MS alerts users to Windows DirectX vulnerability

Microsoft yesterday warned of security flaws with DirectX's DirectShow component that might be used by an attacker to run hostile code on vulnerable Windows machines.

Redmond has issued a patch - designated as critical - which users are urged to review.

The list of affected software is extensive: Microsoft DirectX 5.2 on Windows 98; MS DirectX 6.1 on Windows 98 SE; DirectX 7.0a and DirectX 9.0a on Windows Me; DirectX and DirectX 9.0a 7.0 on Win 2000; DirectX 8.1 and DirectX 9.0a on Win XP; DirectX 8.1 and DirectX 9.0a on Win Server 2003 are all potentially vulnerable.

rest of story

Iomega touts 1.5GB micro drive as Flash killer

Iomega is having another go at getting its removable disk technology incorporated into devices other than PCs.

This time it's touting a micro-drive system based on a 1.5GB disk encased in a stainless steel cartridge that's a couple of inches in diameter and weighs 9g.

Iomega calls the unit a Digital Capture Technology (DCT), and it's pushing the product at consumer electronics vendors as an alternative to Flash-based solid-state storage technologies. DCT drives, it says, will offer higher capacities, be more resilient, offer faster data access times and consume less power than today's portable storage solutions. They're also too expensive - Iomega says the DCT will be a "low-cost" solution.

rest of story

Cracking Windows passwords in seconds

Cracking Windows passwords in seconds

If your passwords consist of letters and numbers, beware.

Swiss researchers released a paper on Tuesday outlining a way to speed the cracking of alphanumeric Windows passwords, reducing the time to break such codes to an average of 13.6 seconds from 1 minute 41 seconds.

full story

Schools stay mum on file traders' names

Schools stay mum on file traders' names

Some universities are balking at stepped up demands from the recording industry to unmask alleged student file swappers, citing procedural uncertainties over an avalanche of subpoenas filed with the courts in recent weeks.

full story

Evesham dangles condoms in student PC promo

Students gearing up for the next academic year can get free condoms when they buy a PC or notebook from Evesham Technology.

The gimmick is part of the company's latest venture to target the UK's 3.2m students in higher education.

As part of a promo students can get a 5 per cent discount on all Evesham PCs and notebooks bought