Hash: SHA1

A discouraging news for Korean open web movement

,----[ Quote ]
| Open Web, a Korean web forum led by professor Kichang Kim of Korea University
| is best known for its fight against rampant use of Active X in Korea, lost a
| lawsuit against the KFTC (Korea Financial Telecommunication and Clearings
| Comittee). Professor Kim accused that the Korean government's mandate on the
| use of Active X programs for the internet banking and other public web
| services should be lifted, as it is against fair trade and "overly favors
| technology from a single company (that is, Microsoft)".
| Professor Kim has also asserted that as many Korean netizens somehow grew to
| think that Active X is something they have to download anyway, many of them
| are exposed to security vulnerabilities. Also, as so many entities including
| virtually all financial institutes in the nation depend on Microsoft
| technology in Korea, whenever Microsoft announces an update, the whole nation
| has to upgrade its internet infrastructure, and this leads to various losses
| on a national scale - Kim asserted.
| But Professor Kim's year-long accusation fell short of convincing the court
| that the government mandate on the Active X is against fair trade and
| therefore is illegal.


So they demand people become zombies... along with their PCs.


The cost of monoculture

,----[ Quote ]
| Korea will only get beyond this problem by 1) applying Korean laws
| on open standards to the certificate authorities, 2) reassigning new
| certificates which work with open web standards to all Koreans, 3)
| reprogramming all Korean websites to support 128 bit SSL which will
| allow for a heterogeneous marketplace of operating systems and web
| browsers. This is a herculean task and thus Korea stays hostage to
| Redmond.
| Fascinating history. Unintended consequences and de-facto monopolies
| create costs too high to calculate and must be borne without question.


Is MS Overcharging Koreans for Vistas?

,----[ Quote ]
| Microsoft?s Windows Vista program is selling in South Korea at
| prices up to 70 percent higher than in the United States or
| Japan, with Microsoft blaming Korea's immature market
| for the price difference.


Consumers in No Hurry for Vista Upgrade

,----[ Quote ]
| In a survey of 4,144 members of Danawa.com, a price comparison site,
| only 14 percent of respondents said that they will immediately upgrade
| to the Vista platform when Microsoft releases it on January 30.


Korean government warns against Vista upgrade

,----[ Quote ]
| The Ministry of Information and Communication said that it wished it
| could tell a private company like Microsoft to postpone the release
| of Vista, but it can't. The best thing, an official said, was not to
| install Vista before you know what you're getting into.


South Korea, OSS License Guide Announced

,----[ Quote ]
| The Guide explains how to strategically manage and utilize open source SW as
| well as what the open source SW is and how to use it. Explanation for GPL, an
| open source SW, published in June, 2007, is included in the Guide as well. *


Korean software firm sues Microsoft

,----[ Quote ]
| According to Korean newspaper Chosun, the US software mammoth has been
| accused of causing a loss in sales revenue estimated at W30bn (US$1=W918)
| because the firm's Windows operating system comes pre-loaded with a media
| player and instant messaging. *
| Seoul Central District Court confirmed yesterday that Digito was suing
| Microsoft in the US and Korea, claiming that the software giant had violated
| the Fair Trade Act since 2000. *


Korean court rebuffs Microsoft in patents case

,----[ Quote ]
| Microsoft has taken another slap from the authorities in Korea, after
| a court decision in a patent dispure raised the prospect of Officeb
| eing taken off the shelves in the country.
| Microsoft said it was continuing to dispute the patent's validity.
`---- * * * * * * * * * * * * * * *


Microsoft probing ActiveX attacks targeting Access feature

,----[ Quote ]
| The vulnerability only affects the ActiveX control for the Snapshot Viewer
| for Microsoft Office Access 2000, 2002 and 2003.


Report: ActiveX, QuickTime are buggiest browser plug-ins

,----[ Quote ]
| Microsoft's technology, primarily used to create add-ins for Internet
| Explorer, accounted for 79 per cent of the 239 plug-in bugs discovered
| between July and December 2007, Symantec said. *


New Attack Kit Targets Bag of ActiveX Bugs

,----[ Quote ]
| Bugs in ActiveX, a Microsoft technology used most often to create add-ons for
| the company's Internet Explorer (IE) browser, have always been common, but so
| many serious flaws have been disclosed of late that some security experts
| have recommended users do without them. *


Be prepared: ActiveX attacks will persist

,----[ Quote ]
| A recent string of high-profile ActiveX vulnerabilities caused the U.S.
| Computer Emergency Readiness Team (US-CERT) to advise users to disable the
| ubiquitous Microsoft browser plug-in technology altogether. *


Will Microsoft Change How ActiveX Runs in IE 8?

,----[ Quote ]
| Some security experts, like Will Dormann, a vulnerability analyst at the
| Carnegie Mellon Software Engineering Institute CERT/CC, are calling for
| ActiveX to be disabled from running by default in IE 8. *
| Dormann is telling IE users that they should, from a security perspective,
| disable ActiveX controls from running by default. "It would be nice if this
| is something Microsoft did with the next version of the browser," he said. *


Rogue ActiveX controls menace users

,----[ Quote ]
| *Flaws in ActiveX controls are being increasingly used to run security
| *exploits.
| [...]
| An attack exploiting this vulnerability can lead to arbitrary code execution
| by a remote attacker," a blog posting by Symantec researcher Parveen
| Vashishtha warns. *


RealPlayer Attack Circulating

,----[ Quote ]
| The attack exploits a flaw in an ActiveX browser helper object, software that
| RealPlayer employs to help users who are experiencing technical difficulties,
| so the PC must be using the Internet Explorer browser to be affected by this
| particular attack, Symantec said. *


Yahoo! battered by second ActiveX vulnerability

,----[ Quote ]
| The vulnerabilities affect versions of Yahoo! Messenger 8.x prior to version
|, released late last week. Users are urged to upgrade.


Way Too ActiveX

,----[ Quote ]
| Today, over at Symantec's Security Response Weblog, Greg Ahmad
| reveals startling--and I do mean shocking--increases in ActiveX
| vulnerabilities. According to Symantec, ActiveX vulnerabilities
| stayed in the 12- to- 15-a-year range from 2002 to 2005. For
| 2006, the number of vulnerabilities "reached 50," with 42 in
| the second half of the year--coincidentally, the same time
| period Microsoft finished up and released Internet Explorer 7.


Acer puts Active X hole on laptops

,----[ Quote ]
| Laptop outfit Acer seems to have placed an Active X control on its
| computers that seems to allow webpages to execute any program.
| This huge hole in network security has been installed on board Acer
| lap-tops since 1998.


Adobe Confirms 'Critical' Reader, Acrobat Exploits With IE

,----[ Quote ]
| A critical security vulnerability in an ActiveX control used by
| Internet Explorer could allow malicious hackers to use Adobe's
| Reader and Acrobat software to launch PC hijack attacks,
| according to a warning from Adobe Systems.


Month of ActiveX bugs project begins with two Office flaws

,----[ Quote ]
| A hacker known as shinnai kicked off his "Month of ActiveX Bugs"
| (MoAxB) project with a bang by exposing a number of severe
| vulnerabilities affecting OCX controls in Microsoft Office.

Version: GnuPG v1.4.9 (GNU/Linux)