F-Secure on Java

F-Secure generated a lot of traffic in the blogosphere with their post declaring Java harmful and better to not be installed on computers.   To me the only surprising part is the discussions this generated.   Isn’t this old news?   Principle of least privilege says to remove it if you don’t need it.   So when you’re regularly updating an …

Continue reading ‘F-Secure on Java’ »

Zscaler protects against IE Zero Day

On Tuesday, as seems to be the custom, Microsoft released patches and announced a new zero day in Internet Explorer. MSKB 981374 is a remote code execution in IE6 and IE7. Who know that being on IE5 could ever be a good thing. The KB says Microsoft released details to venders in their Microsoft Active …

Continue reading ‘Zscaler protects against IE Zero Day’ »

Unicorn sighting

A few weeks ago my officemate posted to Facebook, I’ve just been told by two different Mac Geniuses that installing an antivirus software could actually make the Mac computer less secure. Unfortunately, both were phone conversations because I’m almost certain they were doing the Jedi mind trick hand motions.   As I read that, I figured …

Continue reading ‘Unicorn sighting’ »

Adobe Shockwave Update

Adobe has released an update for Shockwave to patch security vulnerabilities. A security bulletin was released today. As usual Adobe is giving enterprise admins the finger by advising that in order to upgrade Shockwave, you must first uninstall old Shockwave versions, reboot and then install the new version of Shockwave. Does anyone actually do that? I …

Continue reading ‘Adobe Shockwave Update’ »

Evaluating HTTP Security Solutions

While trying to eval a HTTP security solution I’ve been trolling for viruses by browsing Google Top Trends. The vender advertizeing their zero day protection detects the virus even when virustotal has only one scanner detecting (and not one used by this vender). So they are showing off their zero day protection rather well. The …

Continue reading ‘Evaluating HTTP Security Solutions’ »

Flash zero day

iDefense has seen a Flash zero day exploit within a PDF file during a recent zero day attack investigation. Its hard to believe that at one point in time PDF files were considered safe.

SmartDraw and Office 2007

I received a bit of unsolicited commercial email from SmartDraw that claimed I can get the benefits of Microsoft Office 2007 without the costs and headaches of upgrading. In smaller type they claimed that the biggest improvements in Office 2007 over previous versions is new graphic and drawing tools. That you can buy their product …

Continue reading ‘SmartDraw and Office 2007’ »