I have been assisting a friend who, she told me, could not get BBC iPlayer to work. Further, another site was telling her she did not have ActiveX, but she was sure she had it.
This was puzzling me. She described how she went to the BBC iPlayer site, and it said she needed to
…continue reading IE9 ActiveX Filtering causing tears of frustration
I look forward to trying it; but Internet Explorer 9’s Smart Filter was not keen.
What you cannot see from the screenshot is that the option to “Run anyway” is hidden by default. You have to
…continue reading This is why people ignore security warnings: IE9 blocks official Microsoft update
Sony has posted information about the “illegal intrusion on our systems” that has caused the PlayStation Network (PSN) to be closed temporarily. PSN is necessary for playing online games and downloading music and videos.
Sony has disclosed that:
Between April 17 and April 19 2011 an attacker gained access to “user account information”
…continue reading Sony PlayStation network hacked, some disclosure, questions remain
There is an analysis by Rob Rachwald over on the Imperva Data Security Blog of how an RTF document can carry a virus, in this case a trojan executable. RTF (RIch Text Format) is generally considered safer than the Microsoft Office .DOC format since it cannot include macros; but the vulnerability in this case is
…continue reading How an RTF file can install a virus when opened
The what? Well, few people used it which is why it is shutting down; but the Adobe Document Center is a service for protecting documents, somewhat similar to Microsoft’s Rights Management Services except that it is provided as a hosted subscription service; though I am not sure that it ever made it out of beta
…continue reading Adobe Document Center shutting down, protected documents to become unreadable
The discovery of viruses in apps on Google’s Android Market is troubling. I like the fact that Android is open, and that you can easily install an APK (Android Package) from any source onto your device if you want to. That said, it is reasonable to expect that apps downloaded from the official Android Market
…continue reading Google fails to protect its mobile platform
A friend uses Microsoft’s Exchange Online service for his small company. All was going well until one day he found himself locked out of his email. He had no idea why.
The reason, it turned out, was the password policy set by Microsoft and outlined here:
To help maintain security, you must periodically change your
…continue reading Microsoft’s BPOS password madness driving users to Google Apps
Scott Guthrie’s blog reports that a fix is now available for the Padding Oracle attack, which enables successful attackers to break the security of ASP.NET applications. There are a few points of interest.
First, there is not one patch but several, and which ones you need depend both on the version of Windows and the
…continue reading ASP.NET Padding Oracle fix released, time to patch for Windows administrators
Security vulnerabilities are reported constantly, but some have more impact than others. The one that came into prominence last weekend (though it had actually been revealed several months ago) strikes me as potentially high impact. Colourfully named the Padding Oracle attack, it was explained and demonstrated at the ekoparty security conference. In particular, the researchers
…continue reading Crisis for ASP.Net – how serious is the Padding Oracle attack?
I received an email from Trusteer noting that anti-virus detection rates for the latest Zeus variant are very low. This analysis shows that at the time of writing only Panda, among the major anti-virus products, picks it up. Does this mean we should all switch to Panda? No, because next time it will be one
…continue reading Anti-virus software continues to fail