Date: 10/26/06 (Security)    Keywords: security

Despite security and privacy concerns, all but three of the countries required by the U.S. to issue passports with radio tags are doing so.

Source: http://news.zdnet.com/2100-1009_22-6130016.html

Date: 10/31/06 (Security)    Keywords: security, web

Student in FBI probe says he created Web site to underscore security problems with print-at-home airline boarding passes.

Source: http://news.zdnet.com/2100-1009_22-6130875.html

Date: 11/01/06 (Security)    Keywords: software, security, microsoft

Security hole in Microsoft's developer suite is being exploited in attempts to commandeer PCs running the vulnerable software.

Source: http://news.zdnet.com/2100-1009_22-6131545.html

Date: 11/01/06 (Security)    Keywords: security, web

In the Web 2.0 world, a lack of traditional security alerts means companies have to find a new way to give credit where its due.

Source: http://news.zdnet.com/2100-1009_22-6131515.html

Date: 11/01/06 (Security)    Keywords: security

Small, tropical islands are becoming a favored home for junk e-mailers, the security company's researchers have found.

Source: http://news.zdnet.com/2100-1009_22-6131693.html

Date: 11/07/06 (Security)    Keywords: security

ZoneAlarm Secure Wireless Router Z100G is company's first dedicated home network security device.

Source: http://news.zdnet.com/2100-1009_22-6133217.html

Date: 11/08/06 (Web Technology)    Keywords: security, web

Technical challenges around security and privacy stand in the way of broader adoption of Web technologies.

Source: http://news.zdnet.com/2100-9588_22-6133455.html

Date: 11/09/06 (Security)    Keywords: security

Security vulnerabilities affect 1.5 versions of Firefox and Thunderbird as well as version 1 of the SeaMonkey application suite.

Source: http://news.zdnet.com/2100-1009_22-6133821.html

Date: 11/09/06 (Security)    Keywords: xml, security

Fix for XML Core Services to arrive in one of six security bulletins expected on next week's Patch Tuesday.

Source: http://news.zdnet.com/2100-1009_22-6134137.html

Date: 11/13/06 (IT Professionals)    Keywords: security

Alright, so unlike my last question to this group, I doubt this question will illicit such an overwhelming number of responses (thank you for all your help with the security stuff, by the way), but I still have to ask.

I want to create a batch file that will a) check to see if an update (located in a central directory on a server) has been installed, and if it hasn't, b) install the file. At the very least, every one of the machines this batch file will be run on has SP1. They were all imaged that way. Unfortunately the machines weren't updated (EVER) in the last year or two or so due to worries about certain programs we have not working on SP2 (yet the people who had this job before me never ran any tests to see if it would work. Whatever), which has been since been resolved.

So, I'm trying to run over a year's worth of updates on these machines, a daunting task to say the least. The time I have to do this is extreemly limited to the early morning hours of Monday (ugh), so I don't exactly have all the time in the world to download excessively huge updates, like Service Packs.

Now, I've never scripted a batch file before, so I'm extreemly noobish at this.

Now, the batch file will have the server path to the files and not the mapped drive path (these computers wouldn't have that particular drive mapped anyway, although they do have access to it), so that's step one right there. I am also checking to see if the $NtUninstall folder on the local machine for the corresponding ID number has been created (thus telling me that the update has been installed), and if the folder exists, the file is skipped. That's not the problem (yet. I'm sure I'll run into problems when I try and run this. lol!).

The problem is checking to see if Service Packs have been installed (for both Windows and Office), because those KB numbers don't show up as the standard $NtUninstall folders.nd the installation of Service Packs takes up all my time, hence why I want to

It looks like there is 1 $NtServicePackUninstall$ folder, but that doesn't give me any way to distinguish between SP1 and SP2. I also see no folder for the Office Service Packs.

Any help figuring out what to put in my conditional statements would be greatly appreciated.

P.S. I'm sorry if this seems a bit disjointed, I'm doing 10 different things at once here. LOL!

Will be cross posted all over the place.

Source: http://community.livejournal.com/itprofessionals/47172.html

Date: 11/14/06 (Security)    Keywords: security, virus, microsoft, google

An error in Microsoft's Windows Live OneCare security product caused it to flag Google's Gmail service as a virus.

Source: http://news.zdnet.com/2100-1009_22-6135154.html

Date: 11/14/06 (Security)    Keywords: security

Forefront Client Security will go up against established security products from companies such as Cisco Systems, Symantec and McAfee.

Source: http://news.zdnet.com/2100-1009_22-6135412.html

Date: 11/14/06 (Web Development)    Keywords: browser, java, security

Hello,

For our company's project, we need to be able to access the local file tree of the client through the browser (with their permission, of course). I know it could be done in Java applet, in fact Facebook did it pretty well with their photo uploading tool. However, my boss keeps mentioning some complications when dealing with security issues in Java applet, and (no matter if he's right or not), asked me to find out of other ways it can be done. We only care about IE, so maybe an ActiveX component? It would be best if the solution could be written using VB.NET, since that's how the rest of the project is made.

I'd appreciate any help guys,

Max.

P.S. There is a perfectly logical reason we only care about IE, so don't pick on that part. :)

Source: http://community.livejournal.com/webdev/370464.html

Date: 11/15/06 (IT Professionals)    Keywords: security

Enable .NET applications to run across the LAN?
I've installed an app that won't run, throws a .NET security error. The vendor says I need to enable .NET apps across the network from the server, but no, they don't know how, they don't do servers, they do apps.
Server is Windows 2003, domain is Windows 2000 AD.

Source: http://community.livejournal.com/itprofessionals/47412.html

Date: 11/15/06 (Security)    Keywords: security, microsoft

Microsoft's IE and Office, Apple's Mac OS X and people themselves are among the Internet's weak links, the security group says.

Source: http://news.zdnet.com/2100-1009_22-6135844.html

Date: 11/16/06 (Security)    Keywords: software, security

Guidance Software, which exposed data on its government and law enforcement customers, agrees to install tighter security safeguards.

Source: http://news.zdnet.com/2100-1009_22-6136165.html

Date: 11/17/06 (Web Development)    Keywords: database, sql, security

Ok, so here's the situation: Migrating from one server to another, and from MS SQL 2000 to MS SQL 2005. The approach I found recommended is dettaching the database on SQL 2000, moving it to the new server, and attaching on SQL 2005. This process worked, but here's the problem:
The database owner on the original machine is someusername. This information is embedded in the database, and when it's attached on the new server, still remains. When I try to go to database properties/permissions and remove the user, it removes it, but when I close the window and then reopen it, the user is there yet again. When I try to create a new user with the same name through Security/Logins and give it rights to the new database, it says that that username is already associated with the database and that it can't do this.

So are there any solutions to this specific problem or another way of moving from MS SQL 2000 to MS SQL 2005?

Thanks!

Source: http://community.livejournal.com/webdev/370919.html

Date: 11/20/06 (Security)    Keywords: software, security

IBM on Monday plans to unveil a scaled-down version of its federated security software to reach companies of up to 5,000 employees.

Source: http://news.zdnet.com/2100-1009_22-6136996.html

Date: 11/21/06 (Security)    Keywords: security

The unpatched security hole could be used by a remote attacker to compromise a vulnerable Mac, advisories say.

Source: http://news.zdnet.com/2100-1009_22-6137710.html

Date: 11/22/06 (Security)    Keywords: security

Flaw could enable attackers to compromise usernames and passwords, security researcher warns, citing exploit on MySpace.

Source: http://news.zdnet.com/2100-1009_22-6137844.html