Larry Seltzer

Cisco over the past week has announced a series of vulnerabilities in multiple products. Most are denial-of-service issues, while two additional problems could allow improper authentication. The advisory, “Cisco Telnet Denial of Service Vulnerability,” describes a potential denial of new connections on a series of network services, specifically “telnet, reverse telnet, RSH [Remote Shell], SSH […]

If youve read about Microsofts Service Pack 2 for Windows XP, you know about the new, improved firewall that is turned on by default. But theres a more important security enhancement in SP2 that will make a bigger dent in the stream of vulnerabilities in Internet Explorer: SP2 locks down the My Computer zone. The […]

It must have seemed like a good idea at the time: The effort to create an effective standard for SMTP authentication relied, and still relies, on quick adoption by the largest companies in the e-mail business, and Microsoft is a significant company in both the e-mail software and service business. Why not bring them into […]

A rational approach to risk doesnt usually assume that everything that can go wrong will. But with computer security, and security in general lately, its tempting to do so. Security researchers generally assume that if an attack is possible, someone will do it. If a vulnerability can be exploited, someone will exploit it. And if […]

Worms and other malware employ a variety of techniques to find new systems to attack. Many of them scan the network for systems containing specific, remotely exploitable vulnerabilities. Some of the fastest and most successful worms, such as Slammer and Code Red, worked this way. HP thinks two can play at that game. The company […]

Security researchers have discovered another vulnerability in Windows XP Service Pack 2, but it doesnt appear to be an immediate threat. The researcher who uncovered the drag-and-drop flaw in Windows XP SP2 earlier in the week has reported that a new vulnerability exposes a hole in the lockdown of Internet Explorers My Computer security zone. […]

Microsoft Corp. has issued a hotfix for Windows XP Service Pack 2 to solve a problem about which many users have complained: programs that attempt to connect to loopback addresses other than 127.0.0.1 get error messages. The problem—one of several that have appeared in the newly released SP 2—has been reported by many VPN users […]

When I first saw the advisory “Flaws in SP2 security features,” written by Jürgen Schmidt of Heise Security, I just laughed and blew it off as a big nothing. Now, I agree that it illustrates limitations in one of the new security features of Windows XP Service Pack 2. But a flaw? Thats a hard […]

What would you do if your Windows computer suddenly became unresponsive? Or if you could no longer access the Internet? Viruses and spyware can cause that, even when youre running up-to-date protection against them. Tools arent perfect, and its possible that some malware sneaked by. If you cant get online, youre stuck with the tools […]

Nobodys surprised by the application problems cropping up as users install Windows XP Service Pack 2. As I said in my last column, you have to expect these, plan for them, and not let it dissuade you from making the migration as soon as is practicable. But Microsoft has begun to address these both generally […]