Over 1 million tech questions and answers.

Zero Day IE7 flaw.

Q: Zero Day IE7 flaw.

Zero day IE7 security flaw:

http://threatpost.com/en_us/blogs/new-zero-day-flaw-discovered-ie7-112209

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Zero Day IE7 flaw.

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 36.4

Microsoft Corp., a worldwide leader in operating systems and Internet technologies, announced that it has found a major flaw in Windows XP operating system that is related to the JPEG image format.

An attacker could infiltrate the user's computer by tricking the user into opening a specially coded JPEG file. Microsoft has released a patch and a specialized tool that will scan for the aforementioned vulnerability. The software giant stated that this flaw does not affect users with Windows XP Service Pack 2.

The flaw affects Windows XP, Windows 2003 Server Edition, and later versions of Microsoft Office. Some users with older Microsoft operating systems may also be affected only if they are running specialized image editing software such as Digital Image Pro and Visio 2002.

Here is a link to a plethora of information on this flaw.
 

A:Another Flaw With MS?

Deke said:

The software giant stated that this flaw does not affect users with Windows XP Service Pack 2. Click to expand...

So the moral is - get SP2 !
 

Read other 1 answers
RELEVANCY SCORE 36.4

I found it in my startup through msconfig. I have no idea what it is.
Loads from the c:\docume~1\admini~1\applic~1\find01~1\dvd flaw.exe

A:Dvd Flaw.exe What Is It?

to BC easye35Googling on this name came up empty. The single flaw.exe was reckognized as malware. If you do CTRL ALT DEL do you see it running under processes?Please downloadProcessExplorer and see where it is refering to by selecting the process and post it here

Read other 4 answers
RELEVANCY SCORE 36.4

A German mathematician called Martin von Gagern found a bug in GnuTLS , an open-source library that implements TLS...http://www.malwarecity.com/blog/devil-in-t...etails-287.html

Read other answers
RELEVANCY SCORE 36

Here's another beauty - JavaVM is at it again
Flaw in Microsoft VM JDBC Classes Could Allow Code Execution (Q329077)
http://www.microsoft.com/technet/security/bulletin/MS02-052.asp

------
Just noticed it's been rolled into the security post at the top - mod should delete this one.
 

A:JavaVM flaw

That's ok, the additional heads-up can't hurt. They really should provide another download link for the patch other than the update site, as not everyone can get there; it's not on any of their other download sites yet that I can see.
 

Read other 1 answers
RELEVANCY SCORE 36

Microsoft is investigating a new flaw in the Windows operating system but didn't provide details on their Security Response Center Blog....we?re looking into new public proof of concept code around a possible vulnerability in Microsoft Windows. So far we?re not aware of any attacks attempting to use vulnerability or any customer impact, but we wanted to let everyone know we?re investigating.What we know at the moment is that the vulnerability can be attacked through Internet Explorer and requires user interaction on the page before the attack can occur...blogs.technet.com

A:Another Windows Flaw

Astronaut: Houston we have a problem...

Houston: What is it?

Astronaut: We can't tell you.

Houston: Why not?

Astronaut: Because it hasn't occured yet...

Houston: Then how do you know it will happen?

Astronaut: We saw some code laying around...

Houston: So.. we always have sloppy work

Astronaut: Correct, however, this is leading to an "unknown" problem...

laymans terms of what Microsoft is doing.

Read other 1 answers
RELEVANCY SCORE 36

See: http://www.eweek.com/article2/0,1895,1850357,00.asp
'Killbit' Workaround for Zero-Day IE Flaw Available <-- DO NOT USE!!!!!!!!!

Note: Use Microsoft pre-patch workaround instead!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

The utility sets the "killbit" for Msddds.dll (Microsoft DDS Library Shape Control), the COM object that can cause browser crashes—and remote code execution—via specially crafted Web pages.

Once the "killbit" is set to prevent the use of Msdds.dll as an ActiveX, all applications that use the COM object utility will break.

