Search This Blog

Tuesday, November 27, 2007

Microsoft working to close Web-proxy vulnerability; Firefox adds security

Security Alert Network World logo
NetworkWorld.com | Security Research Center | Update Your Profile
Microsoft working to close 8-year-old Web proxy vulnerability

John Fontana By John Fontana
Windows flaw lets hackers redirect browsers and take over many computers with a single attack. Read full story

Senior Editor John Fontana covers Microsoft for Network World. Reach him at jfontana@nww.com.


SPONSORED BY TRIPWIRE
rule

CCM: Stay in control, stay compliant
Network changes never stop. Keep them under control - and your network compliant - with configuration change management. Discover the 10 key elements of a CCM solution, as well as how the technology improves compliance, security and efficiency across your network. Download this whitepaper now!

rule
RELATED NEWS:

Firefox adds security, search with 3.0 beta release, 11/21/07: Mozilla has released a beta version of Firefox 3.0, moving its next-generation browser one step closer to general release.

Q&A: MySpace hacker tells his story, 11/20/07: If Samy Kamkar plays his cards right, he may be allowed to visit MySpace again in just a few months. For the time being, however, he's not even allowed to touch a computer, following a January 2007 guilty plea for creating what many consider to be the ...

Apple 'fixes' causing problems, 11/26/07: Apple might be suffering from a little post-Thanksgiving indigestion as a new bug in QuickTime is cauing problems for Windows XP and Vista users. And an older ...

Find your Web app vulnerabilities... please, 11/26/07: The busy holiday shopping season is upon us. Every day, millions of people log in to Web applications to make purchases. As long as they see the " ...

UK kids warned MySpace isn't private - OMG!! 11/23/07: Young people are compromising their career prospects and opening the door to online fraud by posting personal information on social networking sites without thinking about the consequences, a U.K. privacy watchdog warned Friday.

Security concerns cloud virtualization deployments, 11/21/07: Server virtualization makes it possible to run multiple applications and operating systems on fewer hardware resources, and it enables IT to provision new resources quickly, based on demand. IT managers, however, worry that the intangible boundaries ...

A step in the right direction away from credit abuse, 11/20/07: I’m writing this just before Thanksgiving, and one of the many things I’m thankful for is that the major credit-reporting agencies finally understand they were a major part of the identity-theft problem.

Swatters tricked AT&T while making fake 911 calls, 11/20/07: A Cleveland, Ohio, man has pleaded guilty to participating in a scheme that involved using AT&T employee passwords and identities to place false 911 calls to emergency dispatch centers.

Standards suggested for writing secure Java, 11/20/07: A group of secure-programming experts plans a series of documents that outline the skills coders need to write Web applications that are better able to withstand attacks.

U.K. gov't department chief quits over fears of lost records, 11/20/07: Paul Gray, the chairman of Revenue and Customs, has resigned over "a substantial operational failure" in the department.

Free password generators, Part 1, 11/20/07: Some help desks suggest to their users that they try public password generators to create good passwords. I looked at a few generators, and here's what I ...

What early NAC adopters really want, 11/20/07: Recent interviews with some early adopters of NAC indicated they're not interested in the technology for the endpoint checking that brought NAC into ...

Hackers jack Monster.com, infect job hunters, 11/20/07: Monster.com took a portion of its Web site offline Monday as researchers reported that it had been compromised by an IFrame attack and was being used to infect visitors with a multi-exploit attack kit.

Location technology enhances wireless network security, 11/20/07: The acceptance of centralized wireless LAN architecture has significantly reduced costs and simplified the task of managing, securing and upgrading wireless systems, all of which have resulted in rapidly growing deployments.


BIG THREATS IN '08
Top 5 security threats in 2008Top 5 security-menace predictions for next year.

ALL-IN-ONE FIREWALL TEST
idemandJuniper, Check Point, Cisco lead way in test of 13 UTM devices.

SPONSORED BY TRIPWIRE
rule

CCM: Stay in control, stay compliant
Network changes never stop. Keep them under control - and your network compliant - with configuration change management. Discover the 10 key elements of a CCM solution, as well as how the technology improves compliance, security and efficiency across your network. Download this whitepaper now!

rule

Join Network World's Technology Opinion Panel
Here is your chance to help shape the future of IT. You know what products and enhancements are needed, you have the insight and foresight to be out front and provide direction to Network Word and the network industry. To join the panel, complete a brief registration survey
. The panel is strictly for technology professionals to share their vision.

Featured reader resource

90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds.

Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount)

 

11/27/07

TODAY'S MOST-READ STORIES:

  1. BSA, software giants target little guys
  2. 2007 Cool Yule Tools Gift Guide
  3. Teleworkers called back to cubicle life
  4. '07 Enterprise all-stars
  5. Testing all-in-one firewalls
  6. Security concerns cloud virtualization
  7. Hackers jack Monster.com
  8. Google building 10G Ethernet switches
  9. Cutting-edge spam research projects
  10. Verizon tests 100Gbps network

MOST-READ TEST:
Testing all-in-one firewalls


Executive Guide The Security Treadmill

This Executive Guide offers interviews with leading, real-world security experts who tell you how to get inside users' heads, fight for a bigger security budget, and whether VoIP security issues are overstated or underrated, and much more. Review this informative guide today.

Click Here for More Information



IT Buyers guide

IT Buyer's Guides
Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now.

 


To continue receiving NetworkWorld's Security Alert newsletter, please add @nwfnews.com to your white list.

COMPLIMENTARY SUBSCRIPTIONS AVAILABLE
As a NW newsletter subscriber you are eligible to receive 50 issues of Network World Magazine, in print or electronic format, free of charge.

Sign up for your subscription today: Apply here. International subscribers,click here.

 

SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

Terms of Service/Privacy

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772
Copyright Network World, Inc., 2007

 

 



No comments: