Over 1 million tech questions and answers.

Apple to fix security hole in iPhone software

Q: Apple to fix security hole in iPhone software

Apple to fix security hole in iPhone software.

Apple is planning to release a fix for a security hole in the software that runs on its iPhone, iPad and iPod Touch devices.

Related article: Theoretical attacks exploit iOS browser flaw.

The new browser security flaw in iPhones, iPods, and iPads could be more dangerous than initially suspected.

-- Tom

Read other answers
Preferred Solution: Apple to fix security hole in iPhone software

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)


I already have a home security camera system. What I'am looking for is software I can put on my desk top that will notify me on my iphone when motion detection is activated. As well as allow me
to monitor the cameras from my iphone.

Read other answers

I am running Win7/Pro x64. My System Spec is in my Profile.

I do not have iTunes installed on my desktop. I do have an iPhone 5, a hand-me-down from my son.

Yesterday the phone needed to be charged. I attached it to a USB port. I was asked by the phone if I trusted my desktop. I said yes. I was told that there were no new images on the phone to import, a fact I already knew. I've encountered this dialog before. It seems to be part of the procrustean Apple way of computing.

What troubles me is that a process started about the time I plugged in the phone. At a rate of 5-10 files/sec the 'modified' date was changed on over 3,500 jpg files on my data drive. I've not analyzed the order in which they were processed but suspect that it was A-Z on the file names and also on folder names.

Could this behavior result from iTunes running its 'sync' process? If so, is there anything I can do to prevent it from happening again?

If we have no Apple OS experts on this forum, does anyone know of an 'Apple forum' that is as respected as sevenforums is in the Windows world?



Read other answers

I have recently upgraded to windows 8.1 on my hp pavilion x2 11. When I plug in my iphone it now wont connect. Both the phone and the computer make the pinging sound that it has connected and disconnected repeatedly but the computer never recognises the device. I have had it connected before and it will connect a new ipod nano which is in the house. I have used every cable in my house (and some borrowed from others) I have searched for drivers and and downloaded all the hp recommended ones and googled everything and just cannot seem to get any answers. Not being able to back up my phone and move my music around means a big part of what i use the computer for is no longer available Has anyone got any suggestions?

A:windows 8.1 and apple iphone 5

Even i have the same problem with my Iphone 4I m using HP Pavilion(Model:15-n038sx), but in my case the problem persists back from the time i had windows 8and it is still an issue even after upgrading to Win 8.1 I have tried a lot, to re-install drivers etc etc.but now i m pretty sure there is no problem in iTunes, nor in Windows 8 or Windows 8.1 I m saying this from inferences and I would like to quote them :1. I m unable to connect my iphone in my own HP machine even though it has Itunes installed, and i tried without itunes, also tried many versions of itunes.But when I connected my iphone to my friends Dell Laptop, it smoothly got connected! As it should... 2. I dont have any prob in connecting any other phone in my machine.  But its certainly NOT apple's iPhone fault. I even posted out my query on Apple forum:https://discussions.apple.com/thread/6345808  please please solve this issue.. 

Read other 2 answers

Hey first time here...I am not a "computer guy" and I managed to get myself in trouble--so I could really use some help.

While my iPhone was syncing, I was cleaning my inbox in Outlook...first item I deleted (to the "trash" folder, caused an error message to pop-up.

I have since tried the obvious...Restarted Outlook
Ran Registery Mechanic (found no errors)
Ran Ad-Aware SE Personal (found no errors)
Restarted my computer and then restarted Outlook
Re-synched my iPhone and then restarted Outlook

In each case Outlook opens and within 5 seconds I get the error message.

Any ideas would sure be appreicaited.

A:Apple iPhone & Outlook / XP

Hi EBossHoss

Can you list the error message please?

Try disconnecting the phone and then opening Outlook too, to see if you still experience this error.

Also don't run a registry cleaner meanwhile.

