Thursday, August 18, 2005

Todays Tech News 08/18/2005

Todays Tech News 08-18-2005:


WARNING win2000 users !
A serious flaw in the aging Microsoft OS that could be easily exploited in a worm attack has been found. No patch is available and a work-around is not possible
A serious flaw has been discovered in a core component of Windows 2000, with no possible work-around until it gets fixed, a security company said.
The vulnerability in Microsoft's operating system could enable remote intruders to enter a PC via its IP address, Marc Maiffret, chief hacking officer at eEye Digital Security, said on Wednesday. As no action on the part of the computer user is required, the flaw could easily be exploited to create a worm attack, he noted.
What may be particularly problematic with this unpatched security hole is that a work-around is unlikely, he said.
"You can't turn this [vulnerable] component off," Maiffret said. "It's always on. You can't disable it. You can't uninstall."
eEye declined to give more details on the flaw or the Windows 2000 component in question. As part of company policy, it does not release technical details of the vulnerabilities it finds until the software's maker has released either a patch or an advisory.
A Microsoft representative said the software giant will issue a comment once it has had a chance to review the eEye advisory, which has yet to be posted on the security company's Web site.
The vulnerabilities affect Windows 2000, but Maiffret noted eEye is still conducting tests, and he anticipates other versions of Microsoft's OS is likely to be affected.
For Microsoft, this marks the second eEye advisory it's received this week. On Monday, eEye notified the software giant it had found critical vulnerabilities in Internet Explorer.
The IE vulnerabilities could allow malicious attackers to launch a remote buffer overflow attack should users click on a malicious Web site link.
The flaw, which is rated as a "high" risk, affects IE, Windows XP and SP1, Windows 2003 and Windows 2000.
Microsoft confirmed it received the eEye advisory regarding IE through its standard vulnerability reporting system.
"We are investigating the report and will take appropriate action to help protect customers as part of our normal security response process," a Microsoft representative said. Microsoft issues a monthly bulletin of patches and also has a program of security advisories with work-arounds for unpatched, reported flaws.

1 "Acrylic" (code name) is the professional design program that brings together the richness of pixel-based painting and the performance of editable vector graphics for a more fluid and flexible creative workflow. Create sophisticated  designs and graphic elements for your on-screen, Web, and print projects.

2 Microsoft MCE Keyboard,  The Missing Link:
Click to see pic

3 The Microsoft Office Outlook 2003 Calendar Views Add-in makes it easy for you to view your Outlook Calendar appointments through a filter that is based on Outlook labels and categories. For example, you can create a view that shows you only the appointments on your calendar that are labeled Must Attend, or are categorized as Important.
You add filters by using the Calendar Views toolbar, which opens in your Outlook Calendar after you install the add-in.

SyncToy is a free PowerToy for Microsoft Windows XP that provides is an easy to use, highly customizable program that helps users to do the heavy lifting involved with the copying, moving, and synchronization of different directories. Most common operations can be performed with just a few clicks of the mouse, and additional customization is available without adding complexity. SyncToy can manage multiple sets of directories at the same time; it can combine files from two folders in one case, and mimic renames and deletes in another. Unlike other applications, SyncToy keeps track of renames to files and will make sure those changes get carried over to the synchronized folder.


Post a Comment

Links to this post:

Create a Link

<< Home