Free Republic

A security update for the Firefox open-source browser has been released by the Mozilla Foundation, a move that follows the public disclosure of exploit code for two "extremely critical" vulnerabilities. Mozilla Firefox 1.0.4, released Wednesday, addresses vulnerabilities that surfaced earlier this week. The update includes several security fixes, as well as a fix to DHTML errors that were encountered at some Web sites, according to a posting on Mozilla's Web site. The update is designed to address the two flaws, which when combined could allow malicious attackers to engage in cross-site scripting and remote system access. Although the two vulnerabilities...

Firefox seems to be heading Internet Explorer's way with security research company Secunia stating on its website that two vulnerabilities found in the popular browser can be exploited to conduct cross-site scripting attacks and compromise a user's system. The Mozilla Foundation is aware of the two potentially critical Firefox security vulnerabilities. They maintain that there are currently no known active exploits of these vulnerabilities though a "proof of concept" has been reported. Mozilla stated that it is aggressively working to provide a more comprehensive solution to these potential vulnerabilities and will provide that solution in a forthcoming security update. Users...

RealNetworks has released a security patch to fix a flaw in its RealPlayer software that could allow compromised code to be run on users computers. The flaw, which was rated "highly critical" by Secunia, is in the most recent versions of the software for both Windows and OS X. Also, Secunia said that some of the older Linux versions were at risk for the flaw. "RealNetworks has received no reports of machines compromised as a result of the now-remedied vulnerabilities," the company said on its website. "RealNetworks takes all security vulnerabilities very seriously."

Symantec has reported glitches in its antivirus software that could allow hackers to launch denial-of-service attacks on computers running the applications. In a notice posted on its Web site this week, Symantec detailed two similar vulnerabilities found in its Norton AntiVirus software, which is sold on its own or bundled in Norton Internet Security and Norton System Works. The flaws, which could lead to computers crashing or slowing severely if attacked, are limited to versions of the software released for 2004 and 2005. The Information-Technology Promotion Agency of Japan, a government-affiliated tech watchdog group, identified the first instance of the...

Just a day after one security firm warned of a vulnerability in Firefox and Mozilla, a rival disclosed that another eight threaten the open-source browsers. The Danish security firm Secunia on Tuesday laid out the flaws, most of which could be used by criminals to spoof, or fake, various aspects of a Web site, ranging from its SSL secure site icon to the contents of an inactive tab. Other bugs can be exploited remotely by hackers able to introduce code of their own choosing on the vulnerable machine, possibly taking control of it or giving them access to files. For...

Electronic bug found in police station State police are investigating the discovery of a listening device found in a clerical office at Providence police headquarters. 01:00 AM EST on Monday, February 14, 2005 BY GERALD M. CARBONE Journal Staff Writer PROVIDENCE -- A worker in Police Department headquarters found what is thought to be a sophisticated listening device covertly mounted beneath her desk, and the Rhode Island State Police are investigating whether someone was bugging the department. According to police Sgt. Robert Paniccia, president of Fraternal Order of Police Lodge 3, this is what happened: Last Monday at 5:30 a.m.,...

For a market segment Microsoft was said to have won decisively in the mid-1990s, the company spent a lot of time in 2004 putting out fires on the browser front. Like the ghost of the Netscape browser rising to haunt its slayer, Firefox emerged with a vengeance from the Mozilla open-source group, which was founded by Netscape in 1998 and last year spun off by parent company Time Warner. Firefox started off the year a prerelease, name-challenged project by a group that had lost much of its credibility after chronic delays and significant setbacks. But Firefox ended 2004 as a...

Java bug could hit PC operating systems17:51 24 November 04NewScientist.com news service The discovery of a serious software bug has simultaneously opened a variety of desktop computers to potential attack. The flaw has been found in Java, which works on a variety of computer operating systems – from Microsoft’s Windows to free software Linux – which means any worm which exploits it could hit a variety of computer platforms. The flaw is rated "highly critical" by the computer security firm Secunia and some experts believe it could lead to the development of a cross-platform computer worm. The bug was...

Navy battle software unsafe <"Peter G. Neumann" <Redacted for his sake...GS>> Tue, 12 Oct 2004 09:02:47 -0400 [Source: Article by Neil Mackay, Investigations Editor, *Sunday Herald* (Scotland), 10 Oct 2004] The Royal Navy's new, state-of-the-art destroyer has been fitted with combat management software that can be hacked into, crashes easily and is vulnerable to viruses, according to one of the system's designers who was fired after raising his concerns. Gerald Wilson, who has 25 years' experience designing naval software, worked for Alenia Marconi Systems (AMS) in a joint venture with Bae Systems and the Italian company Finmeccanica on the combat...

