Symantec admitted to a critical flaw in its software that could potentially open the door to viruses. The problem affects its entire antivirus product lineup, including the widely used Norton AntiVirus. Symantec has since issued a patch and has urged all users of the software to install it as soon as possible.
"The impact of this vulnerability is exaggerated by the fact that many e-mail
and other traffic routing gateways make use of file-scanning utilities that make
use of the vulnerable library," Symantec said in an advisory.
Unpatched computers run the risk of being infected with a virus even if protection is enabled.
The vulnerability is caused by the way Symantec's software handles a compression format known as UPX, or Ultimate Packer for Executables. A virus could be created that would exploit a handling error, causing the software to run a malicious Web page or open an infected e-mail rather than quarantine it.
"The vulnerability can be triggered by an unauthorized remote attacker, without user interaction, by sending an e-mail containing a crafted UPX file to the target," Internet Security Systems, who found the flaw, said in a statement.
Security firm Secunia marked the flaw as "highly critical", which is "Typically used for remotely exploitable vulnerabilities, which can lead to system compromise," according to the company's Web site.
How to install patches when Microsoft's tools don't By Mark Burnett [EDITOR'S NOTE: With this issue, we begin our new Update Management section. This new feature will advise you on how to automate Windows patches and every other kind of upgrade. Along with our other new sections — Over The Horizon, Patch Watch, and Briefing Session — we've now completed the content expansion we promised. Update Management is written by Mark Burnett (photo, left), an accomplished author and security consultant.] With Microsoft announcing 12 new updates this week — 8 of them rated critical — it was a busy Patch Tuesday for many of us. But even with all these updates, few people have so far reported serious problems after installing them. Is Microsoft starting to get the hang of this patching stuff? Ever since my first copy of Windows NT 3.5, patching has been a confusing and scary ritual that we admins had to regularly endure. Only in the last couple years have we had reliable patch management software to ease much of the pain. Fortunately, Microsoft is getting better at it. The company's is showing signs of maturity. This month's rather smooth updates are a testament to this. But don't get too comfortable yet; there's always something that doesn't go as planned. |
"You can click, but you can't hide," reads the message on the front page of LokiTorrent, ordered Thursday by Dallas Federal Court to immediately shut down. The warning rings especially true now that the Motion Picture Association of America has won a key court victory that allowed it access to LokiTorrent's visitor logs.
LokiTorrent, like many now-defunct BitTorrent Web sites, offered links to
torrent files that are used to download and share illicit content. One of the
most popular BitTorrent houses, SuprNova, recently went underground and launched
a decentralized client called eXeem for accessing torrent
downloads.
After successfully shutting down numerous BitTorrent sites, the MPAA touted its newfound access to the LokiTorrent.com server logs.
"This should give us information about LokiTorrent visitors who were involved in flagrant piracy of filmed entertainment," said John Malcom, director of worldwide piracy operations for the MPAA. "We are going to look at all the information...and decide what the appropriate action is to take."
The MPAA said the information may possibly lead to suits against individuals, but the organization has not decided whether that is the route they'd like to take.
For its part, LokiTorrent said it had raised as much as $30,000 for court costs and legal representation to fight Hollywood. As one of the biggest sites, it received special attention by Hollywood lawyers.
It is unclear whether the MPAA will ever be able to completely stop online piracy as P2P developers continue to find new ways to decentralize the system giving users more confidentiality in what they are doing online.
However, the MPAA is determined to stop illicit file sharing. "Illegally downloading movies from sites such as these without proper authorization violates the law, is theft, and is not anonymous," the warning threatens. "Stealing movies leaves a trail. The only way not to get caught is to stop."
From Internet domains to Web browsers, Google seems to have its hands all over the Web these days. But the search giant shows no signs of slowing its reach, and has offered to host the Wikipedia online encyclopedia. Wiki Media Foundation, which runs Wikipedia, says Google has volunteered to supply servers and bandwidth to the project.
Wikipedia is an open
online encyclopedia that can be edited by anyone who volunteers. The project has
become immensely popular on the Web, and is having problems sustaining its
growth.
"Google has at least tentatively agreed to give us access to a certain number of dual Xeon servers at one or more of their data centers and with unlimited bandwidth," a Wikipedia administrator said.
"I've been told that there are no strings attached, meaning they don't expect us to do anything for then, such as having Google Ads. In short, this is wonderful news."
comment:
p_commentcount