The vulnerability is in Microsoft Office Excel 2003 Service Pack 2, along with Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000 and Microsoft Excel 2004 for Mac, Microsoft said. If successfully exploited on a vulnerable computer, it could enable remote code execution, the company added.
Microsoft is now investigating public reports and the extent of the vulnerability's impact on customers. Once that's done, it may provide a security update through its monthly release process or as an out-of-cycle release, it said.
"While the attack appears to be targeted, and not widespread, we are monitoring the issue and are working with our MSRA (Microsoft Security Response Alliance) partners to help protect customers," wrote Microsoft's Security Response Center on the group's blog. "We will update the advisory and this blog as new information becomes available."
Linux News: Security: Vulnerability Turns MS Excel Into Open Door for Hackers
Wednesday, January 16, 2008
Saturday, January 12, 2008
Five-Year-Old Boy Detained by the TSA
A less extreme example again is that of the US Transportation Security Administration (TSA), the authority charged with protecting US transportation systems, and supposedly those using them, recently detaining a five-year-old boy on the suspicion of being a terrorist. His name was similar to someone on the US "no-fly" list, which contains the names of people suspected of being terrorists.
Sentry Posts Blog - ZDNet UK Community
Sentry Posts Blog - ZDNet UK Community
Tuesday, January 8, 2008
Anatomy of a hack attack
With the help of security experts, we reconstruct a typical hack attack on two large organisations and walk through the steps that the head of IT should follow in such a case.
Monday, 9am
Blackjack, a hacker working from an internet cafe in London, is about to launch an attack on a major government agency. His aim is to cause maximum disruption and embarrassment. And, according to security experts, his job is going to be worryingly easy.
"Most organisations have dozens of vulnerabilities they haven't patched, or aren't even aware of," said Toralv Dirro, a security strategist with McAfee. "Even if a penetration-testing service says you're not vulnerable, that only means they haven't found a vulnerability, not that one doesn't exist."
Anatomy of a hack attack - ZDNet UK
Monday, 9am
Blackjack, a hacker working from an internet cafe in London, is about to launch an attack on a major government agency. His aim is to cause maximum disruption and embarrassment. And, according to security experts, his job is going to be worryingly easy.
"Most organisations have dozens of vulnerabilities they haven't patched, or aren't even aware of," said Toralv Dirro, a security strategist with McAfee. "Even if a penetration-testing service says you're not vulnerable, that only means they haven't found a vulnerability, not that one doesn't exist."
Anatomy of a hack attack - ZDNet UK
Friday, January 4, 2008
New PHP release fixes several vulnerabilities
The PHP development team announced the immediate availability of PHP 4.4.8. It continues to improve the security and the stability of the 4.4 branch and all users are strongly encouraged to upgrade.
New PHP release fixes several vulnerabilities
New PHP release fixes several vulnerabilities
Subscribe to:
Comments (Atom)