Latest security headlines from the Internet.
(Updated 07/09/2008)

07/09/2008 - Microsoft Security Bulletin Summary for July 2008 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Vulnerabilities in DNS Could Allow Spoofing (953230)
Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) (Read full dispatch...)

06/24/2008 - FAQ: XP deathwatch, T minus 1 week June 23, 2008 (Computerworld) One week. That's how long before Microsoft Corp. pulls the plug, more or less, on Windows XP.

Next Monday, June 30, Microsoft will mark a milestone for the seven-year-old operating system when it stops providing licenses to larger computer makers and halts shipments of boxed copies to retailers. At that point, Windows XP, which received a five-month extension back in September 2007, looks like it will, after all, go quietly into the night. (Read full dispatch...)

05/09/2008 - Windows XP SP3 Sows Havoc, Users Complain Within hours of its release, Microsoft (NSDQ: MSFT)'s Service Pack 3 for Windows XP began drawing hundreds of complaints from users who claim the update is wreaking havoc on their PCs.

The problems with XP SP3, according to posters on Microsoft's Windows XP message board, range from spontaneous reboots to outright system crashes. (Read full dispatch...)

04/09/2008 - Microsoft patches critical top-to-bottom bugs in Windows April 8, 2008 Microsoft Corp. today posted eight security updates -- more than half marked "critical" -- that patch 10 bugs in Windows, Office and Internet Explorer.

Of the 10 vulnerabilities plugged today, Microsoft labeled seven as critical, the highest rating in its four-step threat-scoring system. Of the remainder, two were pegged as "important" and one as merely "moderate." (Read full dispatch...)

03/24/2008 - Thousands of Web sites under attack Filed under: Internet Security Organized criminal groups are hacking Web sites by the tens of thousands to steal money, identities, and passwords.

On March 12, McAfee's AVERT labs reported 10,000 Web pages using Active Server Pages (ASP) had been infected through SQL injection. A few days later, Microsoft employee Neil Carpenter detected 14,000 maliciously-modified Web pages. After the initial SQL injection, the automated attack injected a malicious Javascript or Iframe code to redirect visitors to criminal-controlled Web sites. The malicious Web sites then attempted to invisibly exploit end-users using multiple, previously patched vulnerabilities, or if no vulnerabilities were found, attempted to socially engineer the visitor into running additional software. (Read full dispatch...)

03/11/2008 - Microsoft patches a dozen bugs in Office March 11, 2008 (Computerworld) Microsoft Corp. issued four critical updates today that quashed 12 bugs in Office, the company's business suite, including a flaw in Excel that has been exploited by attackers for more than two months.

Tuesday's tally was a dramatic decrease from February, when Microsoft unveiled 11 security bulletins and plugged 17 holes. Of the dozen vulnerabilities disclosed today, however, 11 were ranked "critical," Microsoft's highest rating in its four-step threat-scoring system. That was more than double the number of critical bugs crushed last month. The twelfth vulnerability of today was pegged as "important," the second-highest rating. (Read full dispatch...)

03/05/2008 - Microsoft unveils IE8 Beta 1 March 5, 2008 (Computerworld) Microsoft Corp. today unveiled Internet Explorer 8 (IE8), and posted links to what the company called "Beta 1 for developers." Anyone, however, can download and install the preview.

"I am pleased to announce that Beta 1 for developers is available now," said Dean Hachamovitch, the IE group's general manager, in a presentation from Mix08, a Microsoft Web development conference that opened today in Las Vegas. (Read full dispatch...)

03/04/2008 - Microsoft to make IE8 standards compliant by default March 4, 2008 (Computerworld) In an about-face it credited to a renewed companywide emphasis on interoperability, Microsoft Corp. said Monday it will make its upcoming Internet Explorer 8 (IE8) browser default to a new, standards-compliant method of displaying Web pages, rather than the existing, more Microsoft-centric one. (Read full dispatch...)

03/04/2008 - Beware MonaRonaDona antivirus scam, researchers warn If your computer gets infected with a Trojan called the "MonaRonaDona virus," be careful with what you use to wipe it off your computer, says antimalware software provider Kaspersky Lab. MonaRonaDona is part of an elaborate scam to sell fake antivirus software, Kaspersky researchers say. (Read full dispatch...)

02/26/2008 - Tech Workplace Climate Unfavorable to Women By the Bureau of Labor Statistics' own count, women hold 27 percent, just over a quarter, of jobs in computer-related and mathematical occupations. As a result of IT's numerical dominance by men, it has long been viewed as unreceptive to women. Even among women working in technology, dissatisfaction and disenchantment is high.

