security

What you can do about the latest Google Desktop flaw

On this week's Security Bites podcast, I asked Robert Hansen, aka RSnake, the security researcher who disclosed the man-in-the-middle attack on the Google Desktop last week, what readers can do to avoid becoming a victim.

Hansen said: "They could turn off the integration between Google Desktop and the Web. Or they could wait for a patch to come out, which I'm sure there will be. Or my favorite answer is to uninstall the Google Desktop entirely.

"I'm not exactly quick to tell people to stop using applications, but Google Desktop's had, like I said (… Read more

Yahoo releases critical security patch for IM

Yahoo has issued a critical security patch for Messenger to address zero-day exploits that take advantage of vulnerabilities in its Webcam ActiveX controls.

The exploits to instant messaging surfaced Wednesday, less than 24 hours after the vulnerabilities were first reported to Yahoo by eEye Digital Security.

People could find their systems at risk if they visit malicious Web sites or view other malicious HTML code. The attackers could then exploit security flaws in the Yahoo Webcam ActiveX control, a software package that is downloaded with Messenger.… Read more

Exploits exist for Yahoo IM security flaws

At least two sets of exploit code have been posted on the Internet for the security flaws in Yahoo Messenger 8 first disclosed on Wednesday by the security vendor eEye on Tuesday. The two exploits were posted on the Full Disclosure mailing list on Wednesday. One set of code shows how to cause buffer overflow in the Webcam ActiveX component. Another causes a buffer overflow in the viewer ywcvwr.dll. Both exploits were written by Danny.

This morning Yahoo released a patch for Yahoo Messenger, however, update is voluntary. Users will be prompted each time the application loads until the … Read more

Norton AntiBot goes into public beta

These days, criminal enterprises don't just want to steal your Outlook contact list, they want to own your computer, and they will download a remote-access Trojan horse at the first available opportunity. Within the last six months, Symantec has seen the number of these "bot" infections increase 29 percent over the previous six months. That's why Symantec is rushing to market a new application they're calling Norton AntiBot.

While most antivirus applications today provide adequate protection against spyware and malware, once these are removed, your machine is vulnerable to new and different variations of the … Read more

Microsoft OneCare did/did not improve in recent AV tests

After finishing dead last in a comparative antivirus test, Microsoft Windows Live OneCare recently garnered some positive press. The latest tests performed by AV-Comparatives.org seem to show an improvement, with OneCare moving up two places. While OneCare is certified by West Coast Labs and ICSA, it is the competitive independent antivirus testing results that mean more in terms of how well a product performs in the real world against real malware. Thus, some might argue that things are looking up for the nascent Redmond antimalware team.

That's until you look closer at the tests. AV-Comparatives performed two different … Read more

Yahoo IM hit with critical security flaws

A number of highly critical security flaws have been found in the latest version of Yahoo Messenger, which could allow attackers to gain remote access to users systems, according to a security advisory issued by eEye Digital Security.

The vulnerabilities affect Yahoo Messenger versions 8.1 and 8.0, running on Windows, eEye stated in its "upcoming advisories."

Although eEye does not disclose extensive details about vulnerabilities until the respective vendor develops a patch, the security researcher did note the Yahoo IM flaws requires little user interaction for an attacker to exploit the vulnerabilities.

"It's the … Read more

Microsoft security nirvana?

It is common knowledge that IT security is made up of isolated security islands that don't talk to each other and must be managed on a one-off basis.

Why is this? Best I can figure is that it is a historical combination of budget and behavior. Security budgets are notoriously tight, so tools tend to be brought in on an as-needed basis. As for behavior, security professionals grew up with a "best of breed" mindset. If security widgets 1 and 2 are deemed to be the best products available, they buy them. Security benefits tend to trump … Read more

Will Osama use Google Earth against us?

In the wrong hands, could Google Earth become a weapon of mass destruction?

That question has been floated in the aftermath of last week's FBI apprehension of four suspects charged with attempting to explode oil pipelines at New York's John F. Kennedy airport.

At a press conference announcing three of the the arrests, FBI officials said one of the plotters, Abdul Kadir, directed his associates to consult Google aerial images of Kennedy Airport as they went about their planning. Inevitably, this raised questions about whether the various online mapping services offered by the likes of Google, Yahoo and … Read more

Google Desktop vulnerable to attack

Security researcher Robert Hansen, aka RSnake, has published details of a new attack on Google Desktop. Basically, Hansen found a man-in-the-middle attack, this time placing an attacker between Google and someone launching a desktop search query. From this position, the attacker is able to manipulate the search results and possibly take control of other programs on the desktop.

The attack scenario plays out like this: a user of Google Desktop makes a search query that is intercepted by an attacker. The attacker then injects Javascript that creates an invisible IFrame on the target URL page as well as makes the … Read more