Security
Adobe PDF Reader is a target
It has often been noted here that Adobe PDF Reader/Acrobat has security problems. There has been one security hole after the other reported. Unfortunately, Adobe has often been slow to patch these holes after they have been publicly disclosed. Since Adobe Reader is on a large majority of PCs, this has presented malware writers with [...]
Unpatched security hole in IE6 and IE7
Microsoft has warned of another as yet unpatched security problem in Internet Explorer 6 and 7 (but not IE8).
Creating strong passwords
One of the first lines of defense against hackers is the use of strong passwords for Internet logins. However, as numerous posts have noted, many continue to use really weak combinations that are no barrier whatever to hackers. The temptation to use easily remembered passwords is understandable but perilous and there are schemes to help [...]
Too many patches
The present way of dealing with security on the Internet just doesn’t work. A major flaw is that the system is predicated on an assumption that the average PC user is savvy about how Windows and the Internet work and is conscientious about keeping his or her computer up to date. This is patently [...]
Federal government releases some details of cybersecurity
The Wall Street Journal reports:
The Obama administration lifted the veil Tuesday on a highly-secretive set of policies to defend the U.S. from cyber attacks.
It was an open secret that the National Security Agency was bolstering a Homeland Security program to detect and respond to cyber attacks on government systems, but a summary of that [...]
Microsoft proposes quarantine and tax to fight botnets
There’s been a big meeting on security going on in San Francisco. It’s the RSA Security Conference and Microsoft Vice-President Scott Charney gave a keynote address with some new proposals for increasing security on the Internet. CNET reports on a quarantine suggestion:
–In his keynote at the RSA security conference on Tuesday, Scott Charney, Microsoft’s corporate [...]
Windows MS10-015 security patch re-issued
The security patch that caused trouble in systems that had a rootkit has been updated. See the Microsoft Security Response Center post for details.
Beware fake Microsoft security software
Microsoft is warning about malware masquerading as anti-malware. It is called “Security Essentials 2010″, not to be confused with the real Microsoft Security Essentials. The Microsoft Malware Protection Center gives details.
Microsoft closes down botnet
I don’t agree with Microsoft’s action in closing down Cryptome (previous post) but I heartily approve of the company’s actions against spammers. The busy legal staff has managed to get a US court order closing a spam botnet. BBC News reports:
Microsoft has won court approval to shut down a global network of computers which [...]
Check out your CPU capabilities
Steve Gibson often comes up with free little utilities that do some useful task. With the trend to 64-bit computing, you might want to see if your CPU can handle 64-bits. Another CPU feature worth checking is to see if the security feature called hardware DEP is supported. Gibson provides a free program called SecurAble [...]
Excellent presentation on removing malware
I have been mentioning Mark Russinovich for years. Russinovich probably knows as much about how Windows works as anybody alive. Before he joined Microsoft, he was the co-founder of Sysinternals and developed many first-rate Windows system tools. These tools are still being improved under the Microsoft aegis and one very useful utility is Process Explorer. [...]
