Monday, April 21st, 2008
In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...
Posted in Coding, Privacy, Security, Windows | No Comments
Friday, April 18th, 2008
Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run ...
Posted in Security, Windows | No Comments
Thursday, April 17th, 2008
Windows Vista shipped to business customers on the last day of November 2006, so the end of November 2007 marks the one year anniversary for supported production use of the product. This paper analyzes the vulnerability disclosures and security updates for the first year of Windows Vista and looks at ...
Posted in Security, Windows | No Comments
Wednesday, April 16th, 2008
Wireless security vendors used last week's conference here to showcase both the problems and solutions in controlling access to wireless voice and data.
AirTight Networks launched SpectraGuard Online, touted as wireless security's first manifestation of the software-as-a-service (SaaS) model that more vendors -- and a few cyber criminals -- are using.
In ...
Posted in Hardware, Internet, Networking, Security | No Comments
Wednesday, April 16th, 2008
A cartoon that ridicules the efforts of a Chinese gymnast at the Olympic games is the latest ploy used by cyber-criminals to infect Windows PCs, according to McAfee Avert labs.
While the movie files, which show the cartoon followed by images supporting a free Tibet, are playing, a keystroke logging tool, ...
Posted in Internet, Privacy, Security | No Comments