Metasploit Exploit Emerges for IE Zero-Day Vulnerability
This week's security warning from Microsoft for a zero-day hole in Internet Explorer has opened the door for a hacker to create a working model of how to exploit the vulnerability.
Search Results
Search found 18808 results on 753 pages for 'security updates'.
Page 299/753 | < Previous Page | 295 296 297 298 299 300 301 302 303 304 305 306 | Next Page >
-
-
Pixar Animation Techniques That Powered Movies Like Toy Story & Wall E
- by Gopinath
Pixar few of the worlds best animation movies like Toy Story, Cars, Wall E and A Bug Life. For those who love these movies and would like to know how Pixar makes the incredibly beautiful animations here is a two minutes video. This article titled,Pixar Animation Techniques That Powered Movies Like Toy Story & Wall E, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.Read the article
-
Warning: E-Business Suite Issues with Sun JRE 1.6.0_19
- by Steven Chan
Sadly, the issues reported in the following article also apply to JRE 1.6.0_19:Warning: E-Business Suite Issues with Sun JRE 1.6.0_18Once again, if you haven't already upgraded your end-users to JRE 1.6.0_18 or 1.6.0_19, we recommend that you to keep them on a prior JRE release such as 1.6.0_17 (6u17).We're working closely with the Sun JRE team to get this issue resolved as quickly as possible. Please monitor this blog for updates.Read the article
-
Back-sliding into Unmanaged Code
- by Laila
It is difficult to write about Microsoft's ambivalence to .NET without mentioning clichés about dog food. In case you've been away a long time, you'll remember that Microsoft surprised everyone with the speed and energy with which it introduced and evangelised the .NET Framework for managed code. There was good reason for this. Once it became obvious to all that it had sleepwalked into third place as a provider of development languages, behind Borland and Sun, it reacted quickly to attract the best talent in the industry to produce a windows version of the Java runtime, with Bounds-checking, Automatic Garbage collection, structures exception handling and common data types. To develop applications for this managed runtime, it produced several excellent languages, and more are being provided. The only thing Microsoft ever got wrong was to give it a stupid name. The logical step for Microsoft would be to base the entire operating system on the .NET framework, and to re-engineer its own applications. In 2002, Bill Gates, then Microsoft Chairman and Chief Software Architect said about their plans for .NET, "This is a long-term approach. These things don't happen overnight." Now, eight years later, we're still waiting for signs of the 'long-term approach'. Microsoft's vision of an entirely managed operating system has subsided since the Vista fiasco, but stays alive yet dormant as Midori, still being developed by Microsoft Research. This is an Internet-centric fork of the singularity operating system, a research project started in 2003 to build a highly-dependable operating system in which the kernel, device drivers, and applications are all written in managed code. Midori is predicated on the prevalence of connected systems, with provisions for distributed concurrency where application components exist 'in the cloud', and supports a programming model that can tolerate cancellation, intermittent connectivity and latency. It features an entirely new security model that sandboxes applications for increased security. So have Microsoft converted its existing applications to the .NET framework? It seems not. What Windows applications can run on Mono? Very few, it seems. We all thought that .NET spelt the end of DLL Hell and the need for COM interop, but it looks as if Bill Gates' idea of 'not overnight' might stretch to a decade or more. The Operating System has shown only minimal signs of migrating to .NET. Even where the use of .NET has come to dominate, when used for server applications with IIS, IIS itself is still entirely developed in unmanaged code. This is an irritation to Microsoft's greatest supporters who committed themselves fully to the NET framework, only to find parts of the Ambivalent Microsoft Empire quietly backsliding into unmanaged code and the awful C++. It is a strategic mistake that the invigorated Apple didn't make with the Mac OS X Architecture. Cheers, LailaRead the article
-
Ati2dvag Blue Screen Problem
If your computer has just been getting slower and slower since you bought it and errors are becoming more frequent, it';s time for a tune up. This means running the latest updates, using security appl... [Author: Nathan Tyler - Computers and Internet - March 24, 2010]Read the article
-
Recover files in Ubuntu from USB stick
- by Jon
I have Ubuntu 11.04 running from a USB stick. I think I ran some updates in terminal and now it has a kernel panic during boot up. Is there a way I can get hold of files I saved when Ubuntu was working? I just managed to watch the booot screen and it looks as if there are some errors saying there is no room to write to disk however my USB stick has 5GB free UPDATE: Here is what I see when I plug the USB stick into WindowsRead the article
-
PHP blunders with random numbers