By many accounts, an uninviting workplace is to blame. A 2007 report published by the trade association WITI (Women in Technology International) found that only 52 percent of female tech workers said their organizations offered a favorable climate for women. These women said they felt that their voices weren't being heard, and it was causing them to question whether the technology workplace was an environment they wished to stay in. (Read full dispatch...)

02/11/2008 - See what developers are saying about Adobe's ColdFusion 8 More than 300,000 developers at over 10,000 companies worldwide rely on ColdFusion® software to quickly build and deploy powerful web applications. And with more than 125,000 ColdFusion servers deployed, ColdFusion is one of the most widely adopted web technologies in the industry. (Read full dispatch...)

02/07/2008 - Microsoft slates 12 patches for next week February 7, 2008 (Computerworld) Microsoft Corp. announced today that it will release a dozen security updates next week, matching the patch record set a year ago. Seven of the 12 will be tagged with the company's highest threat ranking.

"There's not a Windows shop anywhere in the world that won't need to deploy at least one of these patches," said Andrew Storms, director of security operations at nCircle Network Security Inc. And most everyone will be taking all 12." (Read full dispatch...)

01/15/2008 - Why XP must be saved The clock is ticking: Microsoft will end OEM and shrink-wrapped sales of Windows XP on June 30, 2008, forcing users to shift to Vista. (System builders, meaning those who do white-box PCs, can sell XP through December 31.) Don't let that happen! (Read full dispatch...)

01/07/2008 - Mass hack infects tens of thousands of sites January 07, 2008 (Computerworld) -- Tens of thousands of Web sites have been compromised by an automated SQL injection attack, and although some have been cleaned, others continue to serve visitors a malicious script that tries to hijack their PCs using multiple exploits, security experts said this weekend. (Read full dispatch...)

12/20/2007 - 'Bricking' bug threatens most HP, Compaq laptops

Second bundled bug in nine days can leave laptops unbootable December 20, 2007 (Computerworld) -- The hacker who posted an exploit last week that threatened a large swath of Hewlett-Packard Co.'s laptop lineup followed up yesterday with new attack code that can "brick" nearly every HP laptop.

In a post to the milw0rm.com Web site Wednesday, a Polish security researcher who used the alias "porkythepig" spelled out a pair of vulnerabilities in an ActiveX control used by HP's Software Update, the patch management program bundled with virtually every HP- and Compaq-branded laptop. (Read full dispatch...)

12/18/2007 - Update: Bugs in IE, Gmail allow hackers to hijack public PCs, researchers say December 18, 2007 (Computerworld) -- Microsoft Corp.'s Internet Explorer (IE) browser has an unpatched vulnerability that could let hackers hijack, then access, Google Inc. Gmail accounts, a California security company warned yesterday.

Today, however, both Microsoft and Google rejected the claim by Santa Clara-based Cenzic Inc., and denied that there is anything wrong with their products. (Read full dispatch...)

12/18/2007 - The Top Security Threats for 2008 As political candidates increasingly turn to the Internet, it is important to understand the associated IT security risks, Symantec warns. These risks include the diversion of online campaign donations, dissemination of misinformation, fraud, phishing and invasions of privacy. (Read full dispatch...)

12/11/2007 - Microsoft ends year by patching 11 bugs December 11, 2007 (Computerworld) -- Microsoft Corp. today released seven security bulletins that patch 11 vulnerabilities in Windows, Internet Explorer, Windows Media Player and other parts of the operating system. Two of the bugs are currently being exploited by attackers, Microsoft confirmed.

Of the seven updates, three are rated critical -- the highest ranking Microsoft uses -- while the other four are labeled important, the next-lowest in the company's four-step scoring system. (Read full dispatch...)

12/11/2007 - Ruby on Rails 2.0 released Ruby on Rails 2.0, an upgrade to the Web application framework, was released on Friday, said the developer of the framework, David Heinemeier Hansson. Version 2.0 features an emphasis on REST (Representational State Transfer) Web services instead of SOAP Web services. Security enhancements also are featured. (Read full dispatch...)

11/26/2007 - DNS hacked again

New vulnerabilities are still being found in some of the Internet's oldest functions Amit Klein recently released details on DNS server cache poisoning attacks that affect both BIND (Berkeley Internet Name Domain) and Windows DNS servers. It goes to show that every time you think a problem with a well-known protocol or service has been solved, it may not be. (Read full dispatch...)

11/14/2007 - Microsoft Security Bulletin Summary for November 2007 This bulletin summary lists security bulletins released for November 2007.

With the release of the bulletins for November 2007, this bulletin summary replaces the bulletin advance notification originally issued November 8, 2007. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification. (Read full dispatch...)