Microsoft has already issued an advisory confirming the severity of the flaw and providing pre-patch workaround to help block known attack vectors. See advisory here:
http://www.microsoft.com/technet/security/advisory/906267.mspx

-- Tom
 

Read other answers
RELEVANCY SCORE 36

MyNetscape

Sunday, Sept. 1, 2002
Security Flaw Found in Microsoft Web Browser
SAN FRANCISCO (Reuters) - Security researchers on Monday
said they have found serious flaws in Microsoft Corp.'s
Internet Explorer browser and in PGP, a widely used data
scrambling program, that could expose credit card and other
sensitive information of Internet users.
The Internet Explorer (IE) problem has been around for at
least five years and could allow an attacker to intercept
personal data when a user is making a purchase or providing
information for e-commerce purposes, said Mike Benham, an
independent security researcher based in San Francisco.
"If you ever typed in credit card information to an SSL
site there's a chance that somebody intercepted it," he added.
Internet Explorer fails to check the validity of digital
certificates used to prove the identity of Web sites, allowing
for an "undetected, man in the middle attack," he said.
Digital certificates are typically issued by trusted
certificate authorities, such as VeriSign Inc., and used by Web
sites in conjunction with the Secure Sockets Layer (SSL)
protocol for encryption and authentication.
Anyone with a valid digital certificate for any Web site
can generate a valid certificate for any other Web site,
according to Benham.
"I would consider this to be incredibly severe," he added.
Cryptography expert Bruce Schneier agreed.
"This is one of the worst cryptographic vulnerabilities
... Read more

Read other answers
RELEVANCY SCORE 36

Alright, let the rant begin:
 
A month back, Comcast backstabbed us and gave us <1 Mbps, when we were paying for 40+ Mbps. After three different routers and three different tech support guys came over, we "solved" the problem. Only not really.
It seems everywhere else the internet is fine. On this computer though (HP Pavilion p7-1534 PC, running Windows 8) it's anything but fine. The problem is that the connection randomly drops and says "Limited" in the Networks panel. I can reconnect immediately, but I play Wizard101 and once you lose connection for the slightest second, you have to restart the entire program (Which takes close to a minute). It has also been bothering other users of this computer.
 
Another odd thing is that, when I try to check the "Connect Automatically" box, and we lose connection again, the box NEVER stays checked. Even weirder, ALL of the other networks in my area have the "Connect Automatically" box checked. I think this may be part of the problem.
 
I am an avid hater of Windows 8 because nothing seems to work, including this. The internet was working fine until Comcast backstabbed us, but now I think it is just the computer.
 
Any ideas how to solve this? I am getting REALLY tired of it.
Thanks in advance for any help.
 
One more thing: We have no bandwidth problems, it just randomly dorps. My parents are considering buying a booster, would that solve the problem?

A:Internet Flaw

 
 
It seems everywhere else the internet is fine. On this computer though (HP Pavilion p7-1534 PC, running Windows 8) it's anything but fine. The problem is that the connection randomly drops and says "Limited" in the Networks panel. I can reconnect immediately, but I play Wizard101 and once you lose connection for the slightest second, you have to restart the entire program (Which takes close to a minute). It has also been bothering other users of this computer.
 
Any ideas how to solve this? I am getting REALLY tired of it.
Thanks in advance for any help.
 
One more thing: We have no bandwidth problems, it just randomly dorps. My parents are considering buying a booster, would that solve the problem?
 

Try replacing the network cable for that computer if that doesn't resolve the issue. Then next thing you can do is to try to do a system restore/ or update your Ethernet adapter drivers.

Read other 4 answers
RELEVANCY SCORE 36

I think I've found a major flaw in the audio systems for Windows 7. I'm not sure if it could just be my computer, but it's quite annoying, since I change audio ports a lot for recording.

What happens is if I change my Sound out -> Headphones/Speakers port to the other one like lets say from Headphone port (front) to the Speakers port (back) all my sounds will completely cut out, and Windows will begin to lag until I restart my computer. In iTunes, if I try to play a song at this point, iTunes will either lock up or refuse to play the song.

I am running Windows 7 Home Premium 64-bit.
My sound card is a Realtek HD Integrated Audio Chipset.