<b>The H Open:</b> "Security expert Andreas Bogk warns that, despite recent PHP improvements, the session IDs of users who are logged into PHP applications remain guessable. Upon close examination, the alleged improvements display frightening weaknesses."Read the article
-
An Introduction to Information Rights Management in Exchange 2010
If you’re a Systems Administrator concerned about information security, you could do worse than implementing Microsoft’s Information Rights Management system; especially if you already have Active Directory Rights Management Services in place. Elie Bou Issa talks Hub Servers, Transport Protection Rules and Outlook integration in this excellent guide to getting started with IRM.Read the article
-
CVE-2010-1634 Integer Overflow vulnerability in Python
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-1634 Integer Overflow vulnerability 5.0 Python Solaris 10 SPARC: 143506-03 X86: 143507-03 Solaris 11 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Week in Geek: New Faster IonMonkey JavaScript Engine Added to Firefox Nightly Builds
- by Asian Angel
Our latest edition of WIG is filled with news link coverage on topics such as the next version of Photoshop will not support Windows XP, Microsoft has found preloaded malware on PC production lines in China, Internet Explorer 8 users will lose browser support for Google Apps in November, and more. Original wallpaper for the image shown above is available at HD Wallpapers 4 Free. How To Create a Customized Windows 7 Installation Disc With Integrated Updates How to Get Pro Features in Windows Home Versions with Third Party Tools HTG Explains: Is ReadyBoost Worth Using?Read the article
-
Installation failure
- by Peter Kelson
I have just downloaded Ubuntu and burned an installation DVD. I used it to install Ubuntu on a PC running Windows XP choosing the option to run Ubuntu alongside Windows. I chose to install the additional updates after initial installation. When I choose Ubuntu from the menu displayed on boot-up I get a purple and yellow screen which is completely blank except for the functioning mouse pointer. I would be grateful for suggestions on how to fix this.Read the article
-
Best Platform/Engine for turn based Client/Server Android game
- by Paradine
I'm currently designing a turn based game for tablets. Initially for Android with porting to iOS later considered in design. I'm having trouble narrowing down the available technologies to even know where to spend my research time. I am hoping that if I explain what I am trying to achieve someone may be able to suggest a platform and/or engine. I've looked into some of the open source Engines ( http://www.cuteandroid.com/ten-open-source-android-2d-or-3d-game-engine-for-android-developers ) and some appear to handle much of what I might require - although with a higher focus on graphics than i need. Mages looks interesting although development appears to have ceased. If I could somehow leverage GoogleApps that would be excellent. Here is what I am trying to achieve: PvP turn based strategy game over internet - minimal animation and bandwidth required Players match up online using MetaGame system MatchID created on Resolution Server and Game starts Clients have 30 second countdown to select MoveString Clients sends small secure timestamped and MatchIDed MoveString to Resolution server Resolution server looks up Move String for each player, Resolves and Updates Players status in MatchID on Server Resolution server updates Client Views Repeat until victory conditions met - MatchID Closed, Rewards earned in MetaGame There will also need to be a full social and account system and metagame backend - but this could be running on separate system(s) Tablet in Offline mode would be catalog browsing and perhaps single player AI - bum I'm focusing on the Resolution Server at this point I'm not even certain if I would be looking at an Android App or a WebApp at this stage! I want a custom GUI so I guess an app - but maybe as I have little animation a WebApp might also work. Probably some combination of both. There will be very small overhead in data between client server - essentially a small text string every 30 seconds sent to the Resolution server which looks up the Effect and applies it to the Opponents string and determines some results to apply to the match. The client view is updated minimally with the results (only 5 in game Integers tracked) - perhaps triggering small animations/popups on the client to show the end result. e.g Explosion. If you have suggestions for a good technology or platform to best achieving the Resolution Server I'd love to hear. Also if you have experience with open source Engines - and could narrow down which (if any ) might be most suitable that would be a big help. Thanks in advanceRead the article
-
Microsoft Forefront Endpoint Protection 2010 sort en version RTM avec un nouveau moteur anti-malwares
Microsoft Forefront Endpoint Protection 2010 sort en version RTM Pour les constructeurs et les revendeurs, elle embarque un nouveau moteur anti-malwares Microsoft vient d'annoncer la disponibilité pour les constructeurs et revendeurs (version RTM) de Forefront Endpoint Security 2010, sa solution d'administration unifiée pour la protection contre les malwares pour les serveurs et les postes de travail des entreprises. En Release Candidate depuis novembre, cette version s'appuie sur « System Center Configuration Manager 2007 », facilitant ainsi le déploiement au niveau des entreprises ayant déjà mis en place des infrastructures de gestion des postes clients de Microsoft. Fore...Read the article