When the Bush administration took over the Pentagon's beleaguered inspector general office in 2002, officials found something startling: The director's office, at some point, had been electronically bugged.     Sorting out why the listening device was inside the walls of the office, with a cord leading to another office, is just one issue that had to be addressed by Joseph E. Schmitz, President Bush's pick three years ago to be the Defense Department's top cop.     A Naval Academy graduate and civil litigation lawyer, Mr. Schmitz was tapped to run the office responsible for investigating million-dollar fraud in the far-flung defense industry...

BOSTON - Popular Microsoft Corp. products may be vulnerable to a security vulnerability that is similar to one patched for the Mozilla Web browsers last week.

Koch: Moore's propaganda film cheapens debate, polarizes nation By Ed Koch SPECIAL TO WORLD TRIBUNE.COM Monday, June 28, 2004 It is shocking to me that Americans in a time of war, and we literally are at war with Americans being deliberately killed in Afghanistan, Iraq and elsewhere by Islamic terrorists, will attack their own country, sapping its strength and making its enemies stronger. I am not a supporter of the xenophobic slogan “My country right or wrong.” But I do believe, when seeking to make it right if it is wrong, that none of us should endanger the country, our...

Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone's hard disk without their knowledge, through a single click. Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer. It has been rated "extremely critical" by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted...

Microsoft warns of 3 "critical" flaws Tue 13 April, 2004 21:36 By Reed Stevenson SEATTLE (Reuters) - Microsoft has warned that three "critical"-rated flaws in the Windows operating system and other programs could allow hackers to sneak into personal computers and snoop on sensitive data. The security warning was announced with another software vulnerability rated "important" as part of Microsoft's monthly security bulletin. The warning was issued with a software patch that fixes the problem on Windows operating systems dating back to Windows 98, as well as software that is part of Internet Explorer and the Outlook express e-mail program....

April 8 ? Sonny Ramaswamy is trying to walk a very fine line. He doesn't want to be seen as an alarmist, but he thinks people ought to know about the thought that keeps haunting him these days. Ramaswamy, who chairs the department of entomology at Kansas State University, is concerned that the tiny little insects he has spent a lifetime studying could become implements of international terrorism. It's possible, he says, that even a stable fly, or something as tiny as an aphid, could be used to distribute deadly pathogens over a wide geographical area in a surprisingly...

'This goes no further...'By Brian Wheeler BBC News Online Magazine Following revelations about bugging at the United Nations, is there any way of ensuring that your private conversations stay that way? News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy. If the secretary general of the United Nations cannot prevent his private conversations...

Colossians 2:8 Beware lest any man cheat you by philosophy and vain deceit: according to the tradition of men according to the elements of the world and not according to Christ. Annibale Bugnini.Up until the turbulent 1960s, Catholic Liturgy and the mass we celebrated had been the result of centuries of divine inspiration, historic experience, wisdom, refinement, debate and the school of hard knocks. Those who developed our worship service, canon law and collective ethos throughout these centuries  (politely putting aside Jesus Himself for a moment) were church elders, wise-men and saints who had managed to build the greatest and...

When you point to a hyperlink in Microsoft Internet Explorer, Microsoft Outlook Express, or Microsoft Outlook, the address of the Web site typically appears in the Status bar at the bottom of the window. After you click a link that opens in Internet Explorer, the address of the Web site typically appears in the Internet Explorer Address bar, and the title of the Web page typically appears in the Title bar of the window. However, a malicious user could create a link to a deceptive (spoofed) Web site that displays the address, or URL, to a legitimate Web site in...

Tourists and immigrants 'behind US bed bug plague' By Charles Laurence in New York (Filed: 21/12/2003) Bed bugs have invaded the United States for the first time in 50 years, munching their way through sleeping victims in an infestation described by pest controllers as being "out of control". European travellers and Third World immigrants are being blamed for bringing the bugs back to the US, with 28 American states reporting recent infestations. To their shame and horror, wealthy home owners and guests staying at expensive hotels have woken up covered in red, itchy welts, as well as people living in...

Posted on Thu, Nov. 13, 2003 Two Phila. union chiefs subpoenaed The federal grand jury investigating corruption summoned a Street ally and his son, a source said. By Nancy Phillips and Emilie Lounsberry Inquirer Staff Writers A Philadelphia union leader who is a major supporter of Mayor Street has been subpoenaed to appear before a federal grand jury that is investigating corruption in city government, according to a court-system source familiar with the labor official. Samuel Staten Sr., business manager of Local 332 of the Laborers' International Union of North America and a longtime Street ally, and his son, Samuel...