A:Major Flaw? (Win 7)

Do you have the latest drivers for your sound card?

Read other 5 answers
RELEVANCY SCORE 36

Found this today.

"New Windows zero-day flaw bypasses UAC"
http://www.informationweek.com/shar...ZW0ACXQE1GHPCKHWATMY32JVN?articleID=228400132
 

A:New Zero-Day Flaw Bypasses UAC

good read
 

Read other 1 answers
RELEVANCY SCORE 36

Lately ...
Many things I try to do, I get a popup notice that this contains a security flaw .. Do I want to continue ???

Is this because I've installed XP SP3 ??
 

A:Security Flaw

Read other 8 answers
RELEVANCY SCORE 35.6

Intel chip flaw--but what of it?.

...
"This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill!," writes Jamey Heary in a Network World blog. He is a consulting systems engineer for Cisco Systems.
Click to expand...

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

MS have reported an increase in attacks using this exploit and have reminded users about the 'Fix It' which is available to disable the protocol involved; http://www.networkworld.com/news/20...rs-work-around-to-windows.html?source=nww_rss

It is possible that there will be a patch for this on 13th July (for those with SP3!) but I've applied the Fix It today, rather than attempt the manual Registry amendment.
 

Read other answers
RELEVANCY SCORE 35.6

This might be worth keeping an eye open
http://news.bbc.co.uk/2/hi/technology/7784908.stm
 

A:Serious security flaw found in IE

The same article has already been noted in another section: "Web & Email"

But thanks anyway.
 

Read other 3 answers
RELEVANCY SCORE 35.6

About this flaw mentioned in the following articles:

New Web Attack Exploits Unpatched IE Flaw
Robert McMillan, IDG News Service
Dec 9, 2008 8:20 am
http://www.pcworld.com/article/155190/new_web_attack_exploits_unpatched_ie_flaw.html

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: December 10, 2008 | Updated: December 13, 2008
http://www.microsoft.com/technet/security/advisory/961051.mspx

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.Click to expand...

Question:
I am using IE7 and Windows Vista, does the security update KB958215 fix the above IE7 zero day flaw on Windows Vista?

Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB958215)
http://go.microsoft.com/fwlink/?LinkId=133437

Thanks.
 

A:Internet Explorer 7 zero-day flaw

Read other 13 answers
RELEVANCY SCORE 35.6

Not sure if this the best place for this but sure needs to be looked into!
 
http://community.spiceworks.com/topic/1343923-devastating-flaw-found-in-windows-authentication-system?utm_campaign=digest&utm_medium=email&utm_source=digest&utme=topic+featured

A:Devastating flaw in Windows

You left off the quote marks around "devastating", and the question mark at the end of the sentence. Then there's this comment on the article:
 
"There is nothing new in that blog post. All the author has done is gather information from other sources (linked at the bottom of his post) and put it together in a nice article. It's El Reg that's tossing around words like "devastating". In fact, dfirblog goes into great detail about how the attack works and - more to the point - how to detect it on your network. 

Changing KEBTGT's password is trivial using the provided script, which, incidentally, was published in February. Honestly: Should we be that surprised to find that a Bad Guy that's gained access to a network can do Bad Things? 
C'mon, kids. Read the articles before crying foul. We're supposed to be better than that."
 

 

Read other 5 answers
RELEVANCY SCORE 35.6

http://blogs.pcmag.com/securitywatch/2009/07/new_critical_zero-day_vulnerab.php
 

A:FireFox 3.5 Zero day security flaw

Nobody's perfect...
IE7 user
 

Read other 2 answers
RELEVANCY SCORE 35.6

Microsoft Admits Flaw in Windows Software
By TED BRIDIS
AP Technology Writer
WASHINGTON

Microsoft Corp. acknowledged a critical vulnerability Wednesday in nearly all versions of its flagship Windows operating system software, the first such design flaw to affect its latest Windows Server 2003 software.

