General discussion

NEWS - February 25. 2005

Patch for masses swats Windows bug
By Robert Lemos, CNET
Published on ZDNet News: February 24, 2005, 1:19 PM PT

Microsoft has pushed out a patch for a software bug responsible for crashing some Windows systems that had third-party antivirus and firewalls installed.

The fix, which was sent out through the automatic Windows Update system this week, deals with a problem that only affects Windows XP computers with Service Pack 2 installed alongside Windows XP Tablet PC Edition 2005 and Windows Server 2003. The bug causes those PCs to crash and display the "blue screen of death" and an error message.

The issue occurs "if certain firewall or antivirus programs are installed," Microsoft said in an advisory. The company did not say which particular software was involved.

Microsoft released a patch to customers who had encountered the problem in November, after the Windows Error Reporting team noticed an increase in specific failure reports, the company said in a statement. The company then felt that the issue was widespread enough and felt confident enough in the downloadable fix to distribute it en masse through its Windows Update system.

more here

Discussion is locked

Reply to: NEWS - February 25. 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 25. 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Hackers hit Japanese government systems

By Dan Ilett, ZDNet (UK)
Published on ZDNet News: February 24, 2005, 12:37 PM PT

The Japanese Government has suffered a spate of cyberattacks on two of its Web sites this week, according to reports. A government representative told the Associated Press that key Web servers had stopped working after hackers flooded them with data, making it impossible for people to access the Prime Minister's Office and the Cabinet Offices' Web sites.

more here

- Collapse -
Take three: Antivirus apps could spread infection

By Robert Lemos, CNET
Published on ZDNet News: February 24, 2005, 3:22 PM PT

Internet Security Systems has found a flaw in Trend Micro's virus-scanning software--the third time this month that the security company has picked a hole in an antivirus product.

The vulnerability affects Trend Micro's Antivirus Library, a common set of code used by at least 29 Trend Micro products, according to separate advisories posted on Trend Micro's Web site on Wednesday and on ISS' site on Thursday. An attacker could create a program that exploits the security hole, causing the antivirus program to run a virus instead of blocking the malicious program, the companies said.

"Successful exploitation of this vulnerability could be used to gain unauthorized access to networks and machines being protected by Trend Micro Antivirus Library products," ISS said in its advisory.

The flaw is similar to those found in antivirus software from Symantec and F-Secure. Because it's a library flaw, it adds up to a broad vulnerability in Trend Micro products that could be exploited to automatically run a malicious program. The flaw is caused by a memory error known as a heap overflow.

more here

- Collapse -
Firefox fix plugs security holes

By Steven Musil, CNET
Published on ZDNet News: February 24, 2005, 9:00 PM PT

The Mozilla Foundation on Thursday released an update to the Firefox Web browser to fix several vulnerabilities, including one that would allow domain spoofing.

The open-source project released Firefox 1.0.1 to fix, among other bugs, a vulnerability in the Internationalized Domain Names (IDN), a standard for handling special character sets in domain names that could let an attacker spoof Web sites on non-Microsoft browsers. The standard allows companies to register domain names that appear to be the same in different languages.

That encoding scheme could enable an attacker to create a fake Web site for a phishing scam. A spoofed link would seem to be a legitimate URL in the address bar of affected browsers. But instead of taking the victim to the trusted site, the link would lead to a phony Web site with a domain rendered as the same address under the IDN process.

The updated browser will display the IDN Punycode in the address bar, preventing URL spoofing. Punycode is the encoding of Unicode strings into the limited character set supported by the Domain Name System and IDN.

more here

- Collapse -
Microsoft puts a little money where its mouth is

Published: February 25, 2005, 4:50 AM PST
By Stefanie Olsen
Staff Writer, CNET

Afraid Microsoft's anti-spyware will muck up your hard drive, erasing your digital photos, music collection and work files?

Don't worry, you've got a $5 rebate coming your way in this worst-case scenario--enough to buy five songs on iTunes. That is, if you read and take advantage of Microsoft's legal promise.

According to the AntiSpyware Beta end-user license agreement (EULA), Microsoft will reimburse direct damages up to $5 for problems associated with the new downloadable tool that wards off spyware, adware and any other "potentially unwanted software."

more here

- Collapse -
Microsoft to nix some Net product activation

Published: February 24, 2005, 4:44 PM PST
By Robert Lemos
Staff Writer, CNET

Customers who find themselves reinstalling Windows XP should be ready for a headache: Microsoft will no longer support activating the product over the Internet for PCs which have Windows pre-installed.

Intended to curtail the stealing and selling of certificates of authenticity, the new security measure will start at the end of this month. At first, it will be limited to the Windows XP software preinstalled on systems shipped by the top 20 PC sellers.

"The main reason (for the change) is to address piracy in this area," a Microsoft representative said on Thursday. "Microsoft has found various people selling the labels of authenticity that they have copied or have pulled off other PCs."

more here

- Collapse -
Opera Tackles Phishing: Second Beta of the Opera Browser

Available Today

"Opera Software ASA today released the second Beta version of its next browser, which includes an answer to the recent security debate over Web site spoofing. In this Beta, the browser displays security information inside the address bar, located next to the padlock icon that indicates the level of security present on a site.

The small, yellow security bar appears on secure sites and displays the name of the organization that owns the certificate. By clicking on the bar the user has access to more information about the validity of the certificate. These anti-spoof measures help users make educated decisions about a site's validity and security.

"One of the most important measures to counter phishing attacks is the use of security certificates," says Christen Krogh, Opera's Vice President of Engineering. "The challenge for browser vendors is to better explain the verification of certificates and to make the user more aware of this additional verification before entering into secure transactions."

More in

- Collapse -
ICANN Statement on IDN Homograph Attacks and Request for

Public Comment

ICANN is aware of the recent publicity regarding the vulnerability of certain web browsers to URI and domain name spoofing that relies on the use of Internationalised Domain Name (IDN) resolution.[..]

ICANN is concerned about the potential exacerbation of homograph domain name spoofing as IDNs become more widespread, and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs. ICANN calls for views and positions regarding both homograph vulnerability, which is not unique to IDNs, and the proposed countermeasures, which include having browser support for IDNs turned off by default, while at the same time not protecting against older forms of URI and domain name abuse.

ICANN encourages the global Internet community to participate in this public comment forum as part of an effort to improve public protection from abusive use of domain names while responsibly opening up opportunities for non-Latin language characters to be used in registered domain names.

More in

CNET Forums

Forum Info