Microsoft out-of-band security bulletin release for IE

Microsoft has released an out-of-band security bulletin on March 30, 2010. The bulletin is being released to address new attacks against customers of Internet Explorer. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these current attacks. However, the released update contains fixes for IE5, IE6, IE7 and IE8 and therefore, it is recommended…


How Wi-Fi Attackers are poisoning web browsers

Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to poison users’ browser caches in order to present fake Web pages or even steal data at a later time. That’s according to security researcher Mike Kershaw, developer…


Report details hacks targeting Google and others

It’s been three weeks since Google announced that a sophisticated and coordinated hack attack dubbed Operation Aurora recently targeted it and numerous other U.S. companies. Now a leading computer forensic firm is providing the closest look so far at the nature of the attacks, and attackers that struck Google and others. -Urs  


Microsoft Security Bulletin MS08-078 – Critical avaiable now!

Microsoft Security Bulletin MS08-078 – Critical is now avaiable, patches are there and ready for download: Please install, update as soon as possible! Urs  


Internet Explorer security levels compared

As a couple of people are looking at their IE currently, I found some interesting information on Steve Riley’s Technet blog: “A pretty good question came across the newsgroups the other day. Someone was asking what are the differences between IE’s “medium” and “medium-high” security settings. I did some digging, and found only this on MSDN:…


Security Advisory 961051 – More information

Microsoft revised the Workarounds section of Security Advisory 961051. The Security Vulnerability Research & Defense team wanted to share more detail about the vulnerability and explains the additional workarounds here to help you protect your computers: Microsoft Security Advisory (961051)Vulnerability in Internet Explorer Could Allow Remote Code Execution Urs      


Internet Explorer 8 (beta2) released

Last week Microsoft released IE8 Beta2, the faster, easier and safer successor of the existing Internet Explorer. As there are a lot of changes (new default settings, new support for standards, new features), it’s definitely woth to try and test IE8. It’s probably a good idea to start testing the own (internal) web applications as well….


Web 2.0, meet Internet attack 2.0

The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday. “Security was a challenge to begin with, but if anything it’s getting harder in the Web 2.0 world,” said Jacob West, manager of…


Microsoft calls for talks on Internet trust, safety

Microsoft today called for broad discussions about the safety of the Internet in an initiative it dubbed “End to End Trust” in a white paper released during the RSA Conference that opened today in San Francisco. In a keynote address at the security conference, Craig Mundie, chief research and strategy officer at Microsoft, talked up…


Sun and Apple Updates – A Sheer Nuisance!!

From Roger’s blog post: Well, a little bit in the same direction as my previus post: Urs