerabilities covered, 20 in Windows and 3 in Office, which was the main update target over the past months. The 23 vulnerabilities fixed in this month’s update make it the biggest single month patch ever. According to experts, 11 of these vulnerabilities were previously known, while others, Microsoft claims, were discovered by the company itself. (more…)
XHTML page in
0.414
seconds.hosted by eroot.org