Read other 7 answers

If I click "MobileMe" in control panel I get 4 error messages in a row, saying procedure entry points cannot be located in the dynamic link library.

What does this mean?

I'm also having problems with opening my iphone in windows explorer. Even with itunes running.

I don't want to "sync" or backup. I just want to copy files from my phone to the hard drive then delete the files, using windows explorer. But I can't find any option do this unless it does it automatically, which it mostly doesn't do

Read other answers

And Toyota thought it was a bad year for them !!

Now it could be Apples turn.


A:Apple iPhone 4 to be recalled ?

Read other 6 answers

I have an issue with using my Apple Airport Express that is driving me nuts.

I use my Airport Express to wirelessly play music to my receiver. I don't use it to extend the network or any of those other uses.

For two years, everything worked fine between my Windows PC and my Apple Airport Express. My computer could play songs to my Airport Express wirelessly, and I could load the Remote app on my iPhone and control the songs that iTunes would play, on my computer. Four months ago, the computer stopped "seeing" the Airport Express, and my iPhone could no longer locate the iTunes library on the computer. All the meanwhile, my spare laptop (which I was just using for testing of this issue, as it's too old and slow for my music use) could operate just fine with the Airport and iPhone with Remote.

I picked up a new PC to replace the aging one, and figured it would also fix my music issues as well. Well, it only fixed it in a very temporary and frustrating way. Now, when the PC loads up, it sees the Airport Express and I can use Remote on my iPhone, and I can play music across the network with it all just like I should be able to. Then, anywhere from 15 minutes to several hours later, it all stops working. The Airport Express option on iTunes goes grayed out. The Airport Utility program can no longer find the Airport Express. My iPhone can no longer find my iTunes library with Remote. But, if I reset the computer, it all works perfectly again, until it random... Read more

A:Connection dropped between PC and Apple Airport Express (and iPhone to PC)

FYI I tried disabling Norton Smart Firewall and all the intrusion prevention, and also Windows Firewall. The problem still occurred. Any ideas??


Read other 1 answers

This alas, is a very well known and oft posted problem (www.whirlpool.com.au) and appears unresolvable!

Basically my Iphone - sitting on top of the router - will not consistantly connect AND maintain the connection.

If I keep at it over and over again it will eventually connect but then lose same in a matter of a few seconds.

As this NETGEAR modem also handles my wife's PC and a laptop without any problems, I have to believe it is in the iPhone settings that the problem exists!

OK, I have done the following:

1. Done a factory reset on the NETGEAR modem
2. Reset the iPhone to factory (Yuck!)
3. Reset over and over again the NETWORK SETTINGS on the iPhone
4. Set up "another" network with NETGEAR to see if the default one it finds is "faulty"
5. Pretty well done everything that has been suggested on the www.whirlpool forums where, as above, thias is a very common problem, all to no avail!

Everything points to a weak, poor or broken NETGEAER conection but the little connection ICON comes in loud and clear and when I do finally get a connection it works fine - for a few seconds!

The iPhone worked well on this exact system setup after purchase and it is only in the last few weeks that it has gone bad!

Wonder if I reset the phone back to original via iTunes if that would work?

Read other answers

I can't sync my iphone 5c with itunes as the apple drives are built for USB 2 and don't recognize USB 3 ports.  Any suggestions?

Read other answers

Hiya... i really hope you can help!

My iphone 3gs, getting old now, was running super slow and after numerous restarts and removal of apps and music still running slow, i decided to restore to factory settings.

All went well until going back to try and access the iTunes store to "reboot" the phone, now i can not access the iTunes store, or any HELP, or any ANY APPLE sites.

I was using my oldish toshiba laptop (vista business) and thought it may have been that, but upon connecting my phone to my brand new Acer desktop i was then unable to connect to apple from it either.

I have tried every firewall and anti virus connection to be lifted and also followed directions previously posted about LAN setting or proxy settings. All is as it should be....

I have reset internet explorer but nothing...


