National Insecurity

National Insecurity
"National Security" has been burned indelibly into the vocabulary of average Americans ever since 9/11. Of course, prior to 9/11 we had enemies- even enemies who attacked us. We knew...

Microsoft Security Bulletins for September
Have you ever used Microsoft's OneNote? I had heard of it, but I never used it until a few months ago. I love it. It is hard to even define...

Oracle WebLogic Server Apache Connector Remote Code Execution
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is vulnerable to a buffer overflow, which would cause a denial of service and potentially remote code execution.

Mozilla Unicode URL Stack Overflow
Multiple Mozilla products are vulnerable to a stack buffer overflow allowing remote code execution by enticing a user to click on a specially-crafted URL.

Microsoft Office OneNote File Uniform Resource Locator Remote Code Execution
Microsoft Office is vulnerable to remote code execution through specially-crafted OneNote URLs.

Mixing Personal and Business Email
Should you send personal emails on your corporate or business email account? What about handling business using your personal email account? Well, there isn't really a cut-and-dry, yes-or-no answer to...

Microsoft Windows Media Encoder Wmex.dll ActiveX Control Remote Code Execution
The Microsoft Windows Media Encoder wmex.dll ActiveX control is vulnerable to a buffer overflowthat could result in remote code execution.

Multiple Vendors Vulnerable to DNS Cache Poisoning
Multiple vendor DNS protocol implementations could allow a remote attacker to poison the DNS cache.  Patches that resolve the vulnerability on the DNS may be rendered ineffective if the DNS is behind a NAT device that does not randomize ports. Public exploit code was made available on July 24, 2008.  At the time of this update, neither X-Force nor IBM MSS has witness any active exploitation nor the integration of this exploit into any exploit toolkits.

BullGuard releases Internet Security 8.5 - PC World Magazine