Language Selection

English French German Italian Portuguese Spanish

Finally some real coverage of MS

Filed under
News

Microsoft warns of serious computer security hole

SAN JOSE, Calif. -

Microsoft Corp. has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.

The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.

It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.

Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.

The so-called "zero day" vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.

Microsoft urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" — or software fix — for the problem.

Microsoft rarely departs from its practice of issuing security updates the second Tuesday of each month. When the Redmond, Wash.-based company does issue security reminders at other times, it's because the vulnerabilities are very serious.

A recent example was the emergency patch Microsoft issued in October for a vulnerability that criminals exploited to infect millions of PCs with the Conficker worm. While initially feared as an all-powerful doomsday device, that network of infected machines was eventually used for mundane moneymaking schemes like sending spam and pushing fake antivirus software.

http://tech.yahoo.com/news/ap/20090707/ap_on_hi_te/us_tec_microsoft_security

More in Tux Machines

What's your favorite Linux terminal trick?

The beginning of a new year is always a great time to evaluate new ways to become more efficient. Many people try out new productivity tools or figure out how to optimize their most mundane processes. One area to assess is the terminal. Especially in the world of open source, there are tons of ways to make life at the terminal more efficient (and fun!) with shortcuts and commands. We asked our writers about their favorite terminal trick. They shared their time-saving tips and even a fun terminal Easter egg. Will you adopt one of these keyboard shortcuts or command line hacks? Do you have a favorite you'd like to share? Tell us about it by taking our poll or leaving a comment. Read more

One open source chat tool to rule them all

Last year, I brought you 19 days of new (to you) productivity tools for 2019. This year, I'm taking a different approach: building an environment that will allow you to be more productive in the new year, using tools you may or may not already be using. Instant messaging and chat have become a staple of the online world. And if you are like me, you probably have about five or six different apps running to talk to your friends, co-workers, and others. It really is a pain to keep up with it all. Thankfully, you can use one app (OK, two apps) to consolidate a lot of those chats into a single point. Read more

Android Leftovers

Programming: GNU, Git, Perl, Python and Django

  • Experimental Support For C++20 Coroutines Has Landed In GCC 10

    As of this morning experimental support for C++20 coroutines has been merged into the GCC 10 compiler! Coroutines allow a function to have its execution stopped/suspended and then to be resumed later. Coroutines is one of the big features of C++20. Sample syntax and more details on C++ coroutines can be found at cppreference.com. Coroutines support for GCC has been under development for months and now as a late addition to GCC 10 is the experimental implementation.

  • GNU Binutils 2.34 Branched - Bringing With It "debuginfod" HTTP Server Support

    With GNU Binutils 2.34 comes debuginfod support, which is the HTTP server catching our eye while the debuginfod server is distributed as part of the latest elfutils package. This isn't for a general purpose web server thankfully but is an HTTP server for distributing ELF/DWARF debugging information and source code. With debuginfod enabled, Binutils' readelf and objdump utilities can query the HTTP server(s) for debug files that cannot otherwise be found. Enabling this option requires building Binutils using --with-debuginfod.

  • Announcing git-cinnabar 0.5.3

    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

  • Steve Kemp: Announce: github2mr

    myrepos is an excellent tool for applying git operations to multiple repositories, and I use it extensively. I've written several scripts to dump remote repository-lists into a suitable configuration format, and hopefully I've done that for the last time.

  • Term::ANSIColor 5.01

    This is the module included in Perl core that provides support for ANSI color escape sequences. This release adds support for the NO_COLOR environment variable (thanks, Andrea Telatin) and fixes an error in the example of uncolor() in the documentation (thanks, Joe Smith). It also documents that color aliases are expanded during alias definition, so while you can define an alias in terms of another alias, they don't remain linked during future changes.

  • Python 3.7.5 : Django security issues - part 001.

    Django like any website development and framework implementation requires security settings and configurations. Today I will present some aspects of this topic and then I will come back with other information.

  • How to display flash messages in Django templates

    Sometimes we need to show the one-time notification, also known as the flash messages in our Django application. For this Django provides the messages framework. We are going to use the same here. To show flash messages in the Django application, we will extend our previous project Hello World in Django 2.2. Clone the git repository, check out the master branch and set up the project on your local machine by following the instructions in the README file.