Spyware, Viruses, & Security forum

General discussion

News - November 30, 2004

by Brent Welch / November 30, 2004 1:13 AM PST

Sun stamps on Java bug

Sun Microsystems claimed yesterday that its attempt to stamp on a recently discovered Java Virtual Machine (JVM) security bug has been successful. Security experts warned that the potentially devastating flaw in the JVM Run Time Environment could leave millions of desktops open to attack.

However, Sun stated: "Early indications are that Sun's response to this issue has been effective. As of 29 November 824,244 users have downloaded the upgraded version of J2SE 1.4.2_06 that corrects the vulnerability."


Discussion is locked
You are posting a reply to: News - November 30, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - November 30, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Suntrust - Security Alert on Microsoft Internet Explorer
by Donna Buenaventura / November 30, 2004 3:13 AM PST

Email title: 'Security Alert on Microsoft Internet Explorer'
Scam target: Suntrust customers
Email format: HTML email
Sender: support @ suntrust.com
Sender spoofed? Yes
Phish 'punch line' : 'SunTrust security systems require that you test your browser now to see if it meets the requirements for SunTrust Internet Banking.
Please sign on to Internet Banking in order to verify security update installation.'
Scam goal: Getting victim's Suntrust website username/password, credit card information
Phish link method a link in the HTML email
Visible link: 'Sign on'
Actual link to h++p://
Phish website hosted on:

This is a second phish using this kind of bait. The message is persuasive and well crafted:

Screenshot at here

The sender is spoofed and the link's URL is hidden, which makes this message a dangerous phish.

More details in Anti-Phishing.org

Collapse -
Took them long enough and
by roddy32 / November 30, 2004 3:26 AM PST
Collapse -
Unprotected PCs Fall To Hacker Bots In Just Four Minutes
by Donna Buenaventura / November 30, 2004 5:06 AM PST

The lifespan of a poorly protected PC connected to the Internet is a mere four minutes, research released Tuesday claimed. After that, it's owned by a hacker.

In the two-week test, marketing-communications firm AvanteGarde deployed half a dozen systems in "********" style, using default security settings. It then analyzed the machines' performance by tallying the attacks, counting the number of compromises, and timing how long it took an attack to successfully hijack a computer once it was connected to the Internet.

The six machines were equipped with Microsoft Windows Small Business Server 2003, Microsoft Windows XP Service Pack 1 (SP1), Microsoft Windows XP SP1 with the free ZoneAlarm personal firewall, Microsoft Windows XP SP2, Macintosh OS X 10.3.5, and Linspire's distribution of Linux.

Not surprisingly, Windows XP SP1 sans third-party firewall had the poorest showing.

"In some instances, someone had taken complete control of the machine in as little as 30 seconds," said Marcus Colombano, a partner with AvanteGarde, and, along with former hacker Kevin Mitnick, a co-investigator in the experiment. "The average was just four minutes. Think about that. Plug in a new PC--and many are still sold with Windows XP SP1--to a DSL line, go get a cup of coffee, and come back to find your machine has been taken over." Windows XP SP1 with the for-free ZoneAlarm firewall, however, as well as Windows XP SP2, fared much better. Although both configurations were probed by attackers, neither was compromised during the two weeks.

Continue reading the article in http://www.techweb.com/wire/security/54201306

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!