funsec mailing list archives

Previous By Date Next
Previous By Thread Next

today's assortment of internet press about the .ANI thing

From: Paul Vixie <paul () vix com>
Date: Thu, 05 Apr 2007 17:39:03 +0000
http://news.bbc.co.uk/2/hi/technology/6526851.stm
"Cursor hackers target WoW players"

        World of Warcraft players are being targeted by hackers exploiting
        flaws in how Windows handles animated cursors.  ...

http://www.computerworld.com.au/index.php/id;838771320;fp;16;fpid;0
"Hackers offer subscription, support for their malware"

        Like many just-launched e-commerce sites in the world, this unnamed
        Web site has a fairly functional, if somewhat rudimentary, home
        page. A list of options at top of the home page allows visitors to
        transact business in Russian or in English, offers an FAQ section,
        spells out the terms and conditions for software use and provides
        details on payment forms that are supported.  ...

http://blogs.technet.com/msrc/archive/2007/04/03/an-inside-look-into-building-and-releasing-ms07-017.aspx
"An inside look into building and releasing MS07-017"

        Hey Folks -- this is Mike Reavey.  We're all glad that MS07-017 -- the
        Security Bulletin that fixes the vulnerability in Animated Cursor
        Handling (CVE-2007-1215) -- has been released, helping to block
        attacks on that vulnerability.  While we released it within 5 days of
        being notified of attacks, we have received questions from customers
        about why it took us 3 months to develop and release the fix for this
        vulnerability.  I wanted to provide some insight into the history of
        this vulnerability, and while doing so, hopefully provide insight into
        the overall security update lifecycle, including testing, which
        consumes the greatest amount of time.   ...

http://www.betanews.com/article/Microsoft_Ignore_Third_Party_Vista_Service_Packs/1175715717
"Microsoft: Ignore Third Party Vista "Service Packs""

        For years, tech enthusiasts have been compiling hotfixes into
        unofficial service packs for Windows, offering brave users a quick way
        to update their operating systems before Microsoft finishes its
        own. But for Vista, Microsoft is warning users not to trust these
        third-party roll-ups.   ...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: