Guess what time it is…

by on Jul.29, 2009, under Windows Info

Give up?
It’s time to upgrade your version of Windows!!
http://www.us-cert.gov/cas/techalerts/TA09-209A.html
If you don’t know what that means, you’re in trouble. Yes, you.
Basically what this says is that EVERY version of Internet Explorer on every version of Windows is vulnerable to a Remote Code Execution exploit. (in English, that means that Mr. Bad Guy can run *ANY* program he wants on your computer with full administrative privileges. This of course, being in direct violation of Rule #1 of the 10 Immutable Laws of Computer Security.)
The patches will implement a kill-bit, and disable parts of COM and ActiveX controls, p(robably)ossibly breaking legacy applications.

The solution?
Run out ->don’t walk<- and buy the latest copy of the Microsoft Windows 7 Operating System. Oh. Sorry. You can't get it, just... yet... It's coming, though.. Microsoft Partners will see it in about 2 weeks, and it will be available to the general public some time in October. The attack vectors are not only via Internet Explorer. Any application (such as MS Office) with access to ActiveX and/or COM objects can exploit this vulnerability. Here’s the bulletin. Extensive testing is suggested if you use ActiveX controls or COM objects in mission-critical applications.

Comments Off on Guess what time it is… :, more...

Just in case you've forgotten…

by on May.31, 2007, under General Info

The 10 Immutable Laws of Computer Security

  1. If a bad guy can persuade you to run his program on your computer, it’s not your computer any more.
  2. If a bad guy can alter the operating system on your computer, it’s not your computer any more.
  3. If a bad guy has unrestricted physical access to your computer, it’s not your computer any more.
  4. A computer is only as secure as the administrator is trustworthy.
  5. Weak passwords trump strong security.
  6. Encrypted data is only as secure as the decryption key.
  7. An out of date virus scanner is only marginally better than no virus scanner at all.
  8. If you allow a bad guy to upload programs to your website, it’s not your website any more.
  9. Absolute anonymity isn’t practical, in real life or on the Web.
  10. Technology is not a panacea.
Comments Off on Just in case you've forgotten… : more...


Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

CryptedNets is proudly powered by

Entries (RSS) and Comments (RSS)
Register - Login

Visit our friends!

A few highly recommended friends...