22nd > February > 2002 Archive
Checkout the OS-free PCs at walmart.com
We are indebted to CNET for the news that walmart.com is to experiment with selling PCs without operating systems i.e. a whole lot cheaper than their Windows-loaded counterparts.
Most SNMP vulns quietly lurking
It's been over a week since CERT released a seemingly endless list of devices and software products containing SNMP vulnerabilities discovered by Finnish University of Oulu researchers, and to date very little bad has happened, no doubt to the disappointment of most news agencies. As the story drops off the media radar screen, it's important to keep in mind that threats to your system can't be measured by the amount of mainstream press coverage they receive.
Three new MS security holes – two nasty
First up, the mildest of the three. Microsoft XML Core Services (MSXML) may ignore IE security zone settings during a request for data from a Web site, meaning that an attacker could request data from the user's local drive. It would be necessary for the attacker to know the path to the file being sought, and he would have only read privileges. HTML e-mail seems not to be vulnerable to this sort of attack. The hole exists in the XMLHTTP ActiveX control, which "allows Web pages to send and receive XML data via HTTP operations such as POST, GET, and PUT." Supposedly there are security mechanisms to prevent abuse, but they're obviously not quite comprehensive.
V21 to hand cash to Barnardo's
The boss of Surrey-based ISP V21 has pledged to donate cash to children’s charity Barnardo’s.
CA cans updates for free personal AV package
Computer Associates (CA) is to cease providing updates for its free InoculateIT Personal Edition (IPE) anti-virus software on May 15.
Compaq pumps up AlphaServer 4-way benchmarks
Unix server vendors just love benchmarks, which means, we guess that their corporate clients think they're pretty important to.