Another interesting fact is i am unable to uninstall iTunes from the comps. as when in add/remove install/uninstall programs it does not allow me to right click on it...
Does anyone have any other ideas???

Waiting with baited breath!! =-)

A:Iphone Restored now can't access any Apple Websites (itunes store)

What do you mean you can't access the iTunes store to reboot your phone? iTunes doesn't sell anything to reboot your phone.

Read other 3 answers

Google is my home page in both IE and Firefox, since Monday my home page gets redirected to apple.com. The redirect lasts maybe an hour at the most and google.com is once again reachable.

Today is Wednesday and the problem has now spread to 4 other computers on our network. We can use altavista or any other search engine without issue, only appears to be affecting google.com. This isn't a searching rediection whereas we don't even get to google to enter in a search, just gives the apple.com iphone advert page.

I've run Malwarebytes, SuperAntiSpyware, SpyBot, Spywareblaster, and ran scans with Norton. Malwarebytes found a few infections and I removed those, but the redirection still happens.

I'm also using a modified hosts file I found in these fourms.

I'm curious as to why this redirect only lasts for a little while then comes back, also I would like to know if my laptop is still infected. I have Hijackthis and the other programs downloaded and ready, just need someone to read my logs.

*DDS will not run on my Vista x64.

A:Google redirects to apple iphone page 64bit Vista


Please do the following:

Download OTSto your DesktopClose ALL OTHER PROGRAMS.
Double-click on OTS.exe to start the program.
Check the box that says Scan All Users
Check the box that says 64 bit
Under Additional Scans check the following:File - Lop Check
File - Purity Scan
Evnt - EvtViewer (last 10)

Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Please attach the log in your next post.

Read other 7 answers

I would like to change the icons of all my Apple devices mounted to my Windows 10PROx64 10586.14.

Anybody here on the forum, that can point me in the right direction - tried GooGle (images) already - for a nice set of icons? Thanks in advance.


A:Windows 10PROx64 10586.14 icons for Apple devices Mac / iPhone / iPad?

You might find sthg of use here:
Windows Icons - Windows 10 Forums

Read other 2 answers

When i run spybot, it says dso exploit..security hole in IE...what do i do to solve this problem??!

A:security hole in IE

Explanation here:

Read other 1 answers

Hello, All

I hope someone can use this so here gos

for more info & the patch go here
The patch removing the security hole in Internet Explorer (making the attck possible) can be downloaded from: http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp
Good Luck to All
I like to give thanks to jrb for posting this first

A:Security Hole in IE

Thanks AAPlus, we welcome your contributions here.

Read other 2 answers

for the most part, ive tried to fix problems when the arise on my computer, but recently, ive been bombarded with numerous, hard to remove spyware. now, i did get rid of a lot of it myself, and even overcame having Ad-Aware delete me userinit.exe. but not even Malwarebyts as been able to get rid of the elusive google-redirect.com or find how all this spyware just suddenly showed up. so im breaking down and asking for assistance.

i think that somewhere in the depths of this issue, it will also fix the classic "you dont have flash or java" problem that plagues YouTube, and the "Gmail loading freeze" problems. i tried some other program that screwed up my proxy settings, and while Firefox didnt seem to mind, my IE and MSN have yet to recover. someoen told me to try Combofix, but the internet says it has some seriously potential to ruin my system inadvertantly, so im not going to touch that without someone telling me how to use it.

here is the Hijackthis log. take note, no i do not have anti-virus installed, but ive been running this rig since 2001 (with upgrades in 2004, including the change to XP) without anti-virus, and with minimal, to no problems at all.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:46:12 PM, on 5/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\service... Read more

A:Security hole somewhere

Read other 7 answers

Windows 7 Can Be Hacked, No Fix - Tom's Hardware

Does anyone know if this security issue has been fixed? This is pretty major from a security standpoint. A lot of users will just accept the default user account created upon installation, which has admin rights, thus making them vulnerable. Granted this more concerns public computers and company security ... but still ... an issue.

