Microsoft announced last December 15 of yet another major flaw in version 7 of its Internet Explorer browser which allows remote code execution on the target computer (as if the others do not already).

Dubbed as Microsoft Security Advisory (961051), the advisory went on to discuss the issue as follows:

The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object’s memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.

It appears also that its not only IE7 that’s affected. It affects versions up to IE8 also. Even the BBC has snatched this issue as well.

What was weird for me was that the Full Disclosure community did not make any reaction to this disclosure by Microsoft. Or it might be too early as the secinfo experts and enthusiasts are scrambling to verify this if at all.

My take on this is - what’s new? Honestly, I’m not surprised at all.

Technorati browser, internet, explorer, IE, major, flaw, microsoft, security
Site Search Tags: browser, internet, explorer, IE, major, flaw, microsoft, security

Looks like MS is now looking to doing the Tae Bo instead of doing Aerobics. Recently MS’s Brad Smith and Horacio Gutierrez, in an interview with Fortune expressed MS intent to go after the so called patent infringements. And this is now by no means a walk in the park. This is major tae boing everyone.

Primary targets will be Linux flavors excluding the Linux distribution from recent partner Novell. This means Red Hat, Ubuntu, Debian, Slackware, Oracle, Mepis, and countless other Linux flavors and variants, are all fair game. Brad Smith stressed yet again what Steve Ballmer has been singing since November 2004 — Linux infringes on MS patents. This time around, Brad Smith goes on to mention a total of 235 patents in all. However, they haven’t mentioned anything specific as to which patent is infringed and what these infringed patented components really do. Yes folks, it’s FUD season again.

You might be asking why now? Simple. Dell has recently announced support for Ubuntu and is planning to pre-load the Linux distribution into some of Dell’s machines slated for the opensource and Linux markets. Dell’s announcement has been hugely discussed in forums, and featured in various media formats. Thus MS couldn’t resist putting up fudding yet again to dispel would be migrants as well as those already slowly migrating to Linux fulltime.

John Soat has written his revelation on one of his columns regarding the possible horrors of patent shoving and moshpitting. John has even went on to say October 2007 will be THE time when patents will be shoved down various unwilling throats.

Will this recent action by MS ignite the proverbial patent war spark and inevitably start a long and destructive patent war? This I gotta see.

Related stories:
on Linux-Watch
on CNN-Money/Fortune
on E-Week

Technorati : Linux, Microsoft, patent,
Site Search Tags: Linux, Microsoft, patent,

Just hours after a magnitude 7.1 earthquake struck Taiwan, the Philippine’s links to the global internet backbone suffered considerable damage disrupting the country’s Internet and telephony services. Major submarine cables serving PLDT, Smart and Bayantel were said to have suffered damage. Bayantel on the otherhand declared their systems to be operational since Wednesday. Globe and Digitel were not able to provide details on disruptions that affected their networks.

Taiwan is an island situated far to the north of the Philippines, just a few kilometers from Basco, Batanes. Several of the Philippine’s links to the major Internet backbone in Japan and the U.S. passes through Taiwan. This backbone on the otherhand are huge undersea cables, comprising of either copper-based or fiber-based cable, providing high-speed, high-volume connections for traditional phone services as well as Internet and Internet-based services.

Local sites somehow were not affected. Local service providers like LevelUp Games expressed no significant disruptions to their service since users of LevelUp’s services are based locally. However access to major international sites like Yahoo!, CNN, are still largely intermittent. Online content providers like YouTube, Flickr, MetaCafe, and others are also intermittent. It may still yet be a few days’ wait before connection will be stable enough.

Related news at:
INQ7.net

Technorati: Taiwan, earthquake, disruption, Internet,
Site Search Tags: Taiwan, earthquake, disruption, Internet,

by Antony Savvas
Thursday 5 January 2006

A new version of the Sober worm is set to strike at midnight tonight to correspond with the founding of the German Nazi party and a major German political conference tomorrow.

A warning about the attack was issued by security software companies at the end of last year, after it was discovered that the previous version of Sober had been programmed to trigger new attacks on the internet.
Read more.. (Computer Weekly)