Language Selection

English French German Italian Portuguese Spanish

Finally some real coverage of MS

Filed under
News

Microsoft warns of serious computer security hole

SAN JOSE, Calif. -

Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.

The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.

It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.

Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.

The so-called "zero day" vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.

Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" — or software fix — for the problem.

Microsoft rarely departs from its practice of issuing security updates the second Tuesday of each month. When the Redmond, Wash.-based company does issue security reminders at other times, it's because the vulnerabilities are very serious.

A recent example was the emergency patch Microsoft issued in October for a vulnerability that criminals exploited to infect millions of PCs with the Conficker worm. While initially feared as an all-powerful doomsday device, that network of infected machines was eventually used for mundane moneymaking schemes like sending spam and pushing fake antivirus software.

http://tech.yahoo.com/news/ap/20090707/ap_on_hi_te/us_tec_microsoft_security

More in Tux Machines

today's howtos

Linux 5.5

So this last week was pretty quiet, and while we had a late network
update with some (mainly iwl wireless) network driver and netfilter
module loading fixes, David didn't think that warranted another -rc.
And outside of that, it's really been very quiet indeed - there's a
panfrost driver update too, but again it didn't really seem to make
sense to delay the final release by another week.

Outside of those, it's all really tiny, even if some of those tiny
changes touched some core files.

So despite the slight worry that the holidays might have affected the
schedule, 5.5 ended up with the regular rc cadence and is out now.

That means that the merge window for 5.6 will open tomorrow, and I
already have a couple of pull requests pending. The timing for this
next merge window isn't optimal for me - I have some travel and other
things going on during the same two weeks, but hopefully it won't be
all that noticeable.  But there might be random timezones, odd hours,
and random delays because of that. I try to avoid scheduling things
during the merge window, but hey, it doesn't always work out, and I'd
have to delay things by two weeks to avoid the conflicts, which just
doesn't seem worth it.

Particularly since it's not necessarily going to be a problem to begin
with. We'll see.

Anyway. Go out and test 5.5, and start sending me those pull requests
for all the new development that is ready,

                    Linus
Read more Also: Linux 5.5 Released With Many Hardware Support Improvements

Android Leftovers

Distrowatch is NOT a Measure for Distributions Popularity

Another alternative could be releasing the hit statistics for the official distribution’s repositories. Almost every user may need to download a certain package or an update from the repositories at least once every few weeks, so if we could access the logs of how many unique IP addresses are accessing the distribution’s repositories mirrors per month for example, we may gain a good vision on how popular that distribution is. While this alternative is theoretically good, the issue about it is that it won’t count offline installations. People from both sides can argue with strong reasons why offline installations are important or not important, but it leaves us in an issue anyway. Additionally, this would count Linux Mint users, Kubuntu users and Ubuntu MATE users all as Ubuntu users, simply because they are using Ubuntu’s official repositories, which is not a nice thing to have. At the end, it sounds like each methodology has its own issues, but some are way more better than the other. Still, do not get tricked by people who try to use Distrowatch’s visitor statistics to rank all the Linux distributions out there. Read more