Free Republic

Security experts have been expecting such images to turn up after Microsoft revealed a weakness in the way Windows handles the popular Jpeg format. Soon after this discovery, a program started circulating online that was written to exploit this bug. The poisoned images were posted to a porn newsgroup at the weekend and were found by Usenet provider Easynews. Early warning Poisoned pictures containing the bug have been widely predicted following the discovery of the Jpeg bug that afflicts more than a dozen Microsoft programs. To fall victim to the poisoned pictures, users must view it using Windows Explorer. VULNERABLE...

Microsoft Internet Explorer Integer Overflow in Processing Bitmap Files Lets Remote Users Execute Arbitrary Code SecurityTracker Alert ID: 1009067 CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site) Date: Feb 15 2004 Impact: Execution of arbitrary code via network, User access via network Exploit Included: Yes Version(s): 5 (6 is reportedly not vulnerable) Description: A vulnerability was reported in Microsoft Internet Explorer (IE) version 5. A remote user can execute arbitrary code on the target system. It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute...

For education and discussion only. Not for commercial use. CAMBRIDGE, Mass. (AP) -- Dan Geer lost his job, but gained his audience. The very idea that got the computer security expert fired has sparked serious debate in information technology. The idea, borrowed from biology, is that Microsoft Corp. has nurtured a software "monoculture" that threatens global computer security. Geer and others believe Microsoft's software is so dangerously pervasive that a virus capable of exploiting even a single flaw in its operating systems could wreak havoc. Just this past week, Microsoft warned customers about security problems that independent experts called among...

SEATTLE/SAN FRANCISCO (Reuters) - Microsoft Corp. (MSFT.O: Quote, Profile, Research) on Tuesday said a critical flaw in most versions of its flagship Windows operating system could allow attackers to run malicious programs on personal computers. In its monthly security bulletin, the world's largest software maker warned that Windows NT, Windows 2000, Windows XP and Windows Server 2003 were at risk and offered software updates to fix the flaws, which were given Microsoft's highest severity rating of "critical." "It does affect all (current) versions of Windows," said Stephen Toulouse, security program manager for Microsoft's Security Response Center. "We're not aware of...

Preamble: We wanted to write another "Night Before Xmas" poem but the vendor missed the last few release dates, so we had to resort to some MC(SE) Hammer: U Can't Trust This By: MCSE Hammer Blaster did ya some harm We just say, hey, another worm But thank you, for trusting me To mind your site's security It's all good, when your server's downed Our dope PR will pass blame around Cuz it's known as such That this is some software, you can't trust I told ya Homeland U can't trust this Yeah that's why we're giving ya the code...