security

Microsoft is releasing two emergency patches this morning outside of its usual Patch Tuesday rotation. The Redmond-based company has determined that fix addresses issues that require immediate attention. Microsoft usually releases a Patch Tuesday ... fix about once a month addressing security vulnerabilities marked "critical" or "important," the latter being regarded as slightly less concerning. However, it rarely releases a patch outside of the monthly rotation unless something is truly wrong. Emergency Fix Targets Visual Studio, IE At this point, the company hasn't fully disclosed the problem, ... (view more)

In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users. A sandbox in computing terms ... (also referred to as "sandboxing") provides a tightly-controlled set of resources for guest programs to run in, such as 'temporary' space on disk and memory. In such a scenario, network access and the ability to inspect the host system or read from input devices are disallowed or heavily restricted. In this sense, sandboxes are a specific example of ... (view more)

Microsoft has a reputation for rarely admitting or accepting defeat in any market. But the company is now waving the white flag of surrender after admitting that they can no longer keep up with hackers when discovering file format bugs in time to ... stop them from exploitation. That doesn't mean that Microsoft is prepared to let online deviants have their way with software vulnerabilities . Instead, the company has decided to take a " sandbox " approach to Office documents in the next version of the application suite. The Sandbox Technique The sandbox technique will be a new addition to Office ... (view more)

Adobe has vowed to fix a critical security hole in its Flash software within a week. But the Department of Homeland Security (DoHS) has taken the extremely unusual step of advising users to switch off the feature until the patch is available. The ... hole can be used for so-called 'drive by' attacks occurring when a user simply visits an infected website. However, the relevant code is also shared with Adobe's Acrobat software, meaning it can cause security problems through PDF documents which have Flash embedded in them for greater interactivity. That technique had already been criticized as a ... (view more)

When you can't get any states to participate in your flawed National ID scheme, what do you do? If you're the U.S. government, you change its name and try again. With the death of the REAL ID Act comes a replacement bill that poses many of the same ... threats, including what the Campaign for Liberty refers to as a federal grab for personal information. Now the act has been renamed and referred to as an enhanced or higher security driver's license. In reality, however, the only way to resolve the problem is to repeal it, not rename it. (Source: campaignforliberty.com ) After 9/11, the government ... (view more)

Google made quite the controversial statement recently after attempting to shed some light concerning their new Chrome operating system . Google has raised eyebrows after promising that their customers will no longer have to worry about viruses, ... malware and security updates. In a recent blog entry, Google announced that the company was prepared to "go back to the basics" and redesign the essential security foundations of the OS in such a way so that users would never again have to deal with viruses, malware and the need for constant updates. It didn't take long for a number of security ... (view more)

The company responsible for creating a database containing thousands of identities collected at U.S. airports has shut down. And so, the question remains: what happens to your personal information when a government-sponsored National ID scheme like ... 'Clear' suddenly shuts down? The fate of more than a quarter million people whose fingerprints, social security numbers, home addresses and other revealing personal information allegedly designed to help hasten traveler clearances at airports is hanging on that question, and even the government doesn't know the answer. (Source: yahoo.com ) Who ... (view more)

Although it's been quiet in recent weeks, the dreaded Conficker worm is far from done its reign of terror. In fact, never before has this virus caused so much havoc than when the news mediums stopped printing urgent warnings about its dangers. Now, ... as the reports of countless victims come pouring in, security officials are getting a clear sense of just how many computers are infected on a daily basis. According to one security expert, Conficker infiltrates as many as 50,000 new PCs every day. International Incident What makes matters worse is that the virus has no specific target area, as all ... (view more)

Cybercriminals are continuing to target major news stories and global events such as the recent release of Windows 7 release candidate (RC) and results of the FIFA World Cup. It has been reported that thousands of Windows 7 builds downloaded on ... Torrent and P2P sharing sites contain a malicious Trojan designed to target personal information and has the potential to cause system failure and identity theft. Phishing attacks have targeted the 2010 FIFA World Cup Tournament and evidence suggests that the attacks will continue to escalate, as demonstrated during the previous FIFA World Cup which ... (view more)

Web hosting services in China are allowing anyone to pay about $700 to send out an unlimited amount of spam worldwide. The service, also called "bulletproof hosting," is nothing new in the tech world. The actual intent of bulletproof hosting is to ... allow leniency in the kinds of material that users may upload. Unfortunately, spammers , gambling websites and porn pushers have constantly abused this system to the point where deviant behavior is almost expected. The Ministry of Public Security in China has been cracking down on online gambling sites and Internet pornographers for some time now, ... (view more)