-
good/bad idea to use email address in php session variable? [closed]
- by Stephan Hovnanian
I'm developing some additional functionality for a client's website that uses the email address as a key lookup variable between various databases (email marketing system, internal prospect database, and a third shared DB that helps bridge the gap between the two). I'm concerned that storing a visitor's email address as a $_SESSION variable could lead to security issues (not so much for our site, but for the visitor). Anybody have suggestions or experience on whether this is okay to do, or if there's another alternative out there?Read the article
-
April Oracle Database Events
- by Mandy Ho
Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} April 17-18, 2012 – Moscow, Russia Oracle Develop Conference The Oracle database developer conference, Oracle Develop, will visit Moscow, Russia and Hyderabad, India this spring. Oracle Develop includes a database development track, which contains .NET sessions and hands-on lab led by an Oracle .NET product manager. Register today before the event fills up. http://www.oracle.com/javaone/ru-en/index.html Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} April 24, 26 – San Diego, CA & San Jose, CA ISC2 Leadership Regional Event Series Oracle at (ISC)2 Security Leadership Series: Herding Clouds -- Managing Cloud Security Concerns and Expectations Join us for his interactive day-long session where industry leaders, including Oracle solution experts, will talk about how to: dispel the top Cloud security myths minimize "rogue Cloud" implementations identify potential compliance pitfalls and how to avoid them develop contract language for your cloud providers manage users across your fractured datacenter leverage existing technologies to protect data as it moves from the enterprise to the cloud http://www.oracle.com/webapps/events/ns/EventsDetail.jsp?p_eventId=146972&src=7239493&src=7239493&Act=228 Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} April 22-26, 2012 – Las Vegas, NV IOUG Collaborate 12 From April 22-26, 2012, Oracle takes Las Vegas. Thousands of Oracle professionals will descend upon the Mandalay Bay Convention Center for a weeks worth of education sessions, networking opportunities and more, at the only user-driven and user-run Oracle conference - COLLABORATE 12. Your COLLABORATE 12 - IOUG Forum registration comes complete with a bonus- a full day Deep Dive education program on Sunday! Choose from numerous hot topics, including Real World Performance, High Availability and more, presented by legendary and seasoned Oracle pros, including Tom Kyte and Craig Shallahamer. http://www.oracle.com/webapps/events/ns/EventsDetail.jsp?p_eventId=143637&src=7360364&src=7360364&Act=5 Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} Independent Oracle User Group (IOUG) Regional Events: April 16, 2012 – Columbus, Ohio Ohio Oracle Users Group Higher Performance PL/PQL and Oracle Database 11g PL/SQL New Features – Featuring Steven Feuerstein http://www.ooug.org/ Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} April 26, 2012- Irving, TX Dallas Oracle Users Group Oracle Database Forum: 5-7PM Oracle Corporation, 6031 Connection Drive Irving, TX http://memberservices.membee.com/538/irmevents.aspx?id=64 Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";} Apr 30, 2012- Los Angeles, CA Real World Performance Tour A full day of real world database performance with: Tom Kyte, author of the ever popular AskTom Blog, Andrew Holdsworth, head of Oracle's Real World Performance Team, and Graham Wood, renowned Oracle Database performance architect. Through discussion, debate and demos, they’ll show you how to master performance engineering topics like: Best practices for designing hardware architectures and how to spot and fix bad design. How to develop applications that deliver the fastest possible performance without sacrificing accuracy. New for 2012! Updates on Enterprise Manager, Exadata, and what these technologies mean to your current systems. http://www.ioug.org/Events/ADayofRealWorldPerformance/tabid/194/Default.aspxRead the article
-
CVE-2011-2895 Buffer Overflow vulnerability in X.Org
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2895 Buffer Overflow vulnerability 9.3 X.Org Solaris 10 SPARC: 125719-41 119059-60 X86: 119060-59 125720-51 Solaris 9 Contact Support Solaris 8 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
CVE-2004-1010 Buffer Overflow vulnerability in Zip utility
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2004-1010 Buffer Overflow vulnerability 10.0 Zip Solaris 10 SPARC: 147378-01 X86: 147379-01 Solaris 9 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Update on People Tools
Jeff Robbins, Senior Director of PeopleTools Strategy for Oracle updates listeners on they key features of the most recent PeopleTools release and the key enhancements that are coming up in the next release.Read the article
-
How to implement an email unsubscribe system for a site with many kinds of emails?
