Date: 02/23/06 (Security)    Keywords: security

Commentary--When it comes to network protection, the market is confused, security specialist Jon Oltsik writes.

Source: http://news.zdnet.com/2100-1009_22-6042560.html

Date: 02/24/06 (Security)    Keywords: software, security

Security software industry turns its attention to mobile phones--but runs into resistance from cell service providers.

Source: http://news.zdnet.com/2100-1009_22-6042745.html

Date: 02/27/06 (Security)    Keywords: security

Security experts says December's 65 percent growth in crook sites is due to increasing availability of phishing toolkits.

Source: http://news.zdnet.com/2100-1009_22-6043463.html

Date: 02/28/06 (Security)    Keywords: security

Company issues upgrade to E-Business Suite diagnostics module containing security fixes, Integrigy says.

Source: http://news.zdnet.com/2100-1009_22-6044020.html

Date: 03/01/06 (Security)    Keywords: security, virus

"Crossover" is the first virus found that can jump to a mobile device after infecting a PC, security researchers say.

Source: http://news.zdnet.com/2100-1009_22-6044457.html

Date: 03/02/06 (Security)    Keywords: browser, security, web

Security update fixes 20 vulnerabilities, including a high-profile flaw in the Safari Web browser and Mail client.

Source: http://news.zdnet.com/2100-1009_22-6044945.html

Date: 03/07/06 (Security)    Keywords: security

Experts say Apple's most recent security patch doesn't completely fix a high-profile flaw, leaving a toehold for cyberattacks.

Source: http://news.zdnet.com/2100-1009_22-6046588.html

Date: 03/09/06 (Security)    Keywords: software, security

A trio of updates for Windows Media Player, including a recent security patch, can cause the software to malfunction.

Source: http://news.zdnet.com/2100-1009_22-6047762.html

Date: 03/09/06 (Security)    Keywords: security

Plug pulled on Mac OS X hacker challenge over concerns about security and network access for university services.

Source: http://news.zdnet.com/2100-1009_22-6047735.html

Date: 03/09/06 (C Sharp)    Keywords: security

(This is my first post here, so don't yell at me)

I have to write a UserControl for my current project in .net 1.1. On this control, there's a ComboBox. I want the ComboBox.Items to be edited in design time, so I created a property:

    public ComboBox.ObjectCollection Items
    {
        get { return securityCombo.Items; }
    }

The property is there, but the usual editor for ComboBox.Items is missing. Is there any Attribute I have to assign to the property? I seem to be blind on this.

TIA

Source: http://community.livejournal.com/csharp/51841.html

Date: 03/09/06 (Security)    Keywords: security

Fixes for "critical" Office and "important" Windows security issues are planned for next week's "patch Tuesday."

Source: http://news.zdnet.com/2100-1009_22-6048003.html

Date: 03/09/06 (Security)    Keywords: software, technology, security, spyware, microsoft

Preview version of Microsoft's security software is updated with anti-spyware technology, a slight name change and bug fixes.

Source: http://news.zdnet.com/2100-1009_22-6048141.html

Date: 03/10/06 (Java Web)    Keywords: security

WordPress released yet another security release 2.0.2 fixing (yet again) unannounced XSS security bugs. I have not upgraded any of my blogs to 2.x release. When 2.0 was released it was bug ridden and I recommended against it. In natural course several of those defects were fixed and two patch releases later we have 2.02. [...]

Source: http://blog.taragana.com/index.php/archive/wordpress-202-time-to-upgrade/

Date: 03/11/06 (PHP Development)    Keywords: php, security

For the past 2-3 days I have been playing with the flickr API using REST, via PHP. This has gotten me thinking about an API that the company I work for wants to create for connecting to our services. Part of that API will require some kind of security token for an external application to access our API methods. I have never done anything like this so I am not quite sure where to start.

Looking at flickr as an example.

Flicker has an authentication URL. This URL contains a query string with an api_key, perms(ie permissions), and an api_sig. The sig is a combination of these 2 query strings and a "secret". in this format. secret+"api_key"+yourApiKey+"perms"+requestedPermissionType which is then turned into an md5 sum. The secret is given to you when you place a request for an API key with flickr

When you pass this information to their authentication application, it returns a "frob" key Which you can then use to get a token for the user that is using your application.

