Below are the 9 most recent journal entries recorded in slashdot_hat's LiveJournal:

Thursday, September 13th, 2007
11:29 pm	Windows Stealth Updates This has caused a buzz on various tech sites today: It is claimed that MS pushed updates to Vista and XP even when the user requested that no updates be done. http://www.windowssecrets.com/2007/09/13/01-Microsoft-updates-Windows-without-users-consent http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9036058&source=rss_news10 http://blogs.zdnet.com/hardware/?p=774 http://blogs.zdnet.com/hardware/?p=779 Can anyone confirm or deny this? Has anyone seen any evidence that this has occurred on Windows Server products? (Comment on this)
Friday, April 21st, 2006
1:16 pm	Sponsored+ I'm using this account to test out the new LJ Sponsored+ option. I can switch back to a Free Account (without ads) at any time. (Comment on this)
Friday, April 14th, 2006
10:28 am	Updates for Highly Critical Firefox/Seamonkey Multiple Vulnerabilities released Firefox 1.0.8, Firefox 1.5.0.2, and Seamonkey 1.0.1 have been released Firefox details: The Mozilla foundation has released updates that fix several highly critical vulnerabilities and improve stability. Anyone who has firefox 1.5 installed should be able to use the "Check for Updates" button to get them. Otherwise you can download them from http://www.mozilla.com/ Also, for anyone using intel based macintosh, a Universal Binary of Firefox 1.5.0.2 has been released. Post in Security Fix: http://blog.washingtonpost.com/securityfix/2006/04/security_updates_for_firefox_o.html Also mentioned here: http://isc.sans.org/diary.php?storyid=1261 Firefox Security advisory: http://secunia.com/advisories/19631/ and, of course, on slashdot: http://slashdot.org/articles/06/04/14/1349212.shtml Seamonkey details: http://www.mozilla.org/projects/seamonkey/ A Universal Binary of Seamonkey 1.0.1 has also been released. Seamonkey Security advisory: http://secunia.com/advisories/19649/ I suspect updates to Mozilla 1.7 will also be released in the near future. (Comment on this)
Tuesday, April 11th, 2006
7:44 am	The Woz walks into an Apple Store ... http://seattletimes.nwsource.com/html/businesstechnology/2002921742_btwozniak10.html (Comment on this)
Thursday, March 16th, 2006
9:24 am	Adobe releases updates for Highly Critical Macromedia Flash & Shockwave vulnerabilities As posted in Securityfix: Adobe has released updated versions of its ubiquitous Macromedia Flash and Shockwave online media players, which the company said fix several critical security vulnerabilities in previous versions. Adobe said that if a user loaded a specially crafted Shockwave file from a malicious Web site, that site could hijack that person's browser and potentially seize complete control over the visitor's computer. The problem affects Flash Player versions 8.0.22.0 and earlier. Shockwave versions 10.1.0.11 and earlier also have this problem. In addition, you will need to update if you are using Adobe's Breeze Meeting Add-In version 5.1 and earlier, or the Flash Debug Player version 7.0.14.0 and earlier. Links to Windows and Linux updates are in the article as well as a link to a removal tool for those who do not want flash on their system. Restart your browser after updating. No word on Macintosh updates, but I think Apple has to release those. http://blog.washingtonpost.com/securityfix/2006/03/adobe_issues_critical_macromed_1.html Update: there is a broken link in the securityfix post, the correct link for the MS update is: http://www.microsoft.com/technet/security/advisory/916208.mspx I've found the securityfix blog to be an excellent source for computer security information that that concise and easy to read. Bookmark the site or the rss feed. I created the LJ feed securityfix but recently LJ Feeds I have subscribed for have not been arriving properly. Details for the vulnerabilities are here: http://secunia.com/advisories/17430/ http://www.kb.cert.org/vuls/id/146284 (Comment on this)
Tuesday, February 7th, 2006
7:50 pm	Firefox / Thunderbird / Mozilla highly critical vulnerabilities - exploit out Exploit code for Firefox / Thunderbird / Mozilla vulnerablity is now in the wild. http://isc.sans.org/diary.php?storyid=1102 an alert has also been issused by US-Computer Emergency Readiness Team Basically the recommendation is to update to either Firefox 1.5.0.1 or Seamonkey 1.0 or turn off javascript until Firefox 1.0.8 or Mozilla Suite 1.7.13 are published. Note: at this time there are more instabilites in the Firefox 1.5.x product (and possibley Seamonkey 1.0) than in Firefox 1.0.x or Mozilla Suite 1.7.x read more here (Comment on this)
Thursday, February 2nd, 2006
4:48 pm	Firefox / Thunderbird / Mozilla highly critical vulnerabilities Summary: Multiple vulnerabilities have been reported in Firefox, Thunderbird, and Mozilla suite, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, potentially disclose sensitive information, and potentially compromise a user's system. What is affected: * Firefox 1.5.0 and before http://secunia.com/advisories/18700/ * Thunderbird 1.5 and before Thunderbird is vulnerable if JavaScript is enabled. This is not the default setting and we strongly discourage users from turning on JavaScript in mail. Thunderbird is not vulnerable in its default configuration. * Mozilla Suite 1.7.12 and before http://secunia.com/advisories/18703/ * The recently released Seamonkey 1.0 suite is not vulnerably because it already has these fixes included. More info: http://www.mozilla.org/security/announce/mfsa2006-05.html http://www.mozillazine.org/talkback.html?article=7965 http://blogs.washingtonpost.com/securityfix/2006/02/firefox_update_.html What to do: If you have Firefox 1.5 installed, use the Menu: Help -> Check for Updates item to update to Firefox 1.5.0.1 If you have Firefox 1.0.x: disable Javascript and wait for Firefox 1.0.8 to be released. Or install Firefox 1.5.0.1 Note: some people are still reporting a few stability issues with Firefox 1.5.x If you are using any version of Thunderbird, make sure javascript is not enabled (which is the default) or disable javascript and wait for an update. If you have Mozilla 1.7.x: Disable JavaScript, except for trusted web sites. You will have to wait for an update. Redhat has released updates for Firefox 1.0.7 and Mozilla 1.7.12 which fix this issue in Redhat Enterprise Linux. You will need to check with other linux distributions for their fixes. http://rhn.redhat.com/errata/RHSA-2006-0200.html http://rhn.redhat.com/errata/RHSA-2006-0199.html (Comment on this)
Tuesday, January 3rd, 2006
2:53 pm	Windows Extremely Critical Security Flaw Advisory - Part II Two important things were announced today: 1] Microsoft has announced that they will have an official patch available a week from today: Tues Jan 10th. http://www.microsoft.com/technet/security/advisory/912840.mspx Microsoft is also advising people to not use the unofficial patch saying it could cause stability problems, however I personally am not aware of any. 2] Just before applying the official patch, everyone will need to undo the two steps previously recommended. Here are the uninstall steps: A] How to re-register the shimgvw.dll after an offical patch is out: from http://www.auditmypc.com/process/shimgvw.asp If you need to enable shimgvw.dll, simply do the following: * Logon as an administrative user (user with administrative privileges). * Click the Windows "Start" button and select "Run" * Enter the following text into the "Open" field: regsvr32 %windir%\system32\shimgvw.dll - You can copy and paste the command above into the "Open" field. * Click "OK" to unregister the vulnerable DLL. B] How to uninstall the unoffical patch: Go to Control Panel -> Add/Remove Programs uninstall Windows WMF Metafile Vulnerability HotFix Reboot before installing official patch. To manually uninstall the patch: from: http://www.hexblog.com/2005/12/wmf_vuln.html - remove any mention of wmfhotfix.dll from HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs - reboot - if you want, you can delete %system%wmfhotfix.dll from the disk. This is 'the meat' of the fix, the only file that patches the system in the memory. It should be freely deletable after the reboot There are some text files in %programfiles%WindowsMetafileFix, if you want, you can delete them too. (Comment on this)
Sunday, January 1st, 2006
3:38 pm	Windows Extremely Critical Security Flaw Advisory If you are running Microsoft Windows, as I'm sure most of you are, you need to know that security sites I trust are reporting that this situation is very very bad. It much worse than just another virus: it is a completely new way of breaking into any windows computer, and all it takes is a maliciously created image file to do it delievered by a web browswer or email, it can also be triggered by indexing programs that make it easier to find files on your computer - one example being google desktop. Cracking tools have already been created to spew out random image files with the exploit. Microsoft does not have a fix available for this and may not for another week. That exploits are not more widespread may be because most people in the US have not been using computers due to the holiday. The current recommendation to protect yourself until microsoft does release a fix is to do both of the following: 1] unregister shimgvw.dll - this prevents the image files from being looked at and executed # Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK. # A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box. 2] install this unoffical patch - This is a drastic step but it has been tested by many security people. http://handlers.sans.org/tliston/wmffix_hexblog13.exe If you have choosen to run macintosh, linux or bsd instead of windows: congratulations, you have nothing to worry about. If you still run windows 98 or ME, microsoft will probably not fix this problem on these systems. If anyone has any questions, I will try my best to answer them. References: http://isc.sans.org/diary.php?storyid=996 http://isc.sans.org/diary.php?storyid=994 (This is an FAQ on the problem) http://isc.sans.org/diary.php?storyid=993 Additional information that admins might want to know: There is also now an .msi file suitable for unattended installation read http://isc.sans.org/diary.php?storyid=999 http://handlers.sans.org/tliston/WindowsMetafileFix.html How to re-register the shimgvw.dll after an offical patch is out: from http://www.auditmypc.com/process/shimgvw.asp If you need to enable shimgvw.dll, simply do the following: * Logon as an administrative user (user with administrative privileges). * Click the Windows "Start" button and select "Run" * Enter the following text into the "Open" field: regsvr32 %windir%\system32\shimgvw.dll - You can copy and paste the command above into the "Open" field. * Click "OK" to unregister the vulnerable DLL. How to uninstall the unoffical patch: from: http://www.hexblog.com/2005/12/wmf_vuln.html To manually uninstall the patch: - remove any mention of wmfhotfix.dll from HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs - reboot - if you want, you can delete %system%wmfhotfix.dll from the disk. This is 'the meat' of the fix, the only file that patches the system in the memory. It should be freely deletable after the reboot There are some text files in %programfiles%WindowsMetafileFix, if you want, you can delete them too. (Comment on this)