Right on, Larry.
http://www.eweek.com/c/a/Security/The-AntiMalware-Certification-Problem/
The Anti-Malware Certification Problem
Opinion: One of the dirty little secrets of the anti-malware industry is
that the WildList doesn't really prove a whole lot about a product.
Failure to find all
On Sun, 2008-06-01 at 08:06 -0400, Richard M. Smith wrote:
> Participants in HNAP would collect sample network traffic from their
> own home networks as well as samples from networks within the
> vicinity.
Vicinity, eh? What could possibly go wrong with that?
> This also provides the Neighborho
On Mon, Jun 2, 2008 at 12:00 PM, <[EMAIL PROTECTED]> wrote:
>
>
>
> --
>
> Message: 1
> Date: Sun, 1 Jun 2008 20:14:21 -0400
> From: Robert Praetorius <[EMAIL PROTECTED]>
> Subject: Re: [funsec] Sniff Your Neighbors' Networks
> To
Apparently from:
> http://www.eweek.com/c/a/Security/The-AntiMalware-Certification-Problem/
...
> In fact, insiders in the anti-virus industry, especially vendors, are
> widely derisive of the WildList, looking on it as an outdated burden on
> their development. The malware in it is outdate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes, you read that correctly:
"It appears that XP service pack 3 installs an older vulnerable
version of the flash player, causing those systems to be vulnerable
to these vulnerabilities."
More:
http://isc.sans.org/diary.html?storyid=4513
Why is thi
IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
that their license for flash only covered the older version that they
include in the update.
Personally I'd have rather seen them not include the file at all if it
wasn't the most recent release, which really wouldn't have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
"A man wearing a T-shirt depicting a cartoon character holding
a gun was stopped from boarding a flight by the security at
Heathrow's Terminal 5."
http://news.bbc.co.uk/1/hi/england/london/7431640.stm
Props, Schneier:
http://www.schneier.com/blog/ar
Dave Nelson wrote:
> IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
> that their license for flash only covered the older version that they
> include in the update.
Does it reinstall the older ActiveX, the older plugin [e.g., Firefox],
or both?
Jeff
__
Microsoft's writeup in their advisory is vague about what versions are
involved. I installed the update on an SP3 system running Flash 8.0.24.0
and got an error back that the update was not a proper version for the
Flash I was running, or something like that.
I went to the Flash site and installed
To be honest Jeff, I'm not sure. I haven't installed SP3 on any of my
machines (not even a vm)
Dave
Jeff Kell wrote:
> Dave Nelson wrote:
>
>> IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
>> that their license for flash only covered the older version that they
>>
On Mon, 2 Jun 2008, Bruce Ediger wrote:
> Apparently from:
> > http://www.eweek.com/c/a/Security/The-AntiMalware-Certification-Problem/
> ...
> > In fact, insiders in the anti-virus industry, especially vendors, are
> > widely derisive of the WildList, looking on it as an outdated burden on
On Mon, Jun 2, 2008 at 5:16 PM, Drsolly <[EMAIL PROTECTED]> wrote:
> ...
> Telling people to "Practise safe Hex" was, I agree, pretty useless.
> Telling people to switch their operating system (or change their computing
> platform), and change all their application software, would have been even
>
I'm pretty sure it's just the ActiveX. The advisory
(http://www.microsoft.com/technet/security/Bulletin/MS06-069.mspx) says,
among other things, "This security update installs Flash6.ocx version
6.0.88.0and removes the version of Flash.ocx it is replacing" and makes
no mention of plugins
Larry Sel
13 matches
Mail list logo