Microsoft said the vulnerability could allow hackers to seize control of a victim's Windows computer over the Internet, stealing data, deleting files or eavesdropping on e-mails. The company urged customers to immediately apply a free software repairing patch available from Microsoft's Web site.

The disclosure was unusually embarrassing for Microsoft because it demonstrated the first such serious flaw in the company's powerful new computer server software, billed as its safest ever.

The software is aimed at large corporate customers and was the first product sold under a high-profile "Trustworthy Computing" initiative organized last year by Microsoft founder Bill Gates.

At the product's launch in late April, Microsoft Chief Executive Steve Ballmer declared the new version of Windows to be a "breakthrough in terms of what it means, in terms of its built-in security and reliability."

The flaw, discovered by researchers in western Poland, also affected Windows versions popular among home users.

"This is one of the worst Windows vulnerabilities ever," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso ... Read more

A:Widows Security Flaw

Go to Windows Update and get the fix.
 

Read other 2 answers
RELEVANCY SCORE 35.6

...Called XSS fragmentation, the vulnerability consists of multiple chunks, or fragments, of JavaScript malware that can slip by a filter or firewall because individually they don't constitute a security risk. But when they are combined after hitting the site, they can then be dangerous.XSS fragmentation is rare, but a potentially powerful vulnerability that could be used against community-based sites such as MySpace or Web-based mail systems...MySpace in particular is vulnerable because it takes user-supplied content and stores it without adequate filtering...darkreading.com

Read other answers
RELEVANCY SCORE 35.6

Secure USB Flaw Exposed.

USBs go under the microscope as vulnerability discovered in Sandisk secure USB leads to recall of other vendor's products

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

Foxit Fix for &#8220;Jailbreak&#8221; PDF Flaw.

According to an advisory Foxit issued last week, Foxit Reader version 4.1.1.0805 &#8220;fixes the crash issue caused by the new iPhone/iPad jailbreak program which can be exploited to inject arbitrary code into a system and execute it there.&#8221; If you use Foxit, you grab the update from within the application (&#8220;Help,&#8221; then &#8220;Check for Updates Now&#8221 or from this link.

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

Adobe Scrambling To Fix Another Serious PDF Flaw dated August 9, 2010.

This issue effects Adobe Reader client for Windows, Mac and UNIX based systems.
...
Adobe is rushing to develop a patch for a vulnerability in Acrobat Reader revealed at the Black Hat security conference. The update–expected the week of August 16–will be the third time this year that Adobe has been forced to fix flaws outside of its regularly scheduled quarterly update pattern.

-- Tom
 

A:Adobe Scrambling To Fix Another Serious PDF Flaw

You know, I just don't get these kinds of issues in software developed my major software vendors. I mean there are tools available to help detect programming issues at compile time and run-time memory issues. Insure++ is one example of this kind of tool.

When I read things like this:
A Secunia advisory related to the Adobe flaw explains &#8220;The vulnerability is caused due to an integer overflow error in CoolType.dll when parsing the &#8220;maxCompositePoints&#8221; field value in the &#8220;maxp&#8221; (Maximum Profile) table of a TrueType font. This can be exploited to corrupt memory via a PDF file containing a specially crafted TrueType font.&#8221;Click to expand...

things like doing bounds checking on data coming into the product from an external source are things that should be second nature, at this point. I mean it's not like the Adobe Reader hasn't had security related issues in the past.

Or maybe tools, like Insure++ and others, ARE being used and we're just hearing about code that hasn't been touched or looked at for a while suddenly being exploited.

When will it ever end!!!!!! LOL

Peace...
 

