zero

A security researcher has released zero-day code for a flaw in the Linux kernel, saying that it bypasses security protections in the operating system.

The source code for the exploit was made available last week by researcher Brad Spengler on the Dailydave mailing list. According to the researcher, the code exploits a vulnerability in Linux version 2.6.30, and 2.6.18, and affects both 32-bit and 64-bit versions. The 2.6.18 kernel is used in Red Hat Enterprise Linux 5.

The exploit bypasses null pointer de-reference protection in the mainline kernel, which could allow an attacker to … Read more

There is a critical JavaScript vulnerability in the Firefox 3.5 Web browser, Mozilla has warned.

The zero-day flaw lies in Firefox 3.5's Just-in-time (JIT) JavaScript compiler. Proof-of-concept code to exploit the vulnerability has been posted online by a security research group, Mozilla said in a post on its security blog on Wednesday. Security company Secunia rated the vulnerability as "highly critical" on Wednesday.

The hole could allow a hacker to launch a "drive-by" attack, according to Mozilla. That means an attacker may be able to execute malicious code on a target machine, if … Read more

Finding the perfect grill for your backyard can be a daunting task. After you get past the first big question: gas, charcoal, or (gasp) electric, then you will find a whole new set of parameters that will shape your decision. Size and power are among the most important factors to consider, and with so many options available, the perfect grill is out there somewhere.

The new Sub-Zero Wolf Outdoor Grills come in three sizes, all with the option to be included as a built-in or for use with a freestanding cart. Choose from a 30-inch, 36-inch, or 42-inch model to … Read more

I am very fond of love. It makes people do silly things, giddy things, and, sometimes, very strange things indeed.

However, I am full of vicarious admiration for Noah Fulmor and Erin Finnegan, a Brooklyn couple who decided to do silly, strange, and giddy all together for their wedding on Saturday. Terrestrial weddings were far too mundane for their refined sci-fi tastes.

So they thought they'd space out.

They hired a 727 from a company called Zero Gravity Corp. and floated off not so much into the sunset, but toward the sun. And then suddenly away from it.

Their … Read more

There's a movement afoot to make homes greener, but the impact will be limited if only wealthy people can afford them. Start-up ZETA Communities is trying to expand that movement's reach by making market-priced, "net zero" multifamily homes.

In the next two weeks, the San Francisco-based company expects to complete its first demonstration building, a town house in Oakland, Calif. Using a variety of design choices, such as a passive solar design and very efficient windows, the energy load on the town houses will be 60 percent of what a comparable-size traditional building would require. Solar … Read more

Updated 6 p.m. PDT with Microsoft comment.

It apparently didn't take long for hackers to try to take advantage of a zero-day hole in Microsoft Internet Information Services (IIS).

Ball State University in Muncie, Ind., told The Register that servers running the program were breached on Monday, the same day Microsoft warned the public about the vulnerability.

Students accessing their iWeb pages on Monday saw messages saying the system had been hacked, The Register reported on Wednesday. There is no evidence data was stolen or malicious files uploaded, however the iWeb accounts were expected to be offline until … Read more

Microsoft will issue a patch on Tuesday to fix a critical vulnerability in PowerPoint that could be the same hole that has been exploited in limited and targeted attacks.

The vulnerability affects Microsoft Office 2000, 2003, 2007 and XP, as well as PowerPoint Viewer and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 file formats, according to an advance notification released on Thursday.

In a security advisory in early April, Microsoft warned about a vulnerability in PowerPoint that had been targeted by attacks that were tailored and not widespread.

That vulnerability could be exploited by getting a person … Read more

The Zero S electric motorcycle is impressive, but be careful with the throttle--it accelerates superfast from a standing start--and keep in mind that it weighs only 225 pounds.

Those are the initial observations of this first-time rider, who took the street model made by Santa Cruz, Calif.-based Zero Motorcycles out for a spin.

It's an odd feeling to twist the throttle and feel the powerful acceleration (62.5 pound-feet of torque) and still hear no sound except a slight clanking from the chain, not yet lubricated on this pre-production vehicle. Making tight turns is a little tricky, as … Read more

Updated 4:35 p.m. PDT with Adobe saying Windows, Mac and Unix versions of Reader are affected and more details.

Security experts are recommending that people disable JavaScript in Adobe Reader following reports of a vulnerability in the popular portable document format reader on Tuesday.

The vulnerability appears to be due to an error in the "getAnnots()" JavaScript function and exploiting it could allow someone to remotely execute code on the machine, according to an advisory from the US-CERT.

"US-CERT encourages users and administrators to disable JavaScript in Adobe Reader to help mitigate the risk," … Read more