Free Republic

http://www.internetnews.com/ent-news/article.php/3437251 Burst.com Alleges Microsoft Cover-Up By Susan Kuchinskas November 17, 2004 One of the last two companies standing against what it calls Microsoft's anti-competitive behavior said it has smoking-gun proof that Redmond deliberately destroyed evidence in an antitrust case. Burst.com, creator of video and audio delivery software for IP networks, claims that Redmond stole technology and trade secrets acquired during two years of negotiations. In a June 2002 civil suit, Burst.com accused Microsoft (Quote, Chart) of anti-competitive behavior and violating federal and state antitrust laws. Now, court documents claim, Burst.com has evidence that Microsoft followed a policy of deliberately destroying...

Internet Explorer, you're fired. That should have been said a long time ago. After Microsoft cemented a monopoly of the Web-browser market, it let Internet Explorer go stale, parceling out ho-hum updates that neglected vulnerabilities routinely exploited by hostile Web sites. Not until August's Windows XP Service Pack 2 update did (some) users get any real relief.

Microsoft Crawling Google Results For New Search Engine? Jason Dowdell | Contributing Writer 2004-11-11 I was questioned today by a developer who was watching a particular IP address scan his site. The IP was 65.54.188.86 and is registered to Microsoft Corp. located at One Microsoft Way, Redmond, Washington 98052. This visitor was not sending the normal header information associated with a crawler to the web server such as an http robot name or identifying info or even a browser name. Is MSN Crawling Google? Is Microsoft "using" Google's search results to populate their index? Discuss Microsoft's behavior at WebProWorld. The...

Blake Ross is lounging at his parents' Florida Keys condo, thinking ahead to his first day back at Stanford. His goal for his sophomore year: nothing less than to "take back the Web" from Microsoft (MSFT).You might think the shy 19-year-old is outmatched. Think again. Ross, a software prodigy who interned at Netscape at age 14, is the lead architect behind Mozilla's Firefox -- a revolutionary new browser that's catching on the way Mosaic did in 1993. In beta for the past four months, Firefox version 1.0 is set to be released in November. With that, Ross will issue the...

Microsoft on Tuesday published 10 software security advisories, warning Windows users and corporate administrators of 22 new flaws that affect the company's products. The advisories, and patches published with the bulletins, range from an "important" flaw affecting only Microsoft Windows NT Server to a collection of eight security holes, including three rated "critical," that leave Internet Explorer open to attack. Microsoft's highest severity rating for software flaws is its "critical" ranking, while "important" is considered slightly less severe. One flaw, in Microsoft Excel, even affects Apple Computer's Mac OS X. The abundance of flaws could leave corporate PCs vulnerable to...

... Burst, a two-person dot-com survivor from Santa Rosa, Calif., where I used to live, has been suing Microsoft for two years for anti-trust, breach of contract, restraint of trade, and patent infringement. In the great panoply of Microsoft civil anti-trust lawsuits, Burst's might be the last, and for Microsoft, it has to be the worst because Redmond looks so bad. This week, the news from recently unsealed court documents is that Microsoft may have deliberately lied not only to Burst, but also to the other anti-trust litigants right up to and including the U.S. Department of Justice. You will...

Microsoft executives said that a comprehensive patch for Internet Explorer will be released next week, finally plugging the hole that hackers exploited in a sneak attack during June. That month, several exploits that took advantage of the browser's vulnerabilities hit users, most notably one dubbed Scob, or Download.ject. In that attack, a gang of Russian hackerscompromised servers running Microsoft's Internet Information Services (IIS) software, then dropped a Trojan horse onto machines running IE that had simply viewed pages from those servers. The Trojan, in turn, installed a key logger and other malicious code to pilfer financial information. Earlier this month...

If you're one of about 200 million people using older versions of Windows and you want the latest security enhancements to Internet Explorer, get your credit card ready. Microsoft this week reiterated that it would keep the new version of Microsoft's IE Web browser available only as part of the recently released Windows XP operating system, Service Pack 2. The upgrade to XP from any previous Windows versions is $99 when ordered from Microsoft. Starting from scratch, the operating system costs $199. What's new: People using older versions of Windows can't get an important security update to the Internet Explorer...

A new variant of the "MyDoom" virus just went out - I received one and it was NOT DETECTED since it is in zip/compressed file format! CAREFUL!! If you get an email like below, simply delete and do not open the attachment! If you are a COX-INTERNET customer, you have a higher chance of being infected since it is originating from their services. of course - they deny responsibility. here is a copy of the message text: -----Original Message----- From: abonds@cox-internet.com [mailto:abonds@cox-internet.com] Sent: Friday, July 30, 2004 1:08 PM To: xxxx@spadata.com Subject: Returned mail: see transcript for details Dear user...