A:Vbootkit security hole

Unless I'm mistaken, this issue was addressed in the June Security Bulletin found here;


and here;


Read other 2 answers

The graphical interfaces system of Windows 7 RC contains old codes from Windows 3.1 where security is not considered when developed. When Microsoft optimizes the graphical interfaces of Windows 7, the incompatibility with old codes leads the system to blue screen.
Attackers will be able to firstly invade the System server of certain object to launch the attack, or to make a potential opportunity for a second attack. Thus, the security hole is a greater threat for the firm and government customers who?re using Windows 7 RC.


A:Zero Day Security Hole In Windows 7?

well ... doesn't that just suck.
hopefully they fix it, or there are going to be a lot of P-O'd "testers"

Read other 1 answers

Microsoft Internet Explorer SSL security hole lingers.
Microsoft still does not acknowledge a weakness in its Internet Explorer browser that was pointed out seven weeks ago and enables attackers to hijack what are supposed to be secure Web sessions.

Link -
Microsoft Internet Explorer SSL security hole lingers | Security Central - InfoWorld

Read other answers

Our small office (4 computers) currently has a cable modem plugged into a router with a modest firewall. The computers are plugged into the standard ports, the modem into the WAN port.

We've moved offices to a location where we must use DSL. Fine. But our DSL company provided us with a firewall free integrated DSL Modem/hub. They instructed us to take one of the four standard ports on the DSL hub and plug it into one of the standard ports (not the WAN port) on our router with a crossover cable. Not being a security expert, this looks to me like a gaping security hole - sticking the DSL modem behind the firewall. Probably I'm misunderstanding how a firewall works.

If anyone feels like explaining why this is not opening a security hole in simple terms. I'd greatly appreciate it.



A:Is this a potential security hole?

Read other 8 answers

I dont know how can a hacker find a security hole in a system? For example:
When you connect to a system, how can you find the hole on it?
I dont tell about you can find one when you connect to that web site and you can read the source code.
I mean in the .... ( he he , i dont know what layer it is) command layer

A:How Can I Find A Security Hole?

Is anyone know about that? Please help me!

Read other 3 answers


I have recently installed Windows 7 on my PC, which is used by myself and the kids. I set myself up as administrator, and the kids account as standard user. Now I am used to Windows XP (never had anything to do with Vista), where the administrators files are private, but the administrator can see all files of all users. Win 7 doesn't seem to do this tho, but even more worryingly I found the weirdest security hole (or should I say my 12 year old daughter did).

If logged on as kids (standard user) they can go to the user accounts settings in control panel, and change my password for administrator (without entering any password). Then they just log in as me, and change their account to administrator... Strangely though, if I wish to change my own password, I have to enter my current password.

This cant be right can it??

Sorry for waffling, but this had got me completely miffed

A:Strange hole in security

Sounds more like a configuration error. Was UAC on? Did your user account have a password to begin with? Seems awfully strange, I'll look into it on some test machines.

Read other 8 answers

Yahoo! is urging users of its Yahoo! Messenger instant messaging software to update the program with a patch plugging a serious security hole that bad guys could use to break into PCs. Anyone who downloaded the program prior to Mar. 13, 2007 should download and install the latest version fixing the problem...blog.washingtonpost.com

Read other answers

Microsoft: Big Security Hole in All IE Versions

On Wednesday, Security Fix warned readers about a newly-discovered security hole in Internet Explorer 7. I'm posting this again because Microsoft now says the flaw affects all supported versions of IE, and because security experts are warning that a large number of sites are being compromised in an effort to exploit this vulnerability and install malware on vulnerable systems.
The SANS Internet Storm Center reports that hackers are breaking into legitimate Web sites and uploading code that could install data-stealing software on the machine of a user who visits the site using Internet Explorer. SANS's chief technology officer Johannes Ullrich estimates that thousands of sites have been seeded with this exploit to date.
For example, Web security firm Websense reports that hackers have compromised the Chinese Web site for ABIT, the maker of motherboards that power many home computers. So far, the exploits appear to be only stealing online gaming credentials, but SANS and others warn that attackers will likely use this exploit more deftly in the coming days and weeks.
According to Microsoft's revised security advisory, this flaw is present in every version of IE in use today, from IE5 all the way through to IE8 Beta 2.
Microsoft's advisory includes a host of recommendations for mitigating the threat from this vulnerability. Some of the company's suggestions did not work when I tried them on my Windows Vista syste... Read more

