Product Guides- Microsoft research projects to improve our lives
- Outlook '09
- IBM employees buzzing about layoff rumors
- AT&T builds $23M IPv6 network for U.S. military
- Is VoIP dead?
Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.
Android phone users get update for flaw
Users of the G1 Android phone today began to receive a software update that fixes a flaw that security researchers found earlier
in the week. he update included the fix to the browser vulnerability as well as a few other minor changes, said Michael Kirkland,
a Google Inc. spokesman. Every user of the G1 may not have received the update yet but should within a short time frame, he
said.
Previously: Researcher warns of critical Google bug in G1 phone
**********
VMWare releases updated ESX packages to fix numerous flaws
The latest ESX update from VMWware patches vulnerabilities in libxml2, ucd-snmp and libtiff. The flaws could be exploited
in a denial-of-service attack or to potentially run malicious code on the affected machine.
**********
Three new patches from rPath:
Samba (race condition, denial of service)
NFS (restriction bypass)
**********
Five new fixes from Mandriva:
kernel for 2008.1 (multiple flaws)
Eterm (X11 connection hijacking)
aterm (X11 connection hijacking)
kernel for Corporate 4.0 (multiple flaws)
mplayer (multiple flaws)
**********
Today's malware news:
'Ruthless' Trojan horse steals 500k bank, credit card log-ons
A sophisticated cybercrime group that has maintained an especially devious Trojan horse for nearly three years has stolen
the log-ons to more than 300,000 online bank accounts and almost as many credit cards during that time, a security company
said today. Computerworld, 10/31/2008.
Statements, reports, tracking numbers and tickets
Over the last 48 hours we've seen a huge increase in ZIP'd malicious email attachments being spammed. F-Secure, 10/30/2008.
Latest Microsoft vulnerability used to steal confidential data
PandaLabs, Panda Security's malware detection and analysis laboratory, has detected several malicious files that are exploiting
the latest vulnerability announced by Microsoft (MS08-067) to infect users and steal confidential data including instant messaging
passwords, login credentials used online, etc. Panda Security, 11/1/2008.
**********
From the interesting reading department:
Morris worm turns 20: Look what it's done
The Internet will mark an infamous anniversary on Sunday, when the Morris worm turns 20. Considered the first major attack
on the 'Net, the Morris worm served as a wake-up call to the Internet engineering community about the risk of software bugs,
and it set the stage for network security to become a valid area of research and development. Network World, 10/30/2008.
Jason Meserve is multimedia editor at Network World.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2009 Network World, Inc. All rights reserved. |
Comment