Read other 1 answers
RELEVANCY SCORE 35.6

Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web..."It's a very fundamental issue with how the entire addressing scheme of the Internet works," Securosis analyst Rich Mogul said in a media conference call."You'd have the Internet, but it wouldn't be the Internet you expect. (Hackers) would control everything."breitbart.com

Read other answers
RELEVANCY SCORE 35.6

9 March 2007A serious flaw was found in opensource encryption software GNU Privacy Guard (GPG).It allows a cybercriminal to launch a phishing attack. The flaw allows to insert text in trusted e-mail. Ivan Arce from Core Security, who discovered the vulnerability says attacker can insert malware or lead user to malicious website. Arce decided to inform of the flaw because it was patched two weeks ago.It affects email clients like Kmail, Evolution, Sylpheed, Mutt and GNUMail, so its users should install patches as soon as possible.Source:http://www.arcabit.com/infobase.html?show=...ion&id=1154

Read other answers
RELEVANCY SCORE 35.6

Read More Info About It Here

http://www.eweek.com/category2/0,1874,1252525,00.asp
 

Read other answers
RELEVANCY SCORE 35.6

Read more about it here http://www.eweek.com/category2/0,1874,1252525,00.asp
 

A:sticky:WMF Security Flaw

This is already a sticky thread on the forum:

http://forums.techguy.org/security/431419-m-wmf-patch.html
 

Read other 1 answers
RELEVANCY SCORE 35.6

Don't know if this belongs here or not.
IE Flaw 'extremely critical'

This one goes to 11
By Nick Farrell: Martes 29 Noviembre 2005, 08:32

AN UNPATCHED vulnerability on Internet Explorer is so bad that security expert Secunia has had to add a new category of danger to its rating system.
Instead of being just critical, Secunia says that the unpatched hole is now 'extremely critical' which means that Microsoft were extremely stupid to sit on it for six months.

To be fair to Vole, even Secunia just thought the flaw would only create a denial of service vulnerability when they discovered it in March. DoS vulnerabilities are pretty much ten a penny. However the flaw is caused when IE fails to correctly initialize the JavaScript "Window()" function, when used in conjunction with a event. This means that Internet Explorer encounters an exception when trying to call a dereferenced 32-bit address located in ECX.

However, now S. Pearson, of computerterrorism.com, has worked out that if a Javascript prompt box was of the right size and form to allow the insertion of custom shellcode a remote attacker can execute arbitrary code embedded into an otherwise normal looking Web page.

You can have a look at it in action at www. computerterrorism.com].

There is more on the turning of the screw, here. µ

http://www.theinquirer.net/?article=27992
For more, click here.
 

Read other answers
RELEVANCY SCORE 35.6

Latest update on Adobe Reader Flaw

Users are being advised to update their systems after the emergence of a new rash of attacks targeting a previously-patched flaw in Adobe Acrobat.
The attacks use specially-crafted PDF files to exploit a vulnerability in the Java component of Adobe Acrobat Reader to perform malware installations on targeted systems.
Users can protect against the attacks by updating Adobe Acrobat and Reader to the latest versions. Users running version 9 of either product are not vulnerable to the attack.
Full info Here ...
Attackers gun for Adobe flaw - vnunet.com

Read other answers
RELEVANCY SCORE 35.6

Came across this article while searching for something totally unrelated.

For password manager users, have a read.

Part of article:




it is revealed that this password manager is at risk of a nasty phishing vulnerability. The author, Sean Cassidy, has published details about what he has dubbed 'LostPass'.
"I have discovered a phishing attack against LastPass that allows an attacker to steal a LastPass user's email, password, and even two-factor auth code, giving full access to all passwords and documents stored in LastPass. I call this attack LostPass. The code is available via Github. LostPass works because LastPass displays messages in the browser that attackers can fake. Users can't tell the difference between a fake LostPass message and the real thing because there is no difference. It's pixel-for-pixel the same notification and login screen", says Sean Cassidy, CTO, Praesidio.

Cassidy further explains, "a few months ago, LastPass displayed a message on my browser that my session had expired and I needed to log in again. I hadn't used LastPass in a few hours, and hadn't done anything that would have caused me to be logged out. When I went to click the notification, I realized something: it was displaying this in the browser viewport. An attacker could have drawn this notification".Click to expand...

Full article:
LastPass has serious flaw called 'LostPass' -- your passwords and more are at ri... Read more

A:LastPass flaw article

Never been fond of LastPass, however such exploits are actually... rather expected, for web-based applications.
As I said, never being intrigued by LastPass, I have been using KeePass. It sure also must have its weaknesses, but the fact that it's offline is a plus and it adds to the overall security for storing passwords.

