16 total posts
Mozilla releases Firefox security update
By Dawn Kawamoto, CNET News.com
Published on ZDNet News: May 12, 2005, 8:20 AM PT
A security update for the Firefox open-source browser has been released by the Mozilla Foundation, a move that follows the public disclosure of exploit code for two "extremely critical" vulnerabilities.
Mozilla's Firefox 1.0.4, released Wednesday, addresses vulnerabilities that surfaced earlier this week. The update includes several security fixes, as well as a fix to DHTML errors that were encountered on some Web sites, according to a posting on Mozilla's Web site.
The update is designed to address the two flaws, which when combined could allow malicious attackers to engage in cross-site scripting and remote system access. Although the two vulnerabilities could be exploited, there were no known active exploits.
Security firms fight Firefox fire with fire
Just in time for one of the first serious security flaws to be found in Mozilla's Firefox, two companies, Anonymizer and FraudEliminator, have released new security products for the popular open source Web browser.
Anonymizer's Total Privacy Suite is designed to safeguard Firefox users from spyware, keylonger software, and other online snooping programs. The suite integrates three Anonymizer programs -- surfing, anti-spyware, and digital shredding -- into a single product.
"Although Firefox is a secure browser, users are still extremely vulnerable to ID theft on the Internet without Total Privacy Suite in place," said Lee Itzhaki, director of product management for Anonymizer.
FraudEliminator's latest version of its FraudEliminator Pro software offers protection against pharming, phishing, and DNS exploits.
(NT) Requires membership to read article
I got that too William when I
clicked on Donna's link BUT I copied and pasted it after that and the article loaded if you care to do that. I don't belong to that website either.
see require membership when I clicked on it. Not sure why. I'm not a registered member of that site too.
(NT) Thanks Roddy
(NT) You're welcome William
Australians take aim at spyware
Under new Australian legislation introduced by Democrats in the country, anyone convicted of installing spyware or cookies on computers without permission would face imprisonment of up to two years.
Brian Greig, the Democrats' information technology spokesman, said Thursday that the Spyware Bill 2005 was not designed to ban spyware or other unauthorized installations but to require companies to obtain permission from the owner of the computer before proceeding.
"It is this authorization that is at the heart of the Australian Democrats' proposals," Greig told the Senate. "Namely that no program or cookie or any other form of tracking device is to be installed on any computer without the user of that computer being given full and clear information as to the purpose of that computer or tracking device.
"Furthermore, once installed, each program or monitoring or tracking device must make it easy for the user to completely remove or uninstall it."
Flaw found in VPN crypto security
Published: May 12, 2005, 1:31 PM PDT
By Dan Ilett
Special to CNET News.com
A flaw in a popular VPN technology could allow hackers to obtain a text version of encrypted communications with only "moderate effort," a tech security body has warned.
Britain's national emergency response team, the National Infrastructure Security Coordination Centre, issued a serious warning this week the safety of virtual private networks that use IPsec encryption and tunneling to connect remote workers to corporate networks.
RSA patches Web authentication tool
Published: May 12, 2005, 11:35 AM PDT
By Dan Ilett
Special to CNET News.com
Security company RSA has patched a vulnerability in its Web authentication software. RSA is advising customers to update software for its Authentication Agent for Web for Internet Information Service, after researcher Gary O'Leary-Steele discovered a flaw which could allow hackers to execute arbitrary code.
Windows OneCare, PC health solution by Microsoft
Microsoft to Deliver Automated, All-in-One PC Health Service for Consumers
Windows OneCare will span system performance, PC maintenance, data protection and security in easy-to-manage service.
REDMOND, Wash. -- May 13, 2005 -- The dynamic nature of the Internet and technology can make the protection, maintenance and optimal performance of PCs a challenge for consumers. Keeping a PC "healthy" today can be daunting and time-consuming for the average user.
To address the need for a more comprehensive PC health solution, Microsoft Corp. today announced plans to deliver Windows
Roddy, "clicks on which link"?
Hi Auggie, the links in the news article that
go to McAfee and Symantec tell you more about the links in the AIM messenger that are infected. Here is the McAfee warning. It talks about a link that says "hey check out this out"
The Symantec warning is here.
I stopped using ANY of the messengers a long time ago and although I still have the MSN one for emergenices with my family but, as a rule I would NEVER click on a link in ANY of the messengers. There are other viruses and trojans floating around besides this one.
Thanks Roddy. I would never click on any link arriving in instant messenger. I seldom use it either. Only to talk to a friend in Ohio on occasion and it's all typed converstaion.
(NT) Good plan Auggie. :D