Stories by Sam Costello

Hole in PHP could give attacker server control

A security hole in the PHP (PHP: Hypertext Preprocessor) scripting language used on many Web servers could allow an attacker to execute code on affected systems or even take control of them, according to a security alert released Monday by The PHP Group.

Gates updates customers on Trustworthy Computing

Microsoft Corp. Chairman Bill Gates sent an e-mail to some Microsoft customers Friday updating them on the company's Trustworthy Computing initiative and reminding them that they too have a significant role to play in securing their computer systems.

Researchers: Newest Microsoft IE patch flawed

A new patch designed to address six serious security vulnerabilities in Microsoft Corp.'s Internet Explorer doesn't fix all the problems it purports to, according to security researchers.

Fake Xbox 'emulator' hiding Trojan horse taken offline

The Web page distributing an emulator promising users they could play Microsoft's Xbox games on their PCs has been pulled offline after discovery that it contained a Trojan horse program designed to generate money based on online ad hits. Thousands of copies of the ersatz emulator may still be circulating on the Internet.

Security hole in Flash player could run attack code

A security hole in the way Macromedia's Flash player handles ActiveX content could allow an attacker to run the code of their choice on vulnerable systems, according to a security advisory published by eEye Digital Security Inc. late Thursday. Macromedia is offering a new download of the player which fixes the flaw.

Microsoft asks court to reconsider Lindows ruling

Saying that the court asked the wrong questions and therefore arrived at the wrong answers in its preliminary injunction ruling that allowed Lindows.com Inc. to continue to use the name Lindows, Microsoft filed a motion for reconsideration late last week with United States District Court for the Western District of Washington.

CERT: Flaws in SNMP could threaten 'Net

Flaws in how SNMP (Simple Network Management Protocol) is implemented in a raft of products could allow attackers to stage denial of service attacks, take over systems and threaten the Internet, according to a new alert from the federally funded computer security body CERT/CC (Computer Emergency Response Team/Coordination Center).

CERT: AOL's ICQ chat app has security flaw

A security hole in America Online Inc.'s ICQ chat program could allow attackers to run the code of their choice on a computer using the program, the federally-funded computer security organization Computer Emergency Response Team Coordination Center (CERT/CC) said in an advisory Thursday. AOL has fixed the flaw on its servers, but also recommends that users upgrade their ICQ program to the new version which does not have the vulnerability, because the server fix will not solve the problem entirely, CERT/CC said.

Experts: Expect more worms in 2002

2001 was dubbed, by some, the year of the virus. And not without good reason, as it brought the potentially damaging Code Red and Nimda worms, along with scores of lesser, more annoying threats into offices and homes worldwide. If 2001 was the year of the worm, though, what does 2002 hold for home users?

CERT: Security incidents nearly double in 2001

Total security incidents nearly doubled in 2001 compared to the prior year, according to statistics released Friday by the federally funded computer and network security body, the Computer Emergency Response Team (CERT) Coordination Center.

Microsoft offers new security partner program

In a move that the company hinted at in recent months following the Code Red and Nimda worms that exploited vulnerabilities in its software, Microsoft Thursday announced its Gold Certified Partner Program for Security Solutions.

Opera releases new browser betas for Mac

Upstart Web browser company Opera Software ASA released a new beta version of its Web browser for the Mac OS Thursday, along with a new beta of its Mac OS X-native browser, the company said.

[]