Archive for the 'Security' CategoryiPod virus discovered
Security researchers have discovered a virus that infects iPods running Linux. This in itself isn’t too noteworthy, but the researchers say that this demonstrates that malicious programs can be made for devices like the iPod. I imagine that there will be an explosion in viruses for mobile devices: from cell phones to PDAs to music players, especially as these devices connect to the Internet. RTHDCPL.EXE - Illegal System DLL Relocation
Thousands of users are finding that a recent Windows security update is making new problems. After the update users that have some types of Realtek sound cards are seeing an error message that says: “RTHDCPL.EXE - Illegal System DLL Relocation Microsoft has issued a patch that you can find here Fix for cursors security holeMicrosoft has released a patch for a severe zero-day vulnerability in the way it draws cursors. All versions of Windows are at risk. Bad guys could put dangerous code in the custom graphical cursors many users use. The vulnerability has already been exploited in web based attacks. You should install the update right away. WEP can now be cracked in 2 min104-bit WEP, a very common security mechanism for 802.11b/g/n home and office WiFi networks can now be cracked in as little as one or two minutes with a standard computer. That the security mechanism could be broken easily is not new news, but that it can be done so quickly, with standard hardware, is. If you want to secure your home network, consider using WPA or WPA2. Use WPA2 if your hardware supports it. Look through the documentation for your wireless router and wireless network card to figure out how to implement WPA. More information can be found in this article from the great Ars Technica. Acer issues patch for ActiveX vulnerability
Acer has released a patch for an ActiveX control called LunchApp.ocx. Acer’s official intention was to allow for easy downloading of updates and patches, but it has been found that bad guys can exploit it. The patch is available from the Acer web site (Acer Preload Security Patch for Windows XP). If your computer is from Acer, you should download this patch immediately. Today is Patch Tuesday
It’s that time of the month, the day Microsoft unloads a ton of patches for Windows and other products. The highlights include Internet Explorer exploit patches, and fixes to holes in Flash Player and XML Core Services. Make sure you run Windows Update and get everything up to date. October Patch DayToday is Microsoft’s ‘patch day’, and a big one at that. If you use Windows, you’ll probably want to run Windows Update to get them. Lot’s of big patches, several of the critical variety. There were rumblings that Microsoft was going to release Internet Explorer 7 among these patches, but that does not seem to be the case. Zero-day? What’s that?
A zero-day exploit is simply an exploit that is taken advantage of the day it is made known to the world. The difference between this type of exploit and others is that oftentimes, when a exploit is discovered the software company has some time to release a fix and patch systems, before the crackers learn of how to attack the vunerability. With a zero-day exploit, the crackers have the distinct edge and start attacking systems before the patch has begun development. Big Apple Security PatchApple has just released a patch fixing 15 security flaws, including bugs in Flash player. If you’re an Apple user, running one of following: OS X Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4 through Mac OS X v10.4.7, and Mac OS X Server v10.4 through Mac OS X Server v10.4.7, you will want to download this update. The update is called Security Update 2006-006. Microsoft Patch day is next TuesdayIt’s that time of the month again, and this month’s patch day looks like it will be a big one indeed. This bout of Microsoft Patches includes: Four Microsoft Security Bulletins for Windows. One or more of which is Critical. Other patches will be forthcoming. In any case, get ready to run Windows Update on Tuesday. |