A:Big Security Hole in All IE Versions

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: December 10, 2008 | Updated: December 11, 2008

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.

This update to the advisory contains information about which versions of Internet Explorer are vulnerable as well as new workarounds and a recommendation on the most effective workarounds.

The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.

At this time, we are aware only o... Read more

Read other 2 answers

The Malware is not on the System --- It IS the SystemMy computer was infected by a device driver I will call HarlanHugo Hack since nobody has ever heard of it. On 2011-10-25, approx 05:49 Central America Time, a malicious device driver installed on my computer (newly purchased) when I plugged my LAN cable into my router (NETGEAR Wireless-G WGR614) to set up it's configuration. At the time, the router was physically disconnected from the DSL modem (TENDA D840R)., which was powered down.The computer is in Spanish and the hacked files are in English.The WindowsUpdate.log in the Windows folder captures the sequence of events:1. Identifies whether Windows Update access is disabled and enables it, then it installs it's own Windows Update package.2. Identifies the operating system, computer brand/model, and BIOS.3. Enables remote services, auto play, and firewall rules.4. Reboots with replaced Windows system files.5. Sends it's report home (after I connected to the internet the next day.)6. Continues downloading it's "Windows Updates" until the entire operating system and Acer OEM programs are replaced.7. Downloads and installs replacement BIOS.8. Changes IP freely, secretly enables WiFi so it looks like it's off.9. Installs malicious driver code to every device connected by USB and network.10. Remote Desktop stays enabled and once all the Windows files are replaced, they are in complete control.Troubleshooting:I Used every brand of AV softwa... Read more

A:Microsoft Security Hole

Hello,And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.Please download and run Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.Malwarebytes Anti-MalwareNOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts a... Read more

Read other 42 answers

WPA2 security hole discovered.

Security experts at AirTight Networks have discovered a hole in the WPA2 Wi-Fi security protocol. The security hole was named as Hole 196 after the number of the relevant page in the IEEE 802.11 (2007) standard document. At the bottom of page 196, the IEEE standard introduces the keys used by WPA2: the PTK (Pairwise Transient Key), which is unique for every Wi-Fi client and used for unicast traffic, and the GTK (Group Temporal Key) used for broadcasts. While data forgeries and spoofed mac addresses can be detected with the PTK, the GTK does not offer this functionality.

-- Tom

A:WPA2 security hole discovered

WPA/WPA2 encryption: A possible workaround.

It seems using WPA or WPA2 is not as secure as we would like to believe. It’s not the end of the world, but important enough to learn what’s going on.

-- Tom

Read other 1 answers

Don't panic Folks, the patch is up and ready for installation. Just installed it and followed the instructions to see if the patch "took". It did. Found this info on www.cnet.com>tech news>security tab. "This security hole theoretically allows attackers to crash computers or launch unauthorized programs.." Follow the links back to Mozilla.org. It's for Mozilla and Mozilla Firefox browsers. Tiny patch having to do with "shell". Their instructions are clear. The process takes a minute or two. Have to restart browser but not reboot computer.

A:Security hole found in Mozilla.

Read other 16 answers

Windows millennium Security Hole
Mami Wad´
Email: [email protected] / [email protected]
People download software and shareware they don?t know the code behind and the risk they take
(Viruses, Trojans, worms etc.) by downloading such softwares. This electronic document is to show
that we can exploit DOS command (shutdown ?h )in Window OS (2000/XP/7/8/10) to obtain a
DOS ( Denial of service) Well a denial of all the services as your windows pc is intact but you can?t
make use of it anymore.
Virus, Windows OS, DOS command, DOS (denial of service), system security

1. Introduction
At the first time I was writing a VB app to save electricity energy windows pc's consumption as people leave
their pc running and they can run shutdown -h to save electricity.
I don?t want to be considered as a hacker but my goal is to make people aware about shareware and software
they install and they don't know the risk they take.
The code I wrote below shows that we can exploit the command shutdown -h in a manner that people can't
access their windows pc anymore the purpose is to show that an urgent world wide security patch for
windows2000/XP/7/8/10 is compulsory.
2. The DOS command
2.1. Shutdown
First, I want you as a windows user (2000/XP/7/8/10) to launch a command DOS which is shutdown ?h and
notice what happens.
Now try to restart your pc once again all your work is recovered!! Think if you leave your pc for a moment but
before lea... Read more

Read other answers

According to recent news releases of late. Microsoft has (apparently) shifted it's focus to training it's programmers about security proofing their code.

Microsoft has also released a Microsoft product security analyzer which will check your system for holes and report to you potential security threats/holes etc.

The tool can be used over a network and can scan multiple computers. It's actually quite useful and provides fairly good info on how to fix any problems.

Download the tool here and give'er a whirl:

Microsoft Windoze Security Analyzer

Hope it helps.


A:Microsoft Security Hole Analyzer Available

Read other 7 answers

Mozilla fixes security hole with Firefox 3.6.3.

Download for Firefox 3.6.3.

-- Tom

A:Mozilla fixes security hole with Firefox 3.6.3

Read other 8 answers

NEW YORK (MarketWatch) -- Yahoo Inc. (YHOO) said it fixed a security hole that allowed an email virus to spread among users of its Web-based Yahoo Mail service Monday, ending the virus' ability to spread.Click to expand...


Read other answers

I've already submitted this to MS, but haven't gotten a reply back from them (I asked for a reply, as I know they usually don't...)

I am running the "Slickr" screensaver on my machine (displays photos from a Flickr account), and was watching it one day, as it was working fine under XP (and works fine on another machine under XP and Vista), but on this machine, once I upgraded to Vista, the screensaver would show white screens that fade in and out, where pictures should be.

When I tapped ENTER, SPACE, and the BACK key on my keyboard (can't remember what order I tapped them in), and moved the mouse around, it came up to my browser (Firefox) and took me to the slickr homepage.

I have my screen saver to go back to the welcome screen when exiting the screensaver. I closed the browser, and then it took me back to the welcome screen and asked for my password.

My point is, Vista should have asked for my password BEFORE bringing up the browser window. If someone else had done this on my computer, terrible things could have happened (as I have admin rights on my computer, and my kids don't - for a reason!)

A:Huge Vista security hole found!

Although it is a security hole, it's really not that much of a threat - someone still needs to have physical access to the computer, so it's not like they can just hack in from next door.

A Vista critical update was (so soon, and they said it was going to be secure from the start! ) just released. It's possible that this was discovered before and fixed in the latest update.

Read other 1 answers

Potentialy due to all problems with connecting XP to win7 people
are already glad to be able to connect to WIN7, but there seems to be
a huge scurity hole in the process:


As I examin shares on win7 (controll panel shares)
ACL's require a full grant on Everyone// it's unclear what read and change and full mean...
As previous inter connections connections are made effects are less clear restriction seem to be less strickt
what makes the shares ACL tricky to handle and test for security problems!!!!!

The ACL Everyone: FULL seems to be required for all shares to work ???!!!!


but everyone is rather LARGE:

"The Everyone group encompasses":
well everyone. That is, it includes all the built it users and groups that
come with Windows XP/win7 as well as any administrator defined users and groups.
It also includes the service and system accounts that are created and any anonymous
accounts that connect to the computer without providing any login credentials.
Lastly, it includes the Guest account.

