Home The News
The News

Time to upgrade from IE6 and IE7

Friday, 12 March 2010 15:34 mike phillips
E-mail Print PDF

McAfee inadvertently speeds creation of Metaploit IE exploit pack

From 'The Register' (Original Article)

A security researcher has credited McAfee for helping him to develop exploit code that cracks open an unpatched flaw in older versions of Internet Explorer.

Moshe Ben Abu (AKA Trancer00t) developed exploit code for the flaw in IE 6 and 7 in knocking-up an exploit module for the open-source Metasploit exploit database.

"I didn't find the vuln', just found it in the wild. With a little help from McAfee (http://j.mp/c4W3xA) :-)," the Israeli security researcher noted in a Twitter update on Thursday.

Microsoft acknowledged that the flaw, which stems from an invalid pointer reference, affects IE 6 and 7 and creates a possible mechanism for hackers to drop malware onto vulnerable systems. IE8, the latest version of Microsoft's web surfing software, isn't vulnerable.

Redmond's advisory, published on Tuesday, which provides workarounds for users unable to upgrade to IE 8, makes it clear that the vulnerability is already being used in targeted attacks.

These attacks are geared towards dropping backdoor Trojans, detected by McAfee and other security firms, onto vulnerable systems.

The flaw is separate from an earlier, unpatched IE flaw that involves tricking users users into pressing the F1 button, which is normally used to present a help screen, as explained in our earlier story here.

Trancer00t created code that allowed sys admins and other interested parties to test networks for the presence of a flaw already under attack by miscreants.

McAfee's blog post helped Ben Abu to locate an exploit already developed and published by the bad guys, something he'd have been able to locate anyway. Nonetheless the incident has prompted McAfee to more closely review blog posts for stray clues, CNet reports

"We regularly sanitize blog content to prevent providing information that might assist attackers, while at the same time providing a service to customers and the security community to help improve protection levels," a McAfee spokesman said. "The post in question did not contain enough information to directly lead anyone to exploit code. However, we regret that in this unique situation the post did contain details that may have given exploit writers a starting point to hunt for exploit code. Future blog posts will be subject to additional sanitization." ®

Last Updated on Friday, 12 March 2010 15:38
 

Microsoft loses appeal in Word patent case

Friday, 12 March 2010 15:19 mike phillips
E-mail Print PDF

Microsoft loses appeal in Word patent case

From the BBC Website... (Original BBC Article)

Microsoft has lost an appeal against a court judgement that told it to pay $240m (£160m) in damages.

In August 2009, a US court awarded the damages to i4i which claimed Microsoft had infringed its patents.

The patents cover the use of XML, a mark-up language that preserves data formats across different programs.

The judgement also required Microsoft to remove the i4i technology from its Office software suite and stop selling the infringing programs.

The injunction on sales began in January 2010 and applied to any Microsoft Office software, specifically Word 2003 and 2007, containing the infringing patents.

Since it lost the first round of the legal battle, Microsoft has been stripping the disputed technology from its Office products.

Soon after losing the initial case, Microsoft filed an appeal asking the court to re-think its decision. In December 2009, a panel of judges upheld the initial ruling.

In this second appeal, the court again re-affirmed the original ruling and spelled out why that decision was made. In court documents spelling out their reasoning, the three appeal court judges said there was evidence that Microsoft knew i4i technology was patented before it turned up in Office programs.

The appeal is not the last that Microsoft can make. The court documents are now being sent to the other appeal court judges who will decide if Microsoft has grounds for a wider review of the case.

The decision on the whether to hold that review is due within the next six weeks. If that is refused then Microsoft can appeal again to the Supreme Court.

I4i's patents date from 1998 and outline a way of "manipulating the architecture and the content of a document separately from each other" that invokes XML as the means of doing this.

I4i founder Michel Vulpe said he was "pleased with the court's continued decision to uphold the injunction".

Last Updated on Friday, 12 March 2010 15:28
 

Windows 7 pricing gets unveiled

Thursday, 25 June 2009 21:47 Val Shutt
E-mail Print PDF

From the BBC... (Original BBC Article)

 

Microsoft will not be offering an upgrade version of Windows 7 in Europe.Windows logo, Getty

In the past Microsoft has given people already using Windows a chance to upgrade to a new version when it becomes available. 

While that option will be offered in the US, Microsoft said its efforts to comply with competition regulations meant it could not do so in Europe.

European regulators dismissed the claim, saying the move limited choices rather than opening them up.

Last Updated on Monday, 09 November 2009 15:39 Read more...
 

Joomla! Community Portal

Saturday, 07 July 2007 09:54 administrator
E-mail Print PDF

The Joomla! Community Portal is now online. There, you will find a constant source of information about the activities of contributors powering the Joomla! Project. Learn about Joomla! Events worldwide, and see if there is a Joomla! User Group nearby.

The Joomla! Community Magazine promises an interesting overview of feature articles, community accomplishments, learning topics, and project updates each month. Also, check out JoomlaConnect™. This aggregated RSS feed brings together Joomla! news from all over the world in your language. Get the latest and greatest by clicking here.

Last Updated on Saturday, 27 June 2009 18:13
 


Main Menu

Products

Manufacturers




Best Sellers

01 eMachines :- Data Recovery Boot Disk - Linux Windows 98 NT 2000 XP Vista 7
02 Dell Latitude D505 :- XP Driver Recovery - Restore Disk
03 HP Pavilion dv9000 Vista 32 :- Data Recovery Boot Disk - Linux Windows 98 Vista 7
04 Test Download
05 Acer Aspire 5315 :- Password Reset - Windows XP Vista 2000 98 7
06 Acer Aspire 5315 :- XP Driver Recovery CD - Restore Disk
07 Acer Travelmate 4200 :- XP Driver Recovery CD - Restore Disk
08 Acer Aspire 5520 :- Data Recovery Boot Disk - Linux Windows 98 NT 2000 XP Vista 7
09 Averatec 3300 :- NTLDR missing or corrupt
10 Dell Dimension 4500 :- Data Recovery Boot Disk - Windows 98 2000 XP Vista

Shopping Cart

Your Cart is currently empty.

Login






Google Ads

Payment Methods

Payment Methods

Google Ads


Newsflash




It has come to our attention that certain Acer Aspire Notebooks may overheat under specific conditions. Acer is therefore voluntarily instituting a safety recall for these products.

The affected units are Acer Aspire models AS3410, AS3810T, AS3810TG, AS3810TZ and AS3810TZG manufactured prior to September 15, 2009. In the affected units the microphone cable may overheat when extreme pressure is applied repeatedly to the left palm rest. As a result, the unit case may become deformed and the system may malfunction.