security

If there's one thing Power Downloader has learned while working with computers and software, it's that there will inevitably be problems. With new viruses and new strains of spyware set loose onto the Web every day, Power knows he needs to stay on top of updates and the latest definitions for his programs. But even with the best protection available, occasionally something can sneak through Power's defenses, leaving his computer unusable.

To make sure he's prepared for the worst, Power Downloader keeps a bootable CD with a variety of programs meant to troubleshoot an otherwise unusable … Read more

One more time around the block, James.

Microsoft late Thursday revised one of its critical security bulletins from Patch Tuesday, adding another item to its list of affected software.

Security bulletin MS07-036 now includes a warning that Microsoft Office 2004 for the Mac is also affected.

The update is designed to address a security flaw, which could allow attackers to overwrite the computer's memory with malicious code.

Microsoft notes that people running Office 2004 for the Mac on the Mac OS X 10.2 are at risk. It advises people to first install the Microsoft Office 2004 for Mac 11.3.5 update, … Read more

WASHINGTON--Spammers, beware: more criminal spam prosecutions--complete with stiff prison sentences and mandatory forfeiture of relevant valuables--are on the way in the coming months, a U.S. Department of Justice attorney said Thursday.

"I think the healthy dose of jail time plus lose-your-money is working," Mona Sedky Spivack, a trial attorney in the Justice Department's computer crime and intellectual property unit, said at the second day of a Federal Trade Commission spam summit here. "I hope that provides a deterrent effect to other would-be criminal spammers out there."

Justice Department and FBI representatives contacted by CNET … Read more

Sony BMG Music Entertainment is suing an antipiracy CD software company claiming that the technology provided was flawed. In November 2005, researcher Mark Russinovich discovered hidden files left behind on computers when certain Sony copy-protected CDs were played. The subsequent consumer complaints and government investigations, says Sony, cost the entertainment company millions of dollars in losses.

Now Sony BMG has filed a complaint against The Amergence Group, formerly SunnComm International, a company that produced the piracy-protection system known as MediaMax CD. According to the Associated Press, Sony BMG is seeking $12 million in damages for unfair business practices and for … Read more

Adobe Systems this week issued three critical security updates designed to address vulnerabilities in its Flash Player, according to a security advisory issued by the company.

Adobe Flash Player 9.0.45.0, 8.0.34.0 and 7.0.69.0, as well as their earlier versions running on all platforms, are affected.

Users loading a malicious vector graphics file format (SWF) in their Flash Player may find attackers exploiting security flaws due to an input validation error in 9.0.45.0 and earlier versions, according to a security advisory by Secunia. Attackers, as a result, can gain … Read more

An elvish gentleman of the Macalope's acquaintance writes to point out that Apple has once again failed to credit security researchers who found flaws in its products.

Well, except for Tom Ferris.

And Matt Slot.

And Jonathan 'Wolf' Rentzsch.

Uh, Tom Ferris again.

Oh. And David Vaartjes and iDefense VCP.

And Adam Gowdiak got some credit there.

Twice.

But no one on that last one!

C'mon, Apple!

Of course, they could have found that one on their own.

Hmm. Boy. Now the pointy one really kind of wonders what kind of a joker you'd have to be … Read more

In addition to providing full-screen viewing and various iPhone options, the latest version of QuickTime 7.2 includes eight important security fixes. This update affects users of Mac OS X v10.3.9, Mac OS X v10.4.9, as well as users of Windows XP and Windows Vista. The QuickTime update is available from Apple's Software Download for both Mac OS X and Windows users.

QuickTime H.264 movie files This patch affects users of Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, and XP SP2 and addresses the vulnerability in CVE-2007-2295. When viewing a maliciously crafted H.264 movie, an attack may produce an unexpected application termination or arbitrary code execution. Apple credits Tom Ferris of Security-Protocols.com, and Matt Slot of Ambrosia Software, Inc. for reporting this issue.

… Read more

A new security company, Haute Secure, is offering a free beta version of its safe surfing toolbar for Internet Explorer that blocks malware from downloading onto your desktop. Firefox support is expected soon. Entering an already crowded field, the Haute Secure toolbar hopes to distinguish itself by taking the best of Exploit Prevention Labs Linkscanner Pro and McAfee SiteAdvisor, and then adds additional layers of protection. If they can pull it off with the final release, Haute Secure could be a must-have add-on for both Internet Explorer and Firefox.

The Haute Secure toolbar hooks into 70 processes running on your … Read more

Seven months after releasing the final version of Windows Live OneCare 1.5, Microsoft is today offering a Windows Live OneCare 2.0 beta for public testing. The existing Windows Live OnceCare 1.5 release includes sections for Protection Plus (which handles threats and malware), Performance Plus, and Backup and Restore. The new release adds home networking tools to the mix.

Realizing that most home networks have an average of 2.5 computers, a typical OneCare license allows installation on three separate PCs. OneCare 2.0 adds the ability to monitor the security of two additional PCs from one network … Read more