Archive for March, 2010

April Foolery …

Wednesday, March 31st, 2010

It's already April 1st in some timezones, and thanks to the connectivity of the WWW, that means that you can be fooled outside of your own personal timezone!

That means you should be on the lookout for "foolings" ... basically, it's gonna be hard to trust anything you read between now and April 2nd!

Get Safe Online – Warnings

Wednesday, March 31st, 2010

There are new security warning(s):

·         Microsoft Internet Explorer Vulnerabilities

What does it affect?: Windows 95, Windows 98, Windows 2000, Windows XP, Windows Vista

What does it do?: Microsoft has released an update to its Security Bulletin Summary for March 2010 and has included the out-of-band bulletin MS10-018. This bulletin addresses ten vulnerabilities in Internet Explorer, including one previously announced in Microsoft Security Advisory 981374. The most severe of these vulnerabilities may allow an attacker to execute arbitrary code on the affected system.

How do I fix it?: Update your copy of the software with the download available from the supplier.

Details of Underlying Problem(s):For more technical information about this warning visit:
http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx.

Date modified: 31/03/2010

Source: HM Government (CPNI)

Watch out! Scammers about!

Tuesday, March 30th, 2010

IRS tax phishing scams on the increase ... so be careful out there!

Researchers at McAfee Labs continuously monitor threats to best protect our customers. We have identified a cluster of fake IRS URLs. Victims might visit these phishing and malicious websites via any number of effective redirection methods: phishing attacks, forum postings, and black-hat search-engine optimizations, among others. However, a few simple precautions will help you avoid identity theft during tax season. If you get an email from the IRS, it’s probably a scam. The IRS does NOT usually contact taxpayers via email. Avoid replying or clicking on links that take you to suspicious sites. You should delete these messages.

Here's some advice on scams from the IRS:

Don't fall victim to tax scams. Remember that if it sounds too good to be true, it probably is. If you think you're being scammed, you can report suspected tax fraud activity by sending completed Form 3949-A, Information Referral, to Internal Revenue Service, Fresno, CA 93888. You can download the form or call 1-800-829-3676 to order by mail.

Mac OS X 10.6.3 update

Monday, March 29th, 2010

Apple has released Mac OS X 10.6.3 update, and it's a massive 760MB, plugging up 88 vulnerabilities.

OS X 10 6 3 update

Here's what it contains:

Full changelog for Mac OS X 10.6.3 update:

General operating system fixes and improvements provided for:

* performance of Logic Pro 9 and Main Stage 2 when running in 64-bit mode.
* printing reliability.
* sleep and wake reliability when using Bonjour wake on demand.
* a color issue in iMovie with HD content.
* glowing, stuck, or dark pixels when viewing video from the iMac (Late 2009) built-in iSight camera.
* an issue in which the Finder reports a -36 error when copying directories to a drive formatted as FAT32.
* reliability of photo screen savers.
* compatibility issues with OpenGL-based applications.
* an issue in which shadows in PDF of Aperture book are black instead of gray.
* an issue in which the microphone level in iChat may not increase the volume after reducing it to prevent a feedback event.
* the reliability of certain third-party USB devices.
* the Accounts preference pane can now limit login to members of groups hosted by a non-Apple directory service, such as Active Directory.
* DNS server ordering as specified in Network Preferences and DNS reliability. For details about how Mac OS X v10.6 handles unresponsive DNS servers, see this article.
* the reliability and compatibility of QuickTime X.
* Data Collection: Mac OS X v10.6.3 can collect diagnostic and usage information from your Mac and send it to Apple for analysis automatically. The information is only collected with your explicit consent, and is submitted anonymously to Apple. For more details, see this article.

AirPort and wireless networking fixes for:

* general reliability for wireless connections.
* improvements to 802.1X reliability, including closed network connections , and WPA2.
* sleep/wake reliability for current iMac models when connected to 2.4GHz wireless networks.

Date and Time fixes provided for:

* Daylight Saving Time rules to reflect recent changes in areas including Argentina, Fiji, Pakistan, and Antarctica.

Directory Services fixes provided for:

* an issue that could cause the system to become unstable or unresponsive when bound to an LDAP server using SSL.
* an issue in which the 802.1X Loginwindow Profile is in place, but the wireless network is not available, directory authentication over Ethernet will now succeed.

File Services fixes provided for:

* an issue that could prevent saving files from Microsoft Office 2008 to an SMB server volume.
* issues copying, renaming or deleting files on an SMB server volume.
* clear-text authentication enabling to an SMB file server.

iCal fixes provided for:

* changing the invitation list for a single instance of a recurring event will no longer "un-book" the location of the meeting.
* an issue in which new invitations on a Microsoft Exchange server might not appear in the Notification pane.
* properly showing recurring Microsoft Exchange events which have a set end date. For details, see this article.

Mail fixes and improvements provided for:

* an issue that causes background message colors to display incorrectly in Mail.
* signing and encrypting messages, such as when using an Entrust PKI (Public Key Infrastructure).
* synchronization of the "Sent" mailbox on a Microsoft Exchange server.
* an issue that could cause Mail to delete mailboxes on a Microsoft Exchange server that is hosted behind an Internet load balancer.

Mobile Accounts fixes and improvements provided for:

* home directory synchronization when the home directory is stored on an SMB file server.
* properly warning mobile users in an Active Directory domain about upcoming password expiration.
* creating a Mobile Account that uses smart card authentication, without using a command-line tool.
* reliability in background synchronization.

MobileMe fixes and improvements provided for:

* an issue in which movies could not be viewed in Safari when visiting www.me.com/gallery.
* reliability of iDisk Sync.
* reliability of syncing calendars.

Parental Control fixes and improvements provided for:

* restoring Safari bookmarks functionality to parental controls users.
* better handling of Safari bookmark management when using Parental Controls.
* more reliable application launch restrictions when using Parental Control.

Rosetta fixes provided for:

* an issue that prevented files with the # or & characters in their names from opening in Rosetta applications.

System Imaging fixes and improvements provided for:

* the asr command, which now accepts the "--allow fragmented catalog" option, for restoring images that have a fragmented catalog file. For details, type man asr in Terminal.
* the installer command, which can now be used to upgrade a Mac OS X v10.5 system with a QuickTime 7 Pro key installed to Mac OS X v10.6.

Time Machine fixes and improvements provided for:

* reliability from Time Machine-to-Time Capsule backups, including multiple computers.
* an issue with Time Machine in which system backups could be restored onto unsupported Mac configurations.
* an issue in which a Time Machine backup might not work using an AirPort connection.

Xsan fixes and improvements provided for:

* the reliability of Fibre channel connections to an Xserve RAID.
* an issue that could cause the size of certain Fibre channel LUNs to be mis-reported.

Additional Information

The Mac OS X v10.6.3 combo update also includes improvements provided in the Mac OS X v10.6.1 Update and Mac OS X v10.6.2 Update.

Windows Phone 7 OS on an HTC HD2

Monday, March 29th, 2010

Those who like to tinker will like this:

A group of Russian hackers have done something that Microsoft said wouldn’t happen - shoehorned a working Windows Phone 7 Series OS ROM onto an HTC HD2 handset.

Remember though that this “upgrade” from Windows Mobile to Windows Phone 7 OS breaks some stuff … like copy’n'paste and multitasking!

FYI, this is NOT official. If things go wrong/break/your handset turns to the dark side, you are on your own!