Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

This Week in Security

Friday, September 1st, 2006 by | Filed Under: Security Help
 
Loading...


This Week in Security

There sure was a lot going on in the past couple of days in the world of cyber security. Let’s see, we have a fix for the fix and a new free phishing protection service from a major online player, all while another online giant gets criticized for its client software. So, read on and get the low down on what’s going on this week in the world of security.

Microsoft Fixes a Flawed Update

I know it’s hard to believe, but Microsoft dropped the ball again. This time, it’s with one of their scheduled monthly updates. The August 8, 2006 scheduled update from Microsoft covered a number of different flaws; several of which where highly rated security holes. Upon downloading the updates however, many users were exposed to an entirely new flaw in Internet Explorer 6 SP1.1. The flaw was a buffer overflow, which crashed IE when it attempted to view certain Web sites that use htp1.1 compression. The discovery of this bug in the IE patch also exposed the fact that the flaw could be exploited by cyber attackers in an effort to gain control of unsuspecting end user’s PCs.

This flawed patch only affects Internet Explorer 6 Service Pack 1, which can affect XP users that have not updated to Service Pack 2, as well as, Windows 2000 users with the Service Pack 4. Microsoft did come out with a fix last Thursday (August 24th) that completely fixes the patch and should allow all affected users to secure their browsers. Here is the link to the update.

Yahoo! Sign-in Seal

Phishing scams, as you all know, are a really big topic in the world of online security. These types of threats incorporate a number of different online attach techniques to fool end users into giving up sensitive personal information. With an increase in scam attackers, online business, such as banking institutions, have started combating them with Sign-in Seals. Sign-in Seals are basically ways to verify the Web sites and users who visit them to ensure they are who they say they are.

Yahoo! wants to get on board as well and has released (in beta for now) their own version of a Sign-in Seal that I believe may set the standard for others. Yahoo! approaches this arena of security in a different way by actually matching up configured information with user’s PCs, not simply login information (login name and password). This method allows Yahoo! to verify any Web page’s legitimacy before posting any of the users information on the site.

Although the Sign-in Seal isn’t officially out and only a few randomly selected Yahoo! subscribers get to use it for now, representatives from Yahoo! say they will roll out the service in the next couple of weeks. Don’t worry guys, I’ll let you know when it comes out.

Anti Spyware Group Calls AOL “Badware”

An anti spyware group called stopbadware.org, comprised of many reputable entities in the world of computer security, has called AOL’s free client software 9.0 “badware.”

So, what exactly is “badware” and how does AOL fit into all this, you ask? Well, I will tell you!

Badware is another general term used to encompass spyware, malware and other unwanted applications in the case of AOL. It’s more about the software and services that are installed on the side of their client software that is unknown or not fully explained to the end user. This statement from stopbadware.org should help shed some light on things.

“In our preliminary findings, we find that AOL 9.0 (free version) is currently badware because it installs additional software without telling the user; it forces the user to take certain actions; it adds various components to Internet Explorer and the taskbar without disclosure; it may automatically update without the user’s consent and it fails to uninstall completely.”

Some of the software they are referring to that is installed with AOL’s 9.0 free version without being completely clear are listed below:

  • You’ve Got Pictures Screensaver
  • Pure Networks Port Magic
  • Viewpoint Media
  • Adds Favorites to the Internet Explorer List
  • AOL Deskbar to the Windows Taskbar, which includes icons for AOL Instant Messenger and AOL Mail
  • QuickTime
  • Real Player

AOL has responded by saying that it has always been a leader in securing their customers and doesn’t warrant the “badware” title it has been given. AOL has shown they are serious about getting this straight and have already come out with a fix for the uninstall issue that has been pointed out to them. In addition, representatives state that all of these other concerns will be addressed with the introduction of their new version of the product due out in a few months or at the very least, update patches like our friend Microsoft. Let’s hope so!

Well, that’s it for what’s been buzzing around the world of cyber security this week. Isn’t it fun trying to stay on top of all the online threats?! : ) Until next week, stay safe out there.

~ Chad Stelnicki

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: