This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Podcast News"

From OWASP
Jump to: navigation, search
m
m (New IE zero-day & Google to drop IE 6 support:)
Line 19: Line 19:
 
Proof that Microsoft's 1999 "Secure Windows Initiative" and 2002 "Trustworthy Computing" have provided immutably secure software:
 
Proof that Microsoft's 1999 "Secure Windows Initiative" and 2002 "Trustworthy Computing" have provided immutably secure software:
  
===== New IE zero-day & Google to drop IE 6 support: =====  
+
===== New IE zero-day : IE Flaw Allows File Access =====  
 +
(February 3 & 4, 2010)
  
--IE Flaw Allows File Access
 
(February 3 & 4, 2010)
 
 
Microsoft has issued a security advisory warning of a vulnerability in Internet Explorer (IE) that affects users running Windows XP or who have disabled IE Protected Mode.  The vulnerability essentially turns vulnerable computers into "public file server[s];" attackers can exploit the flaw to access files with known filenames and locations if they trick users into visiting specially-crafted websites.  The vulnerability is the result of incorrectly rendering local files in the browser.  It affects IE 5.01 and IE 6 on Windows 2000; IE 6 on Windows 2000 SP 4; and IE 6, 7 & 8 on Windows XP and Windows Server 2003.
 
Microsoft has issued a security advisory warning of a vulnerability in Internet Explorer (IE) that affects users running Windows XP or who have disabled IE Protected Mode.  The vulnerability essentially turns vulnerable computers into "public file server[s];" attackers can exploit the flaw to access files with known filenames and locations if they trick users into visiting specially-crafted websites.  The vulnerability is the result of incorrectly rendering local files in the browser.  It affects IE 5.01 and IE 6 on Windows 2000; IE 6 on Windows 2000 SP 4; and IE 6, 7 & 8 on Windows XP and Windows Server 2003.
 
http://www.microsoft.com/technet/security/advisory/980088.mspx
 
http://www.microsoft.com/technet/security/advisory/980088.mspx
 
http://www.theregister.co.uk/2010/02/04/ms_browser_bug/
 
http://www.theregister.co.uk/2010/02/04/ms_browser_bug/
 
http://www.computerworld.com/s/article/9151838/IE_flaw_gives_hackers_access_to_user_files_Microsoft_says?taxonomyId=17
 
http://www.computerworld.com/s/article/9151838/IE_flaw_gives_hackers_access_to_user_files_Microsoft_says?taxonomyId=17
 +
 +
===== Google to drop IE 6 support =====
  
 
===== Google to Drop IE 6 Support =====  
 
===== Google to Drop IE 6 Support =====  

Revision as of 07:31, 9 February 2010

OWASP Podcast News

OWASP NEWS 2010

OWASP Podcast Roundtable

Next Recording : February 16, 2010

US Cybersecurity Bill

http://www.theregister.co.uk/2010/02/04/house_cybersecurity_bill/

The US House of Representatives has overwhelmingly passed a bill that would direct almost $400m toward research designed to shore up the nation's cybersecurity defenses.

The Cybersecurity Enhancement Act would authorize $108.7m over five years to establish a cybersecurity scholarship program. In return, students would serve in federal government posts upon graduation.

Microsoft's 1999 "Secure Windows Initiative"

Proof that Microsoft's 1999 "Secure Windows Initiative" and 2002 "Trustworthy Computing" have provided immutably secure software:

New IE zero-day : IE Flaw Allows File Access

(February 3 & 4, 2010)

Microsoft has issued a security advisory warning of a vulnerability in Internet Explorer (IE) that affects users running Windows XP or who have disabled IE Protected Mode. The vulnerability essentially turns vulnerable computers into "public file server[s];" attackers can exploit the flaw to access files with known filenames and locations if they trick users into visiting specially-crafted websites. The vulnerability is the result of incorrectly rendering local files in the browser. It affects IE 5.01 and IE 6 on Windows 2000; IE 6 on Windows 2000 SP 4; and IE 6, 7 & 8 on Windows XP and Windows Server 2003. http://www.microsoft.com/technet/security/advisory/980088.mspx http://www.theregister.co.uk/2010/02/04/ms_browser_bug/ http://www.computerworld.com/s/article/9151838/IE_flaw_gives_hackers_access_to_user_files_Microsoft_says?taxonomyId=17

Google to drop IE 6 support
Google to Drop IE 6 Support

(February 3, 2010) Google has announced that as of March 1, 2010, its applications will no longer support Internet Explorer 6 (IE 6). Although Google did not say so directly, the decision may have been influenced by recently disclosed attacks against Google and other US companies that exploited a vulnerability in IE 6. The attacks prompted public warnings in Germany, France and Australia against using IE 6. http://www.msnbc.msn.com/id/35219388/ns/technology_and_science-security/