Archive for October 23, 2007

RealPlayer zero-day flaw exploited

Posted: October 23, 2007 in Tech

Symantec warned that attackers are actively targeting an un-patched flaw in Real Networks’ popular RealPlayer multimedia viewer to run malicious code via the victim’s Web browser.

RealPlayer is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer.

Symantec recommends users disable Active Scripting in Internet Explorer or set the kill bit on the associated CLSID.

Skype to launch mobile phone

Posted: October 23, 2007 in Tech

Skype is working in conjunction with 3 Mobile to release a handset that will allow Skype’s service to make long-distance and international calls.

The phone will also feature 3G internet service for web browsing.

EMC Corporation announced that it will offer technology solutions and expert consulting in support of Microsoft Office Communications Server 2007 to provide customers with a security-enhanced, scalable, and highly available integrated communications infrastructure.

EMC’s solution suites for Exchange Server 2007 and SQL Server 2005 span the lifecycle of information management, including performance and scalability; backup and recovery; business continuity; security; operational management; and archiving and compliance.

Windows 7 previewed with MinWin

Posted: October 23, 2007 in Tech

Microsoft’s Engineer Eric Traut showcased a next-generation Windows 7 version which takes up only 25MB of disk space. The internal version code-named “MinWin” was shown off during a recent presentation at the University of Illinois.

Microsoft has said it will release Windows 7 around 2010, although the company has not revealed details on its features and also refused to further provide additional information.

Mozilla Releases Firefox 2.0.08

Posted: October 23, 2007 in Tech

Mozilla unveiled a new update for its popular browser Firefox, which fixes several security flaws.

Firefox 2.0.0.8 addresses problems such as crashes with evidence of memory corruption and XPCNativeWrapper pollution using Script object.

Other patches include possible file stealing through sftp protocol, file input focus stealing vulnerability and URIs with invalid %-encoding mishandled by Windows.