Anyway, if this is security flaw is as serious as the author suggests, then I'm pretty sure the LastPass developers are bound to prepare and push out patches to address it sooner or later, if they haven't done it already. They were pretty frantic about a "breach" in their servers in their past, even though it didn't result in the compromise of any users' credentials.
This case however, seems to be of much more critical nature, since, as described in the author, it is quite possible for the phishing attack to be carried out successfully.
 

Read other 15 answers
RELEVANCY SCORE 35.6

A critical flaw that can be easily dealt with. >f
---------------------------------------------------------------------------------------------

Firefox has a password flaw
The Internet browser Firefox 2 has a problem with its "password manager" that could allow a hacker to obtain usernames and passwords from Firefox users, Newsfactor.com reports.

The Mozilla Foundation, which maintains Firefox's code, has acknowledged the problem. It has an extensive discussion going on here about what it calls "bug #360 493."

According to Newsfactor, the same problem could affect Internet Explorer as well.

Newsfactor also reports that "neither Mozilla nor Microsoft has released a patch for the problem, but users can avoid (the) attacks simply by disabling their browsers' autosave features for usernames and passwords. In Firefox, the feature is found in the 'Options' window under the 'Tools' menu.

"Mozilla has indicated that it plans a fix in Firefox version 2.0.0.1 or 2.0.0.2."

http://blogs.usatoday.com/ondeadline/2006/11/firefox_has_a_p.html
 

A:Firefox password flaw

Read other 10 answers
RELEVANCY SCORE 35.6

Adobe patches flaw in graphics tools
CNET News.com

A security flaw in Adobe Systems' popular graphics design software could allow an unauthorized user to change certain program files, the software maker said Thursday. The problem affects Adobe Creative Suite 2, Adobe Photoshop CS2 and Adobe Illustrator CS2 and occurs when the applications are run in shared, multiuser installations, according to an Adobe security advisory.

"If exploited, this vulnerability could allow a hostile user to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user," Adobe said. The company rates the issue "important" and has updates http://www.adobe.com/support/techdocs/332644.html available to correct the security problem. It recommends that customers using CS2 products on shared systems, running either Microsoft Windows or Mac OS, apply these updates.
 

Read other answers
RELEVANCY SCORE 35.6

On my old XP laptop I was able to come back from "sleep/stand by" and had to re-enter my log in information. I set up my new laptop, an HP X16-1044nr 64 bit Vista to do the same. What I found was that if I left an internet website page open and it went into stand-by, hitting any key; the system doesn’t produce the security log in window. Thus leaving my system vulnerable for anyone to use should I forget and leave a page open. I now make sure I close every window but that’s disturbing. Thanks in advance.
 

Read other answers
RELEVANCY SCORE 35.6

This is a minor quirk I've lived with for years on my XO PC but it's become worse in Win 10.

My Ilyama Prolite E2403WS 24" monitor is set to its recommended resolution of 1920 x 1200, and naturally that's supposed to be located at (0,0). But in XP it was always at (-4,-4) and its size was 1928 x 1208. In Win 10 it's at (-8,-8) and size is 1936 x 1216.

Any thoughts on the undelying cause please? And - although I'm very doubtful after my research - a possible cure?

--
Terry, East Grinstead, UK

Read other answers
RELEVANCY SCORE 35.6

From the Business Insider:

Flaw in Micosoft's strategy.

Microsoft's strategy for Windows 10 hinges on what it calls "Universal Windows Apps",
or "it runs the same on every platform".

Issues:

1) developers have no real reason to build Universal Windows Apps.
2) legacy apps run just fine, so why reinvent just for mobile devices?
3) lack of win/10 adoption (so far)
4) lack of Windows Phone market share
5) existing successful mobile apps were never deployed on desktops, so migration is not an incitement.
6) the Universal App has restrictive APIs
7) the coup de gras; many successful applications are agnostic to the Windows PC.

See the original article for details here.
 

