BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Beware Of USB Flash drives

1.If you find a USB token in the wild, don’t plug it into your USB port as it could autoinstall software if your system is set to autoplay CDROMs.
2.Though many organizations’ standards call for disabling autoplay of CDROMs, you should check and set yours. To disable autoplay follow these instructions (for WinXP):
Open My Computer
Right click [...]

Read More About - Beware Of USB Flash drives »

Court Bans Sale of Microsoft Word

A federal appeals court has ordered Microsoft to stop selling Word. In addition, Microsoft is to pay the Canadian company i4i Inc. $290 million for patent infringement.
Michel Vulpe i4i said it is “an important step in protecting the property rights of small inventors.”

Read More About - Court Bans Sale of Microsoft Word »

Microsoft Found Guilty of Patent Infringement

A Texas U.S. district court ruled in favor of i4i Ltd in a patent dispute against Microsoft. i4i was awarded more than $290 million in damages. Microsoft was issued an injunction preventing them from selling versions of Word.
The patent being ruled on relates to the use of XML (extensible markup language) in the [...]

Read More About - Microsoft Found Guilty of Patent Infringement »

Update for Microsoft Outlook Phishing Scams

A massive phishing scam similar to the recent bank fraud scams is being sent in emails that look like the following:
From: “Microsoft Customer Support”
Subject: Update for Microsoft Outlook
Critical Update
Update for Microsoft Outlook / Outlook Express (KB910721)
Brief Description
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides [...]

Read More About - Update for Microsoft Outlook Phishing Scams »

Microsoft Security Bulletin

Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.

Read More About - Microsoft Security Bulletin »

Warning — Microsoft Powerpoint Alert

Microsoft Releases Advance Notification for May Security Bulletin
added May 7, 2009 at 02:58 pm
Microsoft has issued a Security Bulletin Advance Notification indicating that the May release cycle will contain one bulletin with a maximum severity rating of Critical. The notification states that the Critical bulletin is for Microsoft PowerPoint. The release is scheduled for Tuesday, [...]

Read More About - Warning — Microsoft Powerpoint Alert »

Microsoft Windows, Office and Internet Explorer

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Forefront Edge Security as part of the Microsoft Security Bulletin Summary for April 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges.
Microsoft Windows Malicious Software Removal Tool
Microsoft has released an [...]

Read More About - Microsoft Windows, Office and Internet Explorer »

Microsoft Security Advisory: Power Point

Microsoft has released security advisory 969136 to address reports of a vulnerability in Microsoft Office PowerPoint. By convincing a user to open a specially crafted Office file, a remote attacker may be able to gain access to the affected system with the same rights as the user running PowerPoint.
US-CERT encourages users and administrators to review [...]

Read More About - Microsoft Security Advisory: Power Point »

Tracking GhostNet: Investigating a Cyber Espionage Network

This report documents the GhostNet – a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.
The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to [...]

Read More About - Tracking GhostNet: Investigating a Cyber Espionage Network »

Conficker Worm Targets Microsoft Windows Systems

US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across the network if the host is not patched with MS08-067.
The presence of a Conficker infection may be detected if a user is unable to [...]

Read More About - Conficker Worm Targets Microsoft Windows Systems »

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector  in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]