There is a new plague of viruses, trojans, and exploits hammering web users... and no one easy solution.Be advised, I will add the most useful information I have found so far in the first reply, which I am doing for the sake of simple formatting ease.First off, here's the most current info and links- follow and read all of it:      Web Sites Still Infected   There are new, nastier browser hijackers flooding the web- the best help is here, but be warned, you have to do most yourself and learn to use some new tools. The old anti-virus...

Microsoft Corp. released a tool on Tuesday for removing a particularly pesky computer virus - but was not yet able to offer a software patch to prevent the infection from spreading. Stephen Toulouse, a security program manager with Microsoft, could not say when the patch to thwart the virus, called "download.ject," might be completed. The virus was discovered in late June and exploits a vulnerability in Microsoft's Internet Explorer browser. Microsoft previously released a security update that changed settings in its Windows operating system to thwart infection from the malicious code, which is designed to steal passwords and other valuable...

Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection. The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer. The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user...

COLORADO SPRINGS, Colo. — The Department of Homeland Security's U.S. Computer Emergency Readiness Team touched off a storm this week when it recommended for security reasons using browsers other than Microsoft Corp.'s Internet Explorer. The Microsoft browser, the government warned, cannot protect against vulnerabilities in its Internet Information Services (IIS) 5 server programs, which a team of hackers allegedly based in Russia has exploited with a JavaScript that is appended to Web sites. The particular virus initiated this week inserts JavaScript into certain Web sites. When users visit those sites, it initiates pop-up ads on home and office computers, and...

Description: Paul has reported some vulnerabilities in Internet Explorer, allowing malicious people to bypass security restrictions and potentially compromise a vulnerable system. 1) It is possible to redirect a function to another function with the same name, which allows a malicious website to access the function without the normal security restrictions. Successful exploitation allows execution of arbitrary script code in the context of another website. This could potentially allow execution of arbitrary code in other security zones too. 2) Malicious sites can trick users into performing actions like drag'n'drop or click on a resource without their knowledge. An example has...

In a lively online discussion Thursday, Microsoft (Quote, Chart) engineers faced off with end users who lobbed irate questions, comments and a few tirades about its Internet Explorer browser. More than any topic, security reigned as the most pervasive theme during the online discussion, including when end users could see the next patch for vulnerabilities in IE. IE staffers said the XP SP2 service pack is currently available for download as release candidate 2. That means it's not completed, final or stable yet, and that the final stable SP2 is coming soon. The chat came in the wake of recent...

As if to prove the point that security is like the Dutch boy at the dike, Microsoft on Friday released a stop-gap fix for one of several vulnerabilities that have plagued its Internet Explorer just as a security firm warned that virtually every browser -- not just IE -- can be spoofed by hackers. The update, which Microsoft tagged as “Critical,” isn't a patch per se, but rather an change to Windows that disables the ADODB.Stream object within the operating system's Data Access Components (DAC). Last week, an innovative attack launched by a Russian hacker group from previously-infected Microsoft Internet...

I have Norton and two pop-killer programs, but my Norton can't remove Spyware and activeware on my computer.

US CERT (the US Computer Emergency Readiness Team), is advising people to ditch Internet Explorer and use a different browser after the latest security vulnerability in the software was exposed. A statement on the CERT site said: "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites." CERT otherwise recommends users to set security settings to high and disable JavaScript Malicious code, dubbed variously as...

The Web attack that was stopped dead in its tracks on Friday when a Russian Web site was taken offline remained under investigation Monday by a host of security firms still puzzled over the method used to infect a number of Microsoft Internet Information Services (IIS) servers. But the evidence now is leading them to accept Microsoft's explanation that the IIS 5.0 servers were hacked manually and that the server software doesn't have an unknown, or so-called "zero-day," vulnerability. "Nobody yet knows how these servers were infected," said Ken Dunham, the director of malicious code research at iDefense. "But if...

    Internet Attack Exploits Microsoft Software Flaws Fri Jun 25, 2004 08:25 PM ET By Duncan Martell SAN FRANCISCO (Reuters) - A potentially dangerous attack on personal computers by a virus designed to steal financial data and passwords from Web users rippled across the Internet on Friday, computer security experts said. The attack, which surfaced earlier this week and is known as the "Scob" outbreak, exploits a vulnerability in servers using Microsoft Corp.'s IIS software and has been called more dangerous than the recent "Sasser" and "Blaster" infections. The infected servers in turn exploit another vulnerability in Microsoft's...