January 26, 2006
Connection scoring beats spam filtering
A simple device that prevents spammers from delivering junk to your mail server outperforms complex spam filtering appliances costing up to seven times as much, according to tests the Windows Secrets Newsletter. If your company is suffering from onslaughts of spam, our tests indicate that this new approach can halt more than 99% of your unwanted flow without blocking legitimate e-mail. Best of all, the new technology does this without creating a large "quarantine" of suspected spam that you or your employees must manually comb through. Read more »
Wireless 'flaw' could leave computers open 
There's been a lot of talk about the Windows Wi-Fi "flaw" that was revealed recently. Some security professionals call it a high-risk vulnerability. Meanwhile, Microsoft and other security professionals call it a feature — one that can only be exploited under the right circumstances. Let's take a closer look, so you can be the judge. Read more »
When does 'not critical' mean 'critical'?
You are at risk. No, seriously. Every time you turn on any kind of technology, you turn on risk. The question for today is this: Exactly how do you know what risk you are taking when you use that technology? Some argue that "old code" is secure code, under the assumption that the older the code, the more "eyes" have reviewed it. But is that true? Let's revisit the Windows Metafile issue with this in mind, shall we? Read more »
How to slim down your porky pics
Those 8-megapixel cameras take great pictures, don't they? Faaaaaaat. In more ways than one. The top complaint I've heard since the holidays has nothing to do with rootkits, WMF files, or patches of patches. Nope. The people I know who scream the loudest got expensive new cameras, and they've learned that they can't do much with their pictures. Read more »
When is a flaw really a back door?
How quickly do your vendors release patches? If they take 15 years, does that mean the problem was an intentional backdoor? There are, to be sure, some still-outstanding questions regarding how the now-infamous Windows Metafile flaw affects the Windown 9x/Me platform (as discussed my fellow columnist, Susan). One bit of controversy that arose over this problem since our last newsletter deserves clarification here. Read more »
January 12, 2006
WMF hole still reverbrates with users
What a way to start the year! The now-well-known WMF vulnerability, which allows an infected image to silently take over your PC, was first publicized just before New Year's Eve. It resulted in a frantic week for Microsoft and millions of Windows users who wanted to protect themselves. I considered the risk of infection from hacked Windows metafiles (.wmf files) to be so dire that I published an unprecedented two news updates in the same week. (In the past 12 months, I'd felt the need to release only 5 news updates.) Read more »
New Year brings new security woes
The year 2006 started with a bang for security professionals as we scrambled to deploy patches for zero-day exploits. Even as old security holes were closed software vendors, more holes were discovered with exploits-to-go. They seem to be arriving at an ever-increasing rate. Read more »
Malicious pictures, fonts, and attachments
The ball dropped in New York, ushering in the New Year. But we network admins were scrambling because of a zero-day exploit for which no patch was available, other than hoping our antivirus vendors would catch it. Little did we know at that time that the 'bug' was perhaps a wakeup call for us to have better procedures to handle a zero-day event in the future (as InfoWorld's Roger Grimes reports). Read more »
How to protect yourself against autoplay discs
If your holiday season was anything like mine, you probably received a fair amount of software, either off the shelf, or bundled with a new PC. Seems that CDs have replaced silk ties as the gift of choice when trying to buy for someone who has everything. But CDs and DVDs today can hold dangers that you should avoid. Let's look at how one simple change can make you immune to those headaches. Read more »
MS patch doesn't end WMF issues
When there's blood in the water, don't go swimming. I hope you didn't think we were all done with our WMF problems. I'm not going to go over all the details of the WMF vulnerability and patch here. My fellow columnists have that well covered. I do wish to point out that it's an important example of what the patch lifecycle now looks like for a special case. Read more »
January 6, 2006
Install Microsoft's WMF patch
Microsoft released on Jan. 5 an emergency patch, named MS06-001, which corrects Windows' so-called WMF (Windows metafile) vulnerability. A WMF exploit can silently infect a PC when it merely displays an image in any browser, instant messaging, P2P, e-mail, or in a directory listing in Windows Explorer; when desktop-search applications index an infected image file; and in other ways. I published a special news update earlier in the week urging readers to install an unofficial patch for this problem. This workaround was also strongly recommended F-Secure, the SANS Institute's Internet Storm Center (ISC), and several other security sites. Read more »
January 4, 2006
Windows metafile hole requires unofficial patch
A weakness in the way Windows renders images is being exploited on the Internet and affects any browser you may be using, not just Internet Explorer. Microsoft has no patch for the problem at this writing. An official patch may appear at any time, or it may take days or weeks. I recommend that you immediately run a small, unofficial patch that was developed white-hat security researchers to make your PCs immune to the problem. Read more »