security vulnerability

ALSO NOTED: Why 64 bits matter; Don't be afraid of looking dumb;

Tue, 27 Mar 2007 20:01:38 -0400

> Why 64 bits matters. Article

> The best managers aren't afraid of looking dumb. Blog

> Dell and AMD are first to incorporate DASH standards. Article

> Small businesses increasingly bypass costly software for online services that make money by showing ads. Article

> Microsoft announces a new security vulnerability. Article

> Why defining titles can help circumvent turf wars. Podcast

> The future of tech, from E-Tech. Article

And Finally… "The Secret" and the CIO. Blog

ALSO NOTED: Microsoft Word has a new vulnerability; Federal CIO Council weighs in;

Thu, 25 Jan 2007 19:01:38 -0500

> Microsoft Word 2000 security vulnerability exposed. Article

> Federal CIO Council focuses on building the IT workforce. Article

> Industry heavyweights in Europe charge Microsoft with illegal practices allegations. Article

> eBay's Skype pushes business-oriented features. Article

And finally… Viruses are still a serious threat, according to the U.K.'s CIO Jury IT user panel. Article

SPOTLIGHT: Printers pose network security threat

Wed, 17 Jan 2007 19:01:34 -0500

Printers pose network security threat
If you had to name the greatest security vulnerability in your corporate network, what would it be? Windows? Internet Explorer? That network security guy whose always cruising the World of Warcraft forums? How about printers? Think about it: they're networked, they're everywhere and unless they're patched, they're totally vulnerable. Network viruses have propagated via printer before--the Blaster worm in 2003, for example--yet many IT departments remain complacent when it comes to printer security. Article

A bounty for Vista bugs

Thu, 11 Jan 2007 19:01:39 -0500

If you've discovered code that creates a security vulnerability in Microsoft's newest operating system Vista, you could be rewarded with some big bucks. VeriSign iDefense Labs is launching another bounty program, this time offering $12,000 for bugs in both Vista and Internet Explorer. While the security vendor wouldn't comment on expectations for bug contributions, it's ready to pay the first six bug finders $8,000, with a bonus payment of $2,000 to $4,000 if the contributor also produces a working exploit code for the found bug. VeriSign is hoping that the program encourages hackers to disclose bugs instead of using them but considering that a Vista exploit can fetch far more on the black market, the company's bounty might be a surprisingly hard sell. The bounty program runs through March.

For more on the Vista bug bounty effort:
- check out the news at TechWeb

Getting a grip on rootkits

Tue, 21 Nov 2006 19:01:39 -0500

While they're not topping the big security threat lists, rootkits still pose a danger to today's enterprises. It is extremely important to understand what a rootkit is and how it can be used maliciously by hackers and worm writers. Knowing how to eradicate the threat with new tools available to security and IT leaders is equally important. As recent news items relate, rootkits aren't going anywhere fast so like with any security vulnerability, the more you know, the more secure you can be.

For a comprehensive look at rootkits:
- check out the feature at Network Computing

Related Article: More on tools for fighting rootkits. Article

New WiFi risk identified

Mon, 13 Nov 2006 19:01:39 -0500

Millions of systems are potentially at risk due to a security vulnerability in a wireless driver. The risk comes via a computer code that can be used to create a long service set identifier (SSID) which sets off the vulnerability and can give hackers complete machine access. According to security vendor Symantec, enterprises with vulnerable PCs should disable wireless devices until patches have been made available. The good news is that the risk is only on WiFi networks, and not the Web, so an attacker has to be within WiFi range.

For more on the new wireless threat:
- read the article at C/NET News.com

Microsoft vulnerability gets increased attention

Thu, 31 Aug 2006 20:01:38 -0400

When the MS06-040 patch for a security flaw in Windows was released earlier this month, both security experts and Microsoft downplayed the vulnerability risk. But that tune has changed with a leading security vendor now saying that it expects increased attacks on Windows machines due to the flaw, though Microsoft is holding strong to its original statement that there isn't such a high risk level. Symantec, however, says that there are now six variants of code that can take advantage of the vulnerability, spiking the potential for attacks even higher than expected.

For more on the continuing security vulnerability issue:
- read what the experts are predicting at C/NET News.com