11/13/2007 - Microsoft fixes WSUS malfunction in time for Patch Tuesday November 13, 2007 -- For the second time in less than three weeks, Microsoft Corp. has had to apologize for blunders made by the application that enterprise administrators rely on to deploy the software vendor's security patches and other updates.

Late yesterday, Bobbie Harder, a senior program manager with Microsoft's Windows Server Update Services (WSUS) group, confirmed the latest gaffe in a posting to a company blog. (Read full dispatch...)

10/04/2007 - The top 10 reasons Web sites get hacked Web security is at the top of customers’ minds after many well-publicized personal data breaches, but the people who actually build Web applications aren’t paying much attention to security, experts say.

“They’re totally ignoring it,” says IT consultant Joel Snyder. “When you go to your Web site design team, what you’re looking for is people who are creative and able to build these interesting Web sites… That’s No. 1, and No. 9 on the list would be that it’s a secure Web site.” (Read full dispatch...)

Security Glossary

Authentication Establishing the identity of a user for secure e-commerce transactions and virtual private networking.

Broadband A term used to describe any high-speed network that can carry multiple services on the same line, such as data, voice, and video. DSL and cable are broadband.

Content Filtering A content filter allows schools, businesses, and other organizations to set and enforce Acceptable Use Policies (AUPs) governing what materials can and cannot be accessed on the organization’s computers.

Digital Certificates Best method for establishing user identities for e-commerce and virtual private networking.

DoS Denial of Service. A hacker attack designed to disable a server or network by bombarding it with service requests, which prevents legitimate users from accessing the network resource.

DHCP Dynamic Host Configuration Protocol. A protocol that allows IP addressing information to be dynamically assigned by a server to clients on an as-needed basis. IP addresses for the network are stored in a pool of available IP addresses, which are allocated when a computer on the network boots up. The DHCP server functionality is incorporated into routers and works in conjunction with NAT (Network Address Translation).

DNS Domain Name System. The name resolution service for IP addresses that provides the friendlier text based addressing used for Internet resources, such as www.sonicwall.com

DSL Digital Subscriber Line. The generic term that refers to the underlying technology inherent in all flavors of DSL, such as ADSL, SDSL, or ISDL.

Firewall A security device that controls access from the Internet to a local network by using information associated with TCP/IP packets to make decisions about whether to allow or deny access.

ICSA International Computer Security Association. The worldwide leader in security assurance services. ICSA operates the security industry’s product testing and certification body, ICSA Labs.

IP Internet Protocol. The network protocol that forms the basis of the networking functions of the TCP/IP, which is the basis of the Internet.

IPSec Internet Protocol Security. A robust VPN standard that covers authentication and encryption of data traffic over the Internet.

LAN Local Area Network. A data network that connects computers in an area usually within the confines of an office or building. A LAN enables users to share information and network resources, such as a printer or a broadband connection.

NAT Network Address Translation. An Internet standard that allows your local area network to use private IP addresses, which are not recognized on the Internet. The IP address used for the router is the only routable IP address. Computers behind NAT can access the Internet through the router but Internet users can’t access the computers behind the router.

Packet A unit of information that is sent across a packet-switching network, such as the Internet. A data packet contains addressing information, error checking, and user information in addition to the application data.

Proxy Server Session-level firewall that examine the data within IP packets to verify their authenticity. A proxy server accepts or rejects data traffic based on the entire set of IP packets associated with an entire application session to the same IP address. This upper level examination, however, causes significant performance degradation on your Internet connection. Proxy servers require a server and client software on each computer on the LAN.

Packet Filtering Typically implemented on routers, packet filters examine the individual data packets passing across the router. Examining data passing to and from a network, packet filters use rules to block access according to information located in each packet: the IP port number for which data is intended, source or destination address, or data type. A packet filter firewall is complex to set up and maintain and is vulnerable to IP spoofing and other security threats.

Router A device that routes data between networks through IP addressing information contained in data packets. A router forwards packets to other routers until packets reach their destination.

Stateful Packet Inspection Stateful packet inspection firewalls are based on advanced packet-filtering technology that is transparent to users on the LAN, requires no client configuration, and secures the widest array of IP protocols. Stateful Packet Inspection is also well suited to protect networks against the growing threat of Denial of Service attacks. Many network security experts recommend Stateful Packet Inspection as the most trusted firewall technology.

Virus Malicious software programs that attach themselves to applications and files in memory or on disks are a leading security threat to Internet-connected networks. Destructive viral code can infect networked PCs through E-mail attachments, web content or infected files.

VPN Virtual Private Network A way that private data can safely pass over a public network, such as the Internet. The data traveling between two hosts is encrypted for privacy along with other security features.