MS07-044 - Critical: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)   14 Aug 2007 08:00 GMT
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in addition to other security issues identified during the course of the investigation. These vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Source: TechNet

MS07-043 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)   14 Aug 2007 08:00 GMT
Bulletin Severity Rating:Critical - This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page. The vulnerability could be exploited through attacks on Object Linking and Embed
Source: TechNet

MS07-042 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)   14 Aug 2007 08:00 GMT
Bulletin Severity Rating:Critical - This critical security update resolves a privately reported vulnerability. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. The vulnerability could be exploited through attacks on Microsoft XML Core Services. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Source: TechNet

Where is security going?   13 Aug 2007 23:39 GMT
Or more specifically, where is the security industry going? When faced with this question Rotham and Newby read like ecclesiastical old men who are tired of their own industries. They are too close to it to scent the excitement maybe?First of all there are huge changes looming in the...
Source: ZDNet

Will German law make security worse or better?   13 Aug 2007 20:45 GMT
A new German law that makes it a crime to build, sell, distribute or obtain so-called "hacking tools" went into effect over the weekend, InfoWorld reports.The new law defines hacking as penetrating a computer security system and gaining access to secure data, without necessarily stealing data. Offenders are defined as...
Source: ZDNet

Can you really trust your security vendor?   13 Aug 2007 18:12 GMT
A screenshot taken this morning from the Secunia home page:When the security software installed on your system exposes you to code execution attacks, can you really trust them? by Ryan Naraine
Source: ZDNet

Exploits, security tools disappear as German anti-hacker law takes effect   13 Aug 2007 17:51 GMT
Security professionals in Germany have begun to remove exploits and hacking tools from the Internet in response to a new German law that expressly forbids the distribution of any software that can be used in computer/network attacks.Stefan Esser (left), the PHP security guru behind the recent Month of PHP Bugs...
Source: ZDNet

California Puts Limits on Use of E-voting Systems   13 Aug 2007 04:15 GMT
After an independent review of Californias e-voting systems, Secretary of State Debra Bowen has mandated new security measures and limited the use of the machines at polling stations.

Source: Computerworld

Mozilla: Party Quip Doesn't Translate to Official Policy   13 Aug 2007 04:15 GMT
Mozilla says a pledge to fix bugs in 10 days attributed to one of its executives after a conversation at a party doesnt constitute an official policy for its Firefox browser.

Source: Computerworld

From Russia, With Concern   13 Aug 2007 04:15 GMT
A trip to Moscow to audit an offshore partner leaves Mathias Thurman wary. His company relies on "air-gapping" to protect its systems from overseas intruders, but the Russian engineers say they need Internet access.

Source: Computerworld