Everybody loves lists. Magazines love lists, TV shows love lists, websites really like lists. But possibly no one loves lists more than security vendors.
When you break down a lot of the core elements of security products, it often comes down to big lists. Lists of known viruses and spyware, lists of vulnerabilities, lists of access controls, and lists of programs that we want to run and programs that we don't want to run.
This obsession with lists most recently came up in reports from one of the largest security vendors out there, namely Symantec. In interviews related to the most recent release of the Symantec Internet Security Threat report, Symantec executives have said that because of the growing security threats and the increased sophistication of the bad guys, it may be time to move from the classic black list approach to security and go to a white list approach.
Researcher posts unofficial patch for Windows URI bug
A researcher beat Microsoft to the patch punch Sunday by publishing an unofficial fix for a critical flaw in Windows XP and Server 2003 on PCs with Internet Explorer 7.