Frequently our Members call in and ask how viruses really work and what is the difference between a virus and a trojan horse.
From the HowStuffWorks.com Web Site, this article does a nice job of explaining how it all works.
Recent Posts
- Microsoft Fixes 19 Windows Security Flaws
- Critical Update for Adobe Flash Player
- Take the online privacy quiz
- Microsoft Plugs Three Windows Security Holes
- Tricky Windows Worm Wallops Millions
- Caveat Emptor: Watch Out for Phantom Stores
- Firefox 2 Users Will Get No More Security Updates
- Update for Java Software
- Warning: Financial crisis is a goldmine for online criminals
- Criminals use fake virus warnings
« May 2007 | Main | July 2007 »
June 2007
SSO: Using Instant Messaging and Chat Rooms Safely
In the Stay Safe Online Department, this article from the US Computer Emergency Readiness Team talks about some of dangers of online IM and Chat rooms, plus gives some tips on how to use these tools safely.
First Step News :: Recent Posts (6/12/07)
Here are the links to some recent posts on the First Step Blog:
- Microsoft Plugs 15 Security Holes (June Updates)
- Yahoo! IM Users Should Upgrade Immediately
- Apple, Microsoft Issue Security Updates - May 26th, 2007
- What is a Cookie?
- What version of Firefox are you running?
- Before You Call the HelpDesk
Microsoft Plugs 15 Security Holes
From the Washington Post Security Fix Blog
Microsoft issued free software updates today to fix at least 15 separate security flaws in its Windows operating system and other software. Windows users can grab the patches by visiting Microsoft Update or by turning on Automatic Updates.
Nine of the 15 flaws earned Microsoft's "critical" rating, its most severe. Critical vulnerabilities are those that are so serious they generally don't require any action on the part of the user to exploit, aside from maybe convincing the user to visit a malicious (or hacked) Web site, or open a specially-crafted e-mail.
Most of the critical vulnerabilities fixed in June's patch batch are addressed in a security roll-up for just about every version of Microsoft's Internet Explorer Web browser, including IE7 and IE7 on Windows Vista. The culprit, again, is a weaknesses with ActiveX controls in the browser that could allow nasty Web sites to seize total control over a user's machine or to silently install software. One of the updates fixes a security hole that criminals already know how to exploit. Microsoft reports that the blueprints for attacking this flaw were posted online.
Another patch bundle is a cumulative update for Outlook Express and Windows Mail that plugs four separate security holes in those programs.
This is a nasty group of vulnerabilities, people. If you are using Windows, you should not delay in downloading and installing these updates.
Yahoo! IM Users Should Upgrade Immediately
From the Washington Post Security Fix Blog
People who chat online using Yahoo! Messenger software should upgrade their program. The company has pushed out a fix to plug two newly discovered security holes.
The two critical vulnerabilities reside in Yahoo! Messenger versions 8.1.0.249 and earlier. The flaws are so serious that computers running the software could be hijacked with little cooperation or action on the part of the user, aside from perhaps the user unwittingly going to visit a malicious Web page.
Yahoo! Messenger users should download and install the latest version immediately, as instructions for exploiting these flaws already have been posted online.
Kudos to Yahoo! for providing a fix for these dangerous flaws within hours after exploit code was posted online. However, I fail to understand why Yahoo! isn't prompting all users to upgrade. The company's security advisory states: "Over the next several weeks, users worldwide will be prompted to update to a new version of Yahoo! Messenger upon signing into the service."
As anti-virus vendor F-Secure notes, Yahoo! would aid its users by posting a big honking notice on its homepage about the problem.
Recent Comments