This update corrects two bugs found in Firefox v2.0.0.10, released earlier this week.
Bug 391028 – drawImage with broken PNG draws random memory.
Bug 405584 – Canvas.drawImage method is not working.
{ 0 comments }
From the monthly archives:
November 2007
The FBI has announced “Operation Bot Roast II” — the second round of its investigations against botnets.
According to the FBI, the busted cyber criminals caused $20 million in losses, including one victim who suffered damages of nearly $20,000 from denial of service (Ddos) attacks via botnets.
{ 0 comments }
Using administrator account: Open Firefox > Help > Check for Updates.
{ 2 comments }
REDMOND, Wash., Nov. 26, 2007 — Microsoft announces that its community of 2.2 million Microsoft Certified Professionals (MCPs) will now receive new benefits that will help them successfully deploy and support new technologies through increased access to internal Microsoft resources and networking with their peers.
Lutz Ziob, General Manager, Microsoft LearningThe new MCP benefits are being introduced as Microsoft is gearing up to launch Windows Server 2008 and customers are already taking advantage of the readiness resources available.
{ 0 comments }
I tried this program awhile back when it was first released and didn’t much care for it at the time. However Writer has greatly improved and I see it being very useful for blogging on the fly.
To be continued, edited and updated as I try it out.
Update:The ability to see exactly how your post will look before you publish it is great, with four viewing or editing modes. Normal, Web Layout, Web Preview and HTML Code.
WLW now supports XHTML. With Live Writer open> Weblog> Edit Weblog Settings> Advanced> Markup Type.
12-12-07. Windows Live Writer was updated to version number 12.0.1367.1128.
This update is being distributed via Microsoft Update, so if you have chosen to have important updates automatically installed, you should receive this update automatically. If you aren’t automatically getting updates, you can open Windows Update, check for updates, and the update will appear in the list of available updates.
{ 0 comments }
A MSN Messenger Trojan spreading like wildfire via an IRC botnet is infecting thousands of computer systems worldwide.
The malware poses as pictures with a message similar to “hey, this your pic” “hey, is this your pic on this site” with an URL from a site that hosts a picture rating service. Click on that and soon you will be part of a malware spreading botnet. Owned.
The usual common sense applies, do not open files sent unexpectedly from friends or strangers.
The eSafe CSRT (Content Security Response Team) at Aladdin —a security company—detected the new threat propagating around noon EST on Nov. 18. At 18:00 UTC (Coordinated Universal Time), eSafe had detected 1 operator and more than 500 on-command bots in the network. Less than three hours later, or by 2:30 EST, when eWEEK spoke with Roei Lichtman, eSafe director of product management, the number had soared to several thousand PCs and was growing by several hundred systems per hour.
Lisa Vaas eWeek
eSafe reports the Trojan is the first they have tracked trying to scan for VNC (Virtual Network Computing).
{ 0 comments }
Today is the 10th Anniversary of the public release of WinPatrol.
The majority of new features came as suggestions from friends of Scotty. So, THANK YOU, THANK YOU to all of you who have encouraged and supported my WinPatrol project. It’s been a rewarding ten years.
Reminisce: Bits from Bill
{ 0 comments }
If you have Norton installed on your computers you should pay attention to this.
Chris Quirke’s Blog: Norton Security Scan - False Positives
Unfortunately, it detects protective settings applied by Spyware Blaster and similar tools, as being the malware these tools are protecting against.
Hosts News: Symantec detects suspicious entries in the MVPS HOSTS file
… seems Symantec added a new update SecurityRisk.URLRedir which they describe as “detection for suspicious entries added to the hosts file”
{ 0 comments }
November 14-15, 2007. Fixes for at least 54 security bugs.
Apple also patched a security hole in Apple’s version of Adobe’s Flash Player, offered by Adobe as an update since July 2007.
Security Updates
15 Nov 2007
Mac OS X 10.5.1 Mac OS X 10.5, Mac OS X Server version 10.5
14 Nov 2007
Mac OS X 10.4.11 and Security Update 2007-008 Mac OS X 10.3.9 (for Security Update 2007-008), Mac OS X 10.4 or later (for Mac OS X 10.4.11 Update)
14 Nov 2007
Safari 3 Beta Update 3.0.4 Windows XP / Vista
About the security content of Safari 3 Beta Update 3.0.4
Security appears to be taking a front seat at Apple, which is good news for Mac users, even if many believe their systems are invincible. 
The enormous set of patches for Mac OS X, Safari and the Leopard firewall came shortly after Microsoft’s November security release.
The Microsoft Security Response Center (MSRC)
Tuesday, November 13, 2007
Two new bulletins:
- MS07-061: This update addresses a vulnerability in Windows URI handling, which could allow remote code execution and has a maximum severity of Critical.
- MS07-062: This update addresses a vulnerability in DNS which could allow spoofing and has a maximum severity of Important
One re-released bulletin:
- MS07-049: This update addresses a vulnerability in Virtual PC and Virtual Server and could allow elevation of privilege. This is a change to the installer code only, to address some limited installation problems that we have seen. There’s no change to the update binaries, so if you have already successfully installed this update, you do not need to reinstall it. Please refer to the bulletin revision notes for more detail.
{ 0 comments }
It is that time of year again and several blogs are giving you great tips for shopping on-line wisely and safely.
The Security Garden: Holiday Online Shopping Safety Tips
Bits from Bill: Top Ten Online Shopping Mistakes
Nonetheless, no matter how security savvy one may be, there are still ways to be ripped off and this dear reader was my experience.
I placed an order 07-11-07 with cuisineclassique.com aka sharpknives.com, for three kitchen ceramic items.
My order arrived promptly in the most horrendous packing, two of the items smashed beyond repair.
I informed customercare at cuisineclassique.com who explained they had a new person needing more shipping and handling training. They asked me to make a claim with UPS which I did, and they would send me a replacement.
So far so good, they seemed like decent people, however the replacement never arrived. More emails and more excuses, such as:
The package is still on the shelf in the hallway waiting for UPS to pick up.
That’s enough already, please refund > more promises > no refund.
Now I am getting pretty cranky, remember I paid for this order on 07-11-07.
9/9/2007 from the company holding my refund hostage.
We have had some very severe monsoon storms here and lost our roof in one of them. Our phones have been out and our internet service has been spotty at best. Between the lightning strike and rain, we are just now recovering some of the lost information on our computers including our email server.
I apologize that we caused you so much aggravation.
They promised I would be reimbursed that week but holding true to the entire Cuisine Classique experience, I was never reimbursed.
Lesson number one.
I informed the company who handled the payment and was told they couldn’t do anything because I had filed a damages claim with UPS, instead of returning the package to Cuisine Classique.
Lesson number two.
UPS told me they couldn’t devulge if they had paid Cuisine Classique on the damage claim.
One can pretty much count on it that they did. I followed their instructions to the letter in order for a valid claim to be processed.
Was Cuisine Classique paid twice for the items I ordered, once by me and also by UPS? Regardless, I still have not been refunded.
How great is that. By the way, I told Cuisine Classique several times I would be blogging this if I did not receive a refund.
Guess they didn’t care.
{ 0 comments }
