Archive for December 2007
Its been several years since I’ve seen this, but I ran across it again while reading some of JD’s posts on his old blog.
I am posting this as a reference for myself. “How to ask a question the smart way” is a must read. Its not only good for asking questions on the internet, but for life in general. For all of the Microsoft die-hards, check out the KB article. It is a good summary. http://support.microsoft.com/kb/555375
http://www.us-cert.gov/current/index.html#microsoft_access_database_file_attachment
US-CERT is aware of a stack buffer overflow vulnerability in the way that Microsoft Access handles specially crafted database files. Opening a specially crafted Microsoft Access Database (e.g., .MDB) can cause arbitrary code execution without requiring any additional user interaction. Microsoft Access files are considered to be high-risk, so it may be possible to execute arbitrary code without using a vulnerability in Microsoft Access.
US-CERT is aware of active exploitation using malicious Microsoft Access databases.
To help protect against this type of attack, US-CERT recommends the following:
Do not open attachments from unsolicited email messages
Block high-risk file attachments at email gateways
Ok, so the title is an inside joke.
On Monday I began having some issues on my Vista Tablet.
I’m blaming Symantec Endpoint Protection 11. That was the last change to the system.
I noticed today that Liveupdate on my home computer wasn’t working. The definitions were at November 21, 2007. When I attempted to run liveupdate manually I received an error ” LU1825: LiveUpdate could not understand how to install this update. You may need to get the latest version of LiveUpdate before you can install this update.”
I’d previously been following threads about this problem over at Broadband Reports and at the Symantec Forums.
I followed the advice here to either reboot or restart the Symantec Antivirus service. I restarted the SAV service and immediately liveupdate worked. I’ve had this problem on SAVCE 10.1.6 and 10.0.1, but I’ve seen postings from users of Symantec AV consumer products as well.
http://www.fcw.com/online/news/151014-1.html?CMP=OTC-RSS
The Air Force is establishing a professional force of cyber operators and developing cyber career paths for officers, enlisted personnel and civilians. The new Air Force Cyber Command and the Air National Guard are among the focal points of the plan
I wonder what sort of boot camp these cyber warriors will go through.
Google has added AIM to Google Talk. For companies like mine, I’m not sure this is a good thing. We implemented IM security after one too many people got infected and the helpdesk was flooded with calls as their computer sent IMs to everyone in their buddy list. For other companies is a compliance issue rather than a security issue. They need to have IM logs.
Its pretty easy to protect the public IM clients using business solutions from Symantec, Akonix or Facetime. IM over HTTP is another matter. Google has always made it tough to block their GTalk over HTTP by integrating it with Google Mail. I haven’t yet heard of a way to block Google Talk without blocking Google Mail. Now they’ve added in AIM to the mix.
update
you can actually block google talk in gmail http://mail.google.com/support/bin/answer.py?hl=en&answer=34330 In DNS point chatenabled.mail.google.com to 127.0.0.1.