As an acl GROUP grant is placed on the share ( a group of users(NOT individual users,but this is unmanagable)) the statement seems to be ignored !!


Relying on the file security restriction is a different matter.
The SHARED security is the first security prote... Read more

A:Win7 shares possible huge security hole


add user to share full rights / files full rights
add user to an acl group

test access and read write permisson on second machine

replace share user access by the group acl same full rights
nothing works anymore !!!!
please I can not be the onlyone with the same problem on multiple machines !!!!

we can generalize what we want, and declare "it works just fine"

as functions as groups ={user 1,user2,user3, userN} (suppose only 10 users)
connecting to a share

share1: allow user1:full
share1: allow user2:full
share1: allow user3:full
share1: allow user4:full
share1: allow usern:full

for 10 shares, this becomes 100 operations 100 test 100 verifications 100 times more management (forgetting about all possible interactions with other shares and files) then
share1: group:full

this last sentence does not work independently if its home work or .....
... Read more

Read other 1 answers

Internet Explorer Could Have a Huge Security HoleUsers of several Internet Explorer versions are being urged on Monday to switch to other browsers such as Chrome or Firefox amid news of a major security hole.According to Rapid7 security forum, a new zero-day exploit for Internet Explorer 7, 8, and 9 has hit computers running Windows XP, Vista and 7. Zero-day exploits involve software that takes advantage of a security hole within a site to carry out an attack.This means that computers actively using Internet Explorer can be compromised by visiting a malicious site and give cybercriminals ?the same privileges as the current user.?Full story here: http://mashable.com/2012/09/17/internet-explorer-security-hole/

A:Internet Explorer Could Have a Huge Security Hole


this has been confirmed by MS: http://www.bleepingcomputer.com/forums/topic468924.html/page__view__getnewpost

regards myrti

Read other 5 answers

Reference Slashdot.org article: The Internet's Biggest Security Hole Revealed.

At DEFCON, Tony Kapela and Alex Pilosov demonstrated a drastic weakness in the Internet's infrastructure that had long been rumored, but wasn't believed practical. They showed how to hijack BGP (the border gateway protocol) in order to eavesdrop on Net traffic in a way that wouldn't be simple to detect.
"'It's at least as big an issue as the DNS issue, if not bigger,' said Peiter 'Mudge' Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. 'I went around screaming my head about this about ten or twelve years ago... We described this to intelligence agencies and to the National Security Council, in detail.' The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network."

Here's the PDF of Kapela and Pilosov's presentation. (393.2 KB)
Click to expand...

-- Tom

A:The Internet's Biggest Security Hole Revealed

Read other 8 answers

Hi Folks, read about it here.

A:Wi-Fi Protected Setup security hole discovered.

Its been posted here

Major Flaw in Wi-Fi Protected Access Discovered

Read other 2 answers

Hi, FlashGet users, take note:

FlashGet's Security Hole Delivers a Trojan

Read other answers

Everyone with FireFox 3.5 urged to update to Version 3.5.1 as soon as Possible.http://news.cnet.com/8301-1009_3-10289205-83.html

A:Mozilla closes Security hole with FireFox 3.5.1

Thanks for the information DSTM. I just updated. Good to know the B/C Cops are always on the look out for the rest of us.

Read other 3 answers

Okay this security hole is fixed now but its still security news ;)

The exploit worked like this : if you are logged into Gmail in your browser and visit a specially designed web site, then the malicious site can steal your Gmail email address and can send you an email with genuine Google headers (as if sent by Google, no spoofing).


A:Google fixed serious security hole and very fast

god, terrible... how long did it take before it was patched?

Read other 2 answers

Microsoft warns of serious computer security hole.

Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet. The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software. It can allow hackers to remotely take control of victims' machines.