Read other answers
RELEVANCY SCORE 35.6

I'm using this mobo

http://www.giga-byte.com/MotherBoard/Products/Products_8S648FXP-RZ.htm#

It currently runs a Pentium 4 3.2Ghtz Prescott socket 478,
and 1 GB (2 X 512) PC 3200 OCZ brand memory.

It originally had a Geforce FX5700LE but I went online and bought a 7800GS AGP to upgrade it.

To my dissapointment, I cannot succesfully install the video card because the close proximity of the memory slots makes it impossible to seat the card in the AGP slot ( as you can see in the picture), and the large size of the 7800GS.

I'm so sad now, I have to get a new mobo

edit: The picture is actually false, the securing clips on my mobo extend to the middle portion of the AGP slot and that's the problem.
 

Read other answers
RELEVANCY SCORE 35.6

In an advisory released Wednesday July 10, Thor Larholm, a security researcher and partner at risk-assessment company PivX Solutions, warned that HTML objects embedded in Web pages and e-mails could carry code that allows an attacker to check out victims' cookie files, read their documents, and execute programs on their computer.

The bug, known as a cross-domain scripting flaw, was discovered on June 25, and information about it has been posted on several security lists since then. Larholm also informed Microsoft of the bug the day it was discovered.

To repair the current problem, Larholm recommended that users disable ActiveX in the security settings for Internet Explorer, or run IE and Outlook in "Restricted" mode, at least until Microsoft releases a patch.

Microsoft said a patch will be available soon.

http://news.com.com/2100-1001-942980.html?tag=fd_top

DS
 

Read other answers
RELEVANCY SCORE 35.6

A lot of members in here seem to be praising 360 IS and TS. But 360 suffers from a huge flaw. This flaw has been around for over 6 months and 360 seems to be refusing to address it. With every new version this huge problem is not corrected. I have about 6 emails with 360 support and they are aware of this issue. What is the issue you may ask? 360 products do not work in a standard user account. You can install and run 360 IS or TS in an Admin account perfectly fine. Log out and login in under a standard account and the account is unprotected. You can try all day long to force it to start and it will not work. So think again before recommending and praising 360. Never mind that TS comes with features that are completely and totally unnecessary to any security product. Avast is a far superior free security solution and Eset is a top notch paid product. No reason to start an argument either. I can copy and paste the emails from 360 support. Anyone can duplicate this flaw also.

Another thing. 360 China version and this new 360 TS version are completely different. AVC and AV Test.org are testing 360 China. Not 360 TS Free.
 

A:Huge Flaw (Qihoo 360 )

Interesting post, would be great if you could post those emails to and from support (obviously blanking any personal info). Obviously this is a pretty serious claim. If anybody on the forums can verify this, please give me a PM
 

Read other 54 answers
RELEVANCY SCORE 35.6

Serious security flaw found in IE [bbc]

As many as 10,000 websites have been compromised since last week to take advantage of the security flaw, said antivirus software maker Trend Micro. Click to expand...

I don't want to go on a rant here but the IE team at Microsoft has caused so many problems for so many people, from users to web developers.

Anybody who is currently a user of IE really should take a look at alternate browsers (Firefox, Opera, Safari).
 

A:Serious security flaw found in IE

Read other 16 answers
RELEVANCY SCORE 35.6

http://news.yahoo.com/s/pcworld/120756

A:Security Flaw in Firefox

ok. i havn't added any trusted sites to my list but am i still at risk? and how can this be patched?

Read other 19 answers
RELEVANCY SCORE 35.2

MS flaw highlights e-security laziness
By electricnews.net
Posted: 01/08/2003 at 13:35 GMT

In an unprecedented move, the US Department of Homeland Security has issued a second warning over a Windows flaw that leaves computers vulnerable to attack.

The newly formed US federal government department said in its warning that a critical flaw in certain versions of the Windows operating system, if left unpatched, could leave computers open to dangerous cyber-attacks, some of which have the potential to allow the attacker to take control of a vulnerable system.

The warning comes two weeks after Microsoft issued its own bulletin notifying computer users of the problem and about a week after the Department of Homeland Security issued its first warning urging people and companies to fix their systems.