I don't know if I need to go quite as far as using a frob and getting a token for my companies's application, as our application doesn't allow other people tp use our users, but more or less they have their own users and we just manipulate data between us.

Ideas? Suggeston? Comments? Links?

TIA

Source: http://community.livejournal.com/php_dev/66628.html

Date: 03/14/06 (Security)    Keywords: security

Second Mac OS X security update in two weeks corrects problems introduced by earlier patch and fixes newly discovered flaws.

Source: http://news.zdnet.com/2100-1009_22-6049207.html

Date: 03/14/06 (Security)    Keywords: security, microsoft

Patches released in Microsoft's monthly security update cycle tackle six holes in Office and one in Windows.

Source: http://news.zdnet.com/2100-1009_22-6049575.html

Date: 03/14/06 (Security)    Keywords: security

A new Trojan encrypts files, then demands $300 in ransom for their decryption and release, according to security firm.

Source: http://news.zdnet.com/2100-1009_22-6049449.html

Date: 03/14/06 (SQL Server)    Keywords: programming, sql, security

Hi everyone.

...about programming MS ADO with MS SQL Server.
Is it possible to get a (ADODB) Recordset having NOT Forward-only cursor type from 'Execute' method of ADO Command object?

To be clear, in terms of VBA Code:

Dim adocmd as ADODB.Command
Dim rst as ADODB.Recordset
Set adocmd = New ADODB.Command
' ....... Connecting 'adocmd' via MS SQLOLEDB Provider
Set rst = adocmd.Execute

The problem is that I could not get non-ForwardOnly recordset in the last statement in all cases, and I wish to use the result (rst) as the data source (Recordset property) for a MS Access form. Such forms don't allow to set forward-only recordsets as form data sources, of course.

The parameters of 'Execute' method of ADODB.Command object do not include cursor type setting of the recordset returned.

Thanks in advance for any help.

UPDATED. A solution is found.

Setting the client-side cursor to the active connection may fix the problem. As the documentation says, "Cursors returned by the Execute method inherit this setting", so after such setting the Recordset object returned by Execute method of the Command object has Client-side static cursor - this is appropriate for setting it as a Data Source Recordset for an MS Access Form to browse records.

Here is a VBA sample code. (Of course, in this example using ADODB.Command for executing a simple SELECT Query to return records is senseless, but it's just for example. In my situation I call a stored procedure with parameters (including OUTPUT params and RETURN_VALUE) that also return records, and I wanted to use all advantages of ADODB.Command object for such multiple calls).

    Dim cnn As ADODB.Connection
    Dim adocmd As ADODB.Command
    Dim rst As ADODB.Recordset
    
    Set cnn = New ADODB.Connection
    cnn.CursorLocation = adUseClient
    cnn.Open "Provider=SQLOLEDB;Data Source=(local);Initial Catalog=TestDB;Persist Security Info=False;Integrated Security=SSPI;"
    
    Set adocmd = New ADODB.Record
    With adocmd
        Set .ActiveConnection = cnn
        .CommandType = adCmdText
        .CommandText = "SELECT 10 AS foo UNION SELECT 20"
        Set rst = .Execute
    End With

' Now `rst` has CursorLocation=adUseClient and CursorType=adOpenStatic
' and may be used as a Recordset for an MS Access Form
' If we are in form module, then one may set
'       Set Me.Recordset = rst
' or even we could write before
'        Set Me.Recordset = .Execute

Source: http://community.livejournal.com/sqlserver/45984.html

Date: 03/14/06 (Web Technology)    Keywords: security, google

Should IT bosses take measures to stop employees from downloading Google Desktop Search for security reasons. A CIO jury gives its verdict.

Source: http://news.zdnet.com/2100-9588_22-6049536.html

Date: 03/17/06 (Security)    Keywords: software, security

Incorrect update to Symantec's Norton security software blocks Internet access for some America Online users.

Source: http://news.zdnet.com/2100-1009_22-6050786.html