http://news.bbc.co.uk/2/hi/technology/6526851.stm
"Cursor hackers target WoW players"
World of Warcraft players are being targeted by hackers exploiting
flaws in how Windows handles animated cursors. ...
http://www.computerworld.com.au/index.php/id;838771320;fp;16;fpid;0
"Hackers offer subscription, support for their malware"
Like many just-launched e-commerce sites in the world, this unnamed
Web site has a fairly functional, if somewhat rudimentary, home
page. A list of options at top of the home page allows visitors to
transact business in Russian or in English, offers an FAQ section,
spells out the terms and conditions for software use and provides
details on payment forms that are supported. ...
http://blogs.technet.com/msrc/archive/2007/04/03/an-inside-look-into-building-and-releasing-ms07-017.aspx
"An inside look into building and releasing MS07-017"
Hey Folks -- this is Mike Reavey. We're all glad that MS07-017 -- the
Security Bulletin that fixes the vulnerability in Animated Cursor
Handling (CVE-2007-1215) -- has been released, helping to block
attacks on that vulnerability. While we released it within 5 days of
being notified of attacks, we have received questions from customers
about why it took us 3 months to develop and release the fix for this
vulnerability. I wanted to provide some insight into the history of
this vulnerability, and while doing so, hopefully provide insight into
the overall security update lifecycle, including testing, which
consumes the greatest amount of time. ...
http://www.betanews.com/article/Microsoft_Ignore_Third_Party_Vista_Service_Packs/1175715717
"Microsoft: Ignore Third Party Vista "Service Packs""
For years, tech enthusiasts have been compiling hotfixes into
unofficial service packs for Windows, offering brave users a quick way
to update their operating systems before Microsoft finishes its
own. But for Vista, Microsoft is warning users not to trust these
third-party roll-ups. ...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
