Mar 14
Security experts are warning RealPlayer users to stop using Internet Explorer until a patch is released for a flaw researchers discovered which could allow code execution. Researcher Elazar Broad has posted to the Full Disclosure mailing list a so-called heap overflow vulnerability that makes it possible for an attacker to modify heap blocks after they are freed and overwrite certain registers.
This could allow code execution on a compromised machine. The vulnerability affects all versions of RealPlayer running under Internet Explorer. Exploit code for this flaw has not yet been made public.
Without a patch from RealPlayer, security experts recommend disabling the killbit for the following ActiveX ClassIDs:
2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93
CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA
However, disabling these killbits will also remove some functionality within the player.
To avoid the loss of functionality, security experts recommend using RealPlayer in a browser that doesn’t support ActiveX, such as Mozilla Firefox (for Windows and Mac).
Read More: Here
written by Jerry
Feb 28
Woo-Hoo today is my birthday the big “41″ wow I feel old…lol. I guess it’s part of life huh, hey atleast I made it this far.
written by Jerry
Feb 28
The European Commission fined Microsoft a massive €899 million ($1.3 billion) for continued failure to honor the 2004 antitrust ruling against it, Commissioner for Competition Neelie Kroes said Wednesday. Europe’s top competition authority has already fined the company €777.5 million — €497 million in the original ruling plus a further €280.5 million for noncompliance. The latest punishment brings the total of fines to just under €1.7 billion ($2.6 billion) “for a clear disregard of its legal obligations,” Kroes said in a news conference.
“The Commission’s latest fine is a reasonable response to unreasonable actions by Microsoft,” Kroes said. Microsoft finally came into compliance with the 2004 ruling last October. Kroes said the latest fine — the biggest yet — is for noncompliance up to Oct. 22, 2007.
The software giant has over the past four years repeatedly tried to avoid complying with part of the Commission’s ruling that ordered the company to detail communications protocols used by its Windows server operating system so that other manufacturers could build systems that interoperate smoothly with Windows.
News Source: http://www.infoworld.com/article/08/02/27/EU-fines-Microsoft-another-1-billion-for-antitrust-abuse_1.html
written by Jerry