Atul’s Blog
My Life My World
Security
Zone alarm version 6 Products released
Jul 22nd
Zone alarm has released its Version 6 products.Zone alarm especially its Firewall products are best known to all ,been a 2 yrs old companion for me as well.
According to the site its has come out of its beta stages and have released version 6 i.e Final versions of its diffrent products.
As of now i have no specific changelogs for the products but you can go to thier website to update your Zone Alarm products
visit:zonealabs.com
Kaspersky Anti-Virus Personal Pro 5.0.372 Released
Jul 12th
Kaspersky Lab`s state-of-the-art technology provides relief against the constant headache of virus related attacks.
It automatically checks for viruses in all incoming and outgoing messages in real time, and will prevent viruses from penetrating your computer.
The anti-virus scanner provides a comprehensive check of all local and network drive contents on demand. You may start your scanner manually or schedule its start with Control Center.
Kaspersky Ant-Virus Personal Pro provides full-scale protection with some additional protective components a behavior blocker and integrity checker; appropriate for experienced users seeking the best anti-virus protection.
Components:
*Anti-Virus Databases Auto-Updating Utility
*Control Center
*Scanner
*Monitor
*Mail Checker
*Script Checker
*Rescue Disk
*Report Viewer
Chemically Misting Drives Available Next Year
Jun 26th
Have you ever had a laptop stolen? How about a cell phone? Did either contain any sensitive data? With mobile devices becoming more and more common each day, the risk for theft of such devices also increases. This is where data security company Ensconce Data Technology and their “Dead on Demand” service comes in.
Ensconce Data Technologies Inc., a two-year-old company in Portsmouth, N.H., is developing an approach even more reminiscent of James Bond: It hides a chemical mist in a pocket in a special hard drive. If a warning signal is tripped — say, if a vandal tampers with the computer, or a built-in global-positioning system detects that it has been moved too far from its normal location — the mist wafts over the hard drive, destroying it layer by layer. “Absolutely everything is gone,” says President Jack Thorsen.
Mr. Thorsen declines to disclose details about the chemical used to destroy the drive, except to say that it is no more toxic than “anything you’d find under your sink.”
“I wouldn’t put my hand in a vat of it, but it’s fairly benign,” he says.
The hard drive is shock resistant, so dropping the computer won’t accidentally trigger the destruction. Because the mist is housed within the hard drive, it also won’t damage the rest of the computer. Ensconce aims to start selling the hard drives to military and business customers early next year for $2,500 to $9,000 each.
Mozilla Firefox Frame Injection Vulnerability
Jun 7th
Secunia Advisory: SA15601
Release Date:2005-06-06
Critical:
Moderately critical
Impact:Spoofing
Where: From remote
Solution Status: Unpatched
Software: Mozilla 1.7.x
Mozilla Firefox 1.x
Description:
A seven year old vulnerability has been re-introduced in Mozilla and Firefox, which can be exploited by malicious people to spoof the contents of web sites
The vulnerability has been confirmed in Firefox 1.0.4 and Mozilla 1.7.8. Other versions may also be affected.
Solution:
Do not browse untrusted web sites while browsing trusted sites.
Source:secunia
MSN Hotmail Gets New Tools
May 28th
Microsoft has announced new MSN Hotmail tools and services – MSN Postmaster and Smart Network Data Services – designed to expand e-mail industry collaboration in fighting spam.
These new services include e-mail authentication mechanisms such as the Sender ID Framework, to help protect MSN Hotmail customers as well as the overall e-mail community from online safety concerns such as spam, phishing and viruses.
Microsoft has launched the MSN Postmaster Web site in 10 languages worldwide. This site is designed to help bulk e-mailers, Internet service providers (ISPs), e-mail service providers and others better understand issues and solutions around sending e-mail to users of the MSN Hotmail Web-based e-mail service.
According to Microsoft MSN Postmaster offers information and tools addressing a range of issues, including helping fight junk e-mail, improving delivery of legitimate bulk e-mail messages, streamlining the reporting of e-mail abuse and assisting with troubleshooting.
As part of MSN Postmaster, Microsoft is also introducing a preview release of Smart Network Data Services in English. With the new service, ISPs will be able to contribute to the fight against spam and protect e-mail as a valued communications tool.
Two serious security holes found in Firefox
May 9th
DANISH PROBLEM watcher Secunia said that two “extremely critical” security problems have been discovered in ever-more popular browser, Firefox.
According to Secunia, these involve cross scripting attacks involving IFRAME Javascript URLs and input passed to the IconURL parameter.
The holes have been confirmed in version 1.0.3, and exploit code is publicly available, said Secunia, in its note, here
Description:
Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user’s system.
1) The problem is that “IFRAME” JavaScript URLs are not properly protected from being executed in context of another URL in the history list. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an arbitrary site.
2) Input passed to the “IconURL” parameter in “InstallTrigger.install()” is not properly verified before being used. This can be exploited to execute arbitrary JavaScript code with escalated privileges via a specially crafted JavaScript URL.
Successful exploitation requires that the site is allowed to install software (default sites are “update.mozilla.org” and “addons.mozilla.org”).
A combination of vulnerability 1 and 2 can be exploited to execute arbitrary code.
NOTE: Exploit code is publicly available.
The vulnerabilities have been confirmed in version 1.0.3. Other versions may also be affected.
Solution:
Disable JavaScript.
Provided and/or discovered by:
john smith
Source:neowin.net
more info: Secunia on Firefox
more info:Secunia on opera
on 
on 
on