security

Checkpoint has released an updated ZoneAlarm 7.1 that's designed to work with Windows Vista's architecture. This is the first true two-way firewall for the Windows Vista environment. Windows Vista includes the Windows Firewall, however, it blocks only inbound traffic, allowing all "except where excepted" outbound traffic. This may seem like a fine distinction, but it can be huge. If you acquire a remote-access Trojan on your Windows Vista machine, Microsoft may not flag the outbound traffic.

Checkpoint explained its delay in releasing this product in an e-mail. "Rather than rush to market with a … Read more

According to Trend Micro, a Trojan horse that downloads a certain YouTube video could compromise your computer. The video appears to be an episode of Afterworld, a Web TV series about a society where technology is dead. Security vendor Websense has also been tracking this Trojan horse and has traced the video to a .su domain, which was originally assigned to the former Soviet Union and still remains in use today.

The use of online media files to infect end users with malware is not new. A worm last October used a JavaScript flaw in Apple Quicktime to spread on … Read more

Firewall king Check Point Software Technologies is sort of looked at as the Digital Equipment of security. Once a powerhouse, Check Point is now considered an afterthought in most aspects of security, with the exception of its legacy Firewall/VPN installed base.

In spite of its stagnant business strategy however, Check Point deserves a lot of credit for its OpSec partnering and development project. When Check Point owned the firewall and network security a few years ago, it decided that the best way to protect itself from competitors was to build a development and integration community around its products. OpSec … Read more

Only hours after Microsoft released a patch for the Windows Schannel Security Package, the researcher who discovered the vulnerability, Thomas Lim of COSEINC, released a public exploit for it. According to Microsoft, the Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page or used an application that makes use of SSL/TLS.

In an e-mail to the Full Disclosure mailing list, Lim said that he discovered the vulnerability on August 28, 2006, and reported it … Read more

The Connecticut attorney general has launched an investigation into the compromise of up to 17,000 of Pfizer employees, including some 300 employees within his home state. Pfizer would not comment on when the breach occurred other than to say it involved a Pfizer employee who had taken the data home on a laptop, a machine that subsequently became compromised. The data, including the employees' name, home address, bonus information, and Social Security number, was surreptitiously uploaded and later appeared on an Internet site. Pfizer did not know how much of that information had been copied or used by others. … Read more

Microsoft has released its June 2007 security bulletin, which includes six updates: four are designated Critical by the software giant. Two of the patches affect Windows Vista, with one Critical patch specific to Internet Explorer. One of the Important patches affects Microsoft Office. To keep your Windows XP SP1 system secure, update to Windows XP SP2 today. All Microsoft security patches for Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS07-030: ImportantEntitled "Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)," this bulletin affects users of Microsoft Visio … Read more

Within hours of Apple's public release of the beta for Safari 3.0 for Windows, three security researchers independently found holes within the new browser. Researcher Aviv Raff highlighted in a blog post the company's product statement, that reads: "Apple's engineers designed Safari to be secure from day one." Raff found a vulnerability, a memory corruption error that could allow an attacker to insert malicious code on a Windows machine, within three minutes using publicly available fuzzing tools.

Security researcher David Maynor, posting on his Errata security blog, said he was also able to generate … Read more

On this week's Security Bites podcast, I asked Robert Hansen, aka RSnake, the security researcher who disclosed the man-in-the-middle attack on the Google Desktop last week, what readers can do to avoid becoming a victim.

Hansen said: "They could turn off the integration between Google Desktop and the Web. Or they could wait for a patch to come out, which I'm sure there will be. Or my favorite answer is to uninstall the Google Desktop entirely.

"I'm not exactly quick to tell people to stop using applications, but Google Desktop's had, like I said (… Read more

Yahoo has issued a critical security patch for Messenger to address zero-day exploits that take advantage of vulnerabilities in its Webcam ActiveX controls.

The exploits to instant messaging surfaced Wednesday, less than 24 hours after the vulnerabilities were first reported to Yahoo by eEye Digital Security.

People could find their systems at risk if they visit malicious Web sites or view other malicious HTML code. The attackers could then exploit security flaws in the Yahoo Webcam ActiveX control, a software package that is downloaded with Messenger.… Read more