-- Tom

A:Microsoft warns of serious computer security hole

Read other 16 answers

I have just installed Sylpheed email client.....I have it setup to monitor my gmail accounts...2 of them
I have noticed an additional mailbox  ??.....I am actually not sure if that is what it is......the screenshot below shows "Mailbox (MH).....then a list,...Inbox,sent,drafts,queue,trash and junk....all are empty.
The 'tree' then goes on the show my email address, followed by Inbox and the rest of my folders etc
The "Mailbox (MH) perturbs me.
Any clues ?


A:Sylpheed...Email client....security hole ?

Sylpheed uses something called MH format for its storage and apparently sets up what you're seeing automatically.
See these search results:  https://duckduckgo.com/?q=Sylpheed+MH+mailbox&t=hf&atb=v33-7__&ia=web where this is mentioned repeatedly.

Read other 4 answers

My friend hooked up a brand-new computer (XP Home) a few days ago and got all the Critical Updates available. Today he downloaded Spybot with updates. He'd used Spybot a lot on his old computer using 98 SE and IE 6 and expected no surprises. But he got about 5 red entries for:

DSO Exploit
HKEY USERS\Software\Microsoft Windows\Current Version\Internet Settings\Zones\0\1...

The additional info says:
Company: Microsoft
Product : Internet Explorer
Threat: Security hole
(Then some stuff about how IE has a security hole that allows malicious code to be executed.)

He'd gotten all the Critical Updates first thing but to be on the safe side he went back to the MS Update site, but no Critical Updates came up. We both kind of remember installing some patch on our IE 6's in the past that had to do with malicious code execution, it kind of rings a bell. I'm not sure if it was a Critical Update or a patch we had to seek out. But MS has so many...

Anyway, Spybot said this site would give further info on the threat, but it's WAY too technical for me:
Hoping you can help us!

A:Spybot finds DSO Exploit caused by IE security hole

Read other 7 answers

Dell admits installing security hole on laptops, apologizes, offers fix | Network World

Dell acknowledges a root certificate it installed on its laptops was a bad idea and is pushing a patch to permanently remove it.

In a blog post company spokesperson Laura Thomas says eDellRoot was installed as a support tool to make it faster and easier for customers to service the devices. But some of those customers discovered the certificate and recognized it as a serious security threat.

?We have posted instructions to permanently remove the certificate from your system here,? Thomas writes. We will also push a software update starting on November 24 that will check for the certificate, and if detected remove it. Commercial customers who reimaged their systems without Dell Foundation Services are not affected by this issue. Additionally, the certificate will be removed from all Dell systems moving forward.?

For those who don?t want to use the pushed patch, instructions for removing eDellRoot manually is a 17-step process that takes up 11 Word document pages, including screenshots. The patch - Click Here ? can also be downloaded.

Dell acknowledges security hole in new laptops http://www.reuters.com/article/2015/...0TC2L120151123

A:Dell admits installing security hole on laptops, apologizes,offers fix

How to remove Dell's 'Superfish 2.0' root certificate - permanently | ZDNet

Read other 7 answers

I just downloaded the Apple Software Update for Bonjour for Windows version 1.0.6

when the update checks for new updates again it give the same on i jsut downloaded. why is this?

Read other answers

I run Windows XP, SP 2, on a dell machine. Some of my software uses Apple's "Quick Time" utility. When I run Apple Software Update, the program triggers the following alert: 'The instruction at "0x02665ee2" referenced memory at "0x026e0a84". The Memory Could not be "read".' Does anyone know what's going on, and can anyone suggest a way to get around it? If you can, I'd be grateful, and you'll be doing more than either Aplle tech support or Microsoft tech support did. Thanks

Read other answers

I'm running Windows XP (service pack 2) on a Dell PC. I'm trying to update my version of Quick Time using Apple Software Update. Unfortunately, it won't run; it has some sort of address violation. Whe I hit the "Debug" key, I get an "error 216" at some address. How do I get A.S.U. to run. I've already downloaded Quick Time twice, so I think I have the latest version. What else can anyone suggest that I can try?

Read other answers