Larry Seltzer

Ive seen reports of people who are shocked! Shocked to hear that there are applications and network configurations that fail to function under Windows XP Service Pack 2. After years of complaining about security problems in Windows, Microsoft finally does the right thing and plugs many of the holes even at the cost of breaking […]

A flaw in an old but still popular version of Microsoft Exchange Server could allow an attacker to execute code on other clients systems, according to a security bulletin released Tuesday by Microsoft, along with a patch for the flaw. The bulletin, designated MS04-026, was the sole new security bulletin Microsoft released Tuesday for the […]

Two security research and consulting companies have reported a vulnerability in the AIM (AOL Instant Messenger) program that could allow an attacker to run arbitrary code on another users Windows-based system. iDEFENSE Inc. reports in its advisory that oversized values passed to the “goaway” function of AIMs “aim:” URI handler may be used to overwrite […]

The anti-virus business is an interesting one. On the one hand, its amazingly competitive on a worldwide basis, even if Symantec dominates the U.S. consumer market; there are a lot of companies in this business. But its also a disappointing business technologically. The companies are not out to solve a problem as much as to […]

The new firewall in Windows XP Service Pack 2 is not by any means the most important security advance in the service pack. Other changes, principally locking down the My Computer zone in Internet Explorer, will have more profound implications for security of the average system. But its not unimportant. Had Microsoft done the Internet […]

A researcher performing a source-code audit on a popular graphics library has found multiple security vulnerabilities in it that could be used to crash programs or execute attack code. The PNG library (libpng) is a collection of graphics routines to manipulate PNG (portable network graphics) files. PNG (Portable Networks Graphic) is a graphics format that […]

For the past several months a standards group of the Internet Engineering Task Force named MTA Authorization Records in DNS, or MARID, has labored to form a proposed standard for SMTP authentication. That effort will move along one step this week at the 60th IETF meeting in San Diego. Based originally on SPF (Sender Policy […]

It was only a matter of time before the authors of phishing attacks became more clever. Ive always been disappointed, in a perverse way, by the lack of creativity they have shown. But in a way it doesnt matter how clever they are since you can protect yourself with a healthy dose of skepticism and […]

Microsoft Corp., as predicted, issued on Friday an “out of sequence” security update for Internet Explorer that addresses three critical vulnerabilities. The security bulletin accompanying the updates, numbered MS04-025, addresses three vulnerabilities rated “critical” that could result in an attacker executing code in the context of a logged-on user. If the user is logged on […]

Like many of you, I spend many a visit to family and friends attempting to fix their computer problems. The No. 1 problem scenario these days involves spyware and adware, often so much of it that the computer is utterly unusable. An infected system is a sad sight. You cant do anything without windows popping […]