Articles about Security

Disagreement Over '0-Day' Word Worm

Last weekend's disclosure of an alleged security vulnerability in Microsoft Word 2000, exploited by a new version of an old worm, is raising questions over what constitutes the severity of an exploit. Is it the degree to which we know about it, or the number of systems out there it could possibly hurt?

A blog post last Sunday on Symantec's Web site characterizing the latest permutation of a months-old exploit as "zero-day" contributed to security firm Secunia raising its advisory rating to "extremely critical."

Continue reading

MS Makes AntiSpyware More Informative

While it still hasn't progressed to Beta 2, Microsoft has once again quietly refreshed its Windows AntiSpyware utility. The update brings fixes for the loading of new signatures that are used to detect malware, along with changing the way users are informed about spyware processes running on a PC.

A previous update to Windows AntiSpyware added longer descriptions of the way spyware is categorized. Microsoft is encouraging all users to upgrade to version 1.0.615, which will be distributed to existing users through the software's built-in update feature. The new release is available for download via FileForum.

Continue reading

Winamp Updated to Fix Security Hole

AOL's Nullsoft division released a minor update to its Winamp digital audio player on Monday to correct a security vulnerability that could lead to buffer overflow and the potential execution of arbitrary code. Winamp 5.094 fixes the problem, along with a number of minor bugs.

The vulnerability lies in the way Winamp processes ID3 tags contained in MP3 files. If a malformed MP3 file is loaded into a playlist with an artist or title that is too long, it is possible to create overflow code that is later executed. The issue was reported to Nullsoft in late June, and an advisory was issued by LSS Security last week.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.