- by Mike Liu
I'm working on a website that features many different types of emails. Users have accounts, and when logged in they have access to a setting page that they can use to customize what types of emails they receive. However, I'd like to also give users an easy way to unsubscribe directly in the emails they receive. I've looked into list unsubscribe headers as well as creating some type of one click link that would unsubscribe a user from that type of email without requiring login or further action. The later would probably require me to break convention and make changes to the database in response to a GET on the link. However, am I incorrect in thinking that either of these would require me to generate and permanently store a unique identifier in my database for every email I ever send, really complicating email delivery? Without that, I'm not sure how I would be able to uniquely identify a user and a type of email in order to change their email preferences, and this identifier would need to be stored forever as a user could have an email sitting in their inbox for a long time before they decide to act on it. Alternatively, I was considering having a no-login page for managing email preferences. In contrast to above where I would need one of these identifiers for each email, this would only need one identifier per user, with no generation or other action required on sending an email. All of these raise security issues, and they could potentially be used by people to tamper with others' email preferences. This could be mitigated somewhat by ensuring that the identifier is really difficult to guess. For the once per user identifier approach, I was considering generating the identifier by passing a user's ID through some type of encryption algorithm, is this a sound approach? For the per-email identifiers, perhaps I could use a user's ID appended to the time. However, even this would not eliminate the problem entirely, as this would really just be security through obscurity, and anyone with the URL could tamper, and in the end the main defense would have to be that most people aren't so bored as to tamper with other people's email preferences. Are there any other alternatives I've missed, or issues or solutions with these that anyone can provide insight on? What are best practices in this area?Read the article
-
Monitor Linux file system events with inotify
<b>IBM Developerworks:</b> "Summary: Use inotify when you need efficient, fine-grained, asynchronous monitoring of Linux file system events. Use it for user-space monitoring for security, performance, or other purposes."Read the article
-
CVE-2011-4313 Denial of Service Vulnerability in BIND Domain Name Server
- by chandan
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4313 Denial of Service vulnerability 5 BIND DNS software Solaris 11 Contact support Solaris 10 SPARC: IDR148282-01 X86: IDR148283-01 Solaris 8 SPARC: IDR148278-01 X86: IDR148279-01 Solaris 9 SPARC: IDR148280-01 X86: IDR148281-01 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Data Masking for Oracle E-Business Suite
- by Troy Kitch
E-Business Suite customers can now use Oracle Data Masking to obscure sensitive information in non-production environments. Many organizations are inadvertently exposed when copying sensitive or regulated production data into non-production database environments for development, quality assurance or outsourcing purposes. Due to weak security controls and unmonitored access, these non-production environments have increasingly become the target of cyber criminals. Learn more about the announcement here.Read the article
-
This Wed, Reading - Service Broker, Indexing, Normalisation, Sets, RI and Locking, Surrogate Keys
- by tonyrogerson
Registration is a must so we know numbers and for security, register here: http://sqlserverfaq.com/events/213/Service-Broker-Intro-Guidance-Indexing-Selection-Usage-Fragmentation-etc-Normalisation-Surrogate-Keys-Locking-considerations.aspx Network, learn, ask a question, meet other folk, get fed - these are all things that happen at user group events. These events are a really great opportunity to socialise in an informal learning experience - if you want your own exposure then come and do a 1 -...(read more)Read the article
-
Can I use silverlight for building SocialNetworking applicaiton?
- by dimmV
Hi all, I am wondering: how feasible it would be to start developing a social networking website entirely based on silverlight; This has been fairly discussed over the years in favor of HTML. Has something changed with silverlight improvements over the years? What about: * Performance -- active users -- technology used, MVVM + MEF (possibility of lags, server memory overflow...) * Security --- WCF Ria Services & EF What are your thoughts on this subject?Read the article
-
Where to download Broadcom STA .deb file?
- by Argusvision
Situation: I don't have wireless access through Ubuntu due to needing the Broadcom STA driver for my wireless card. I don't currently have access to a physical (cabled) connection that will allow my Ubuntu machine access. (Security reasons, no unidentified machines.) Where can I download a .deb file for the Broadcom STA driver? I'm not asking how to install through jockey-gtk (the "Additional Drivers" menu option) or through Synaptic. Thank you in advance for any assistance.Read the article
