 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
|
Security News MS08-007 – Critical: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026) 12 Feb 2008 08:00 GMT Bulletin Severity Rating:Critical - This critical security update resolves one privately reported vulnerability in the WebDAV Mini-Redirector. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: TechNet MS08-006 – Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (942830) 12 Feb 2008 08:00 GMT Bulletin Severity Rating:Important - This important update resolves a privately reported vulnerability in Internet Information Services (IIS). A remote code execution vulnerability exists in the way that IIS handles input to ASP Web pages. An attacker who successfully exploited this vulnerability could then perform actions on the IIS server with the same rights as the Worker Process Identity (WPI). The WPI is configured with Network Service account privileges by default. IIS servers with ASP pages whose application pools are configured with a WPI that uses an account with administrative privileges could be more seriously impacted than IIS servers whose application pool is configured with the default WPI settings. Source: TechNet MS08-005 – Important: Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831) 12 Feb 2008 08:00 GMT Bulletin Severity Rating:Important - This important update resolves a privately reported vulnerability in Internet Information Services (IIS). A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Source: TechNet MS08-004 – Important: Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456) 12 Feb 2008 08:00 GMT Bulletin Severity Rating:Important - This important update resolves a privately reported vulnerability in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart. Source: TechNet MS08-003 – Important: Vulnerability in Active Directory Could Allow Denial of Service (946538) 12 Feb 2008 08:00 GMT Bulletin Severity Rating:Important - This important security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003 and Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003. The vulnerability could allow a denial of service condition. On Windows Server 2003 and Windows XP an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could cause the system to stop responding or automatically restart. Source: TechNet Book publishers finally getting their digital acts together? 12 Feb 2008 04:11 GMT Not quite, but an interesting post on Ars Technica suggests that they might finally be turning a corner in terms of providing digital content, instead of relying on traditional paper publishing. Why do we care here in Ed Tech? Because paper publishing costs schools exorbitant sums in textbooks... Source: ZDNet Android at WMC from a developer's perspective 12 Feb 2008 00:05 GMT Android is building momentum at the Mobile World Congress '08 in Barcelona this week. Companies like Texas Instruments have been showing off prototypes running the Android operating system -- and by the sounds of it, people can't get enough. Engadget has some early pictures of what attendees are... Source: ZDNet Father of anti-virus says to invest in security awareness training 11 Feb 2008 22:09 GMT I don't want to start a debate here over who invented anti-virus. According to DarkReading it is Peter Tippett.(see the recent debate over who invented the firewall here. Is Dark Reading going to also knight the inventor of malware if they can track him down?) In... Source: ZDNet The one big POTENTIAL flaw that could REALLY mess up Google Android 11 Feb 2008 21:59 GMT Given that I am not in Barcelona at the Mobile World Congress (nev kinda like the music I am not in a physical space where I can view all the Google Android. But I am in a space where I can monitor what's going on, and offer... Source: ZDNet Never Too Soon to Think Security 11 Feb 2008 05:42 GMT
Every IT initiative should have security reviews early and often, says Mathias Thurman. Waiting can result in applications with gaping security holes — costing money and causing delays. Source: Computerworld |
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage |
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.