Product Guides- Microsoft research projects to improve our lives
- Outlook '09
- IBM employees buzzing about layoff rumors
- AT&T builds $23M IPv6 network for U.S. military
- Is VoIP dead?
Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.
After password glitch, another Firefox patch out
Mozilla developers have rushed out a new release of their Firefox browser to fix a bug that has been preventing some Web surfers
from using saved passwords this week. Firefox update 3.0.3 should be hitting browsers today, once of my systems was updated
this morning when I got into the office. IDG News Service, 09/26/2008.
**********
CA patches Service Desk
According to a CA advisory, "CA Service Desk contains multiple vulnerabilities that can allow a remote attacker to conduct
cross-site scripting attacks. The vulnerabilities are due to insecure handling of passed variables in multiple web forms.
An attacker, who can convince a user to click on a specially crafted link, can potentially conduct cross-site scripting attacks."
**********
Three new updates from Gentoo:
Git (buffer overflows, code execution)
**********
Two new patches from Mandriva:
Firefox (multiple flaws)
**********
Today's malware news:
Hackers resurrect notorious attack toolkit
Neosploit, the notorious hacker exploit kit that some thought had been retired months ago, has not only returned from the
dead, but is responsible for a dramatic increase in attacks, a security researcher claimed Thursday. Computerworld, 09/26/2008.
Security researchers warn of new 'clickjacking' browser bugs
Security researchers warned Friday that a new class of vulnerabilities dubbed "clickjacking" puts users of every major browser
at risk from attack. Computerworld, 09/28/2008.
Trojan can grab extra personal banking data
A Trojan horse program now available to a growing number of fraudsters can add data entry fields to legitimate online banking
sites and entice consumers to give up sensitive information such as bank card numbers and PINs (personal identification numbers).
IDG News Service, 09/26/2008.
Imageshack Security Issue Reported, Fixed
Earlier today, we noticed it was possible for malicious users to abuse Imageshack by obtaining the IP Address of anyone who
had uploaded an image to the site (considering they have 2+ million uploads a day, that's an awful lot of people to choose
from). Imageshack has fixed the issue. The SpywareGuide Greynets Blog, 09/26/2008.
Jason Meserve is multimedia editor at Network World.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2009 Network World, Inc. All rights reserved. |
Comment