Microsoft patches a 'critical' hole

,----[ Quote ]
| Microsoft gave the serious security fix its most urgent "critical" rating.
| Hackers could exploit a vulnerability using Internet Explorer 7, and possibly
| other programs, and take over a user's computer for a variety of nefarious
| purposes, such as stealing passwords or pumping out spam.

Zombie PCs are not going away until Windows is history (or rebuilt properly
from scratch). Lots of serious security issues recently...


Microsoft exec calls XP hack 'frightening'

,----[ Quote ]
| "You can download attack tools from the Internet, and even script kiddies can
| use this one," said Mick.
| Mick found the IP address of his own computer by using the XP Wireless
| Network Connection Status dialog box. He deduced the IP address of Andy's
| computer by typing different numerically adjacent addresses in that IP range
| into the attack tool, then scanning the addresses to see if they belonged to
| a vulnerable machine. * *
| Using a different attack tool, he produced a security report detailing the
| vulnerabilities found on the system. Mick decided to exploit one of them.
| Using the attack tool, Mick built a piece of malware in MS-DOS, giving it a
| payload that would exploit the flaw within a couple of minutes. *

Duh! Windows Encryption Hacked Via Random Number Generator

,----[ Quote ]
| GeneralMount Carmel, Haifa – A group of researchers headed by Dr. Benny
| Pinkas from the Department of Computer Science at the University of Haifa
| succeeded in finding a security vulnerability in Microsoft's "Windows 2000"
| operating system. The significance of the loophole: emails, passwords, credit
| card numbers, if they were typed into the computer, and actually all
| correspondence that emanated from a computer using "Windows 2000" is
| susceptible to tracking. "This is not a theoretical discovery. Anyone who
| exploits this security loophole can definitely access this information on
| other computers," remarked Dr. Pinkas. * * * *
| Editors Note: *I believe this "loophole" is part of the Patriot Act, it is
| designed for foreign governments. *Seriously, if you care about security,
| privacy, data, trojans, spyware, etc., one does not run Windows, you run
| Linux. *