Essentially, the bug can allow malicious attackers to seize control of users' machines to steal files, read e-mails and launch wide-scale attacks that could damage the Internet as a whole. Microsoft has issued patches on its Web site to let administrators repair systems, but analysts have said that there is still a large proportion of computers plugged in to the Net that remain susceptible to attack.

This is said to be partly because Microsoft issues patches so frequently that they are increasingly being ignored. Last year the software giant issued about 70 patches, and about 30 have been made available this year.

The United States government is said to be especially worr... Read more

A:MS flaw highlights e-security laziness

Perhaps micro$oft should concentrate on a better system this time rather than pumping one out every other year , but then again we'll keep on buyin them won't we ?
 

Read other 3 answers
RELEVANCY SCORE 35.2

A snippet from Network World Fussion

A vulnerability has been discovered in Symantec firewall products that would let a knowledgeable attacker hijack any connection to Symantec's software-based or appliance-based firewalls, thereby potentially gaining unauthorized access to internal corporate resources.
Check
 

A:flaw discovered in Symantec Firewall !!

Joe, you forgot the url in the named link...
 

Read other 2 answers
RELEVANCY SCORE 35.2

Matthew Broersma, Techworld.com
Mon May 9,11:00 AM ET

Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript. In addition, the Mozilla Foundation has now made the flaws effectively impossible to exploit by changes to the server-side download mechanism on the update.mozilla.org and addons.mozilla.org sites, according to security experts.

The flaws were confidentially reported to the Foundation on May 2, but by Saturday details had been leaked and were reported by several security organizations, including the French Security Incident Response Team (FrSIRT). Danish security firm Secunia marked the exploit as "extremely critical", its most serious rating, the first time it has given a Firefox flaw this rating.

Critical Flaw Found in Firefox
 

A:Critical Flaw Found in Firefox

Also reported here http://news.bbc.co.uk/2/hi/technology/4532127.stm

Regards - Oldie
 

Read other 3 answers
RELEVANCY SCORE 35.2

Just recieved THIS notification and thought you Netscape users might want to know.

Kilowatt
 

A:Netscape security flaw exposed

kilowatt1,

Thanks for the news. Glad I am ok with Netscape 4.x
 

Read other 1 answers
RELEVANCY SCORE 35.2

Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system.

A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript. In addition, the Mozilla Foundation has now made the flaws effectively impossible to exploit by changes to the server-side download mechanism on the update.mozilla.org and addons.mozilla.org sites, according to security experts.

The flaws were confidentially reported to the Foundation on May 2, but by Saturday details had been leaked and were reported by several security organizations, including the French Security Incident Response Team (FrSIRT). Danish security firm Secunia marked the exploit as "extremely critical", its most serious rating, the first time it has given a Firefox flaw this rating.

In recent months Firefox has gained significant market share from Microsoft's Internet Explorer, partly because it is considered less vulnerable to attacks. However, industry observers have long warned that the browser is more secure partly because of its relatively small user base. As Firefox's profile grows, attackers will increasingly target the browser.
Two Vulnerabilities Found

The exploit, discovered by Paul of Greyhats Security Group and Michael "mikx" Krax, makes use of two separate... Read more

Read other answers
RELEVANCY SCORE 35.2

Serious flaw found in three Symantec products
By Sam Varghese
March 16, 2004

Security vendor eEye has released basic details about a vulnerability in Symantec products that would permit the execution of a severe denial-of-service attack.

Another flaw discovered recently, in products sold by Internet Security Systems, could lead to the compromise of default installations of the affected software, eEye said.

The severity of both vulnerabilities has been rated high by eEye.

The company said the remotely-exploitable flaw in the Symantec products would let an anonymous attacker carry out the attack against systems running default installations of the affected software.

The products listed as affected were Norton Internet Security 2004, Norton Internet Security 2004 Professional and Norton Personal Firewall 2004.
Here
 

A:Serious flaw found in three Symantec products 3/16/04

Thats going to hurt the rep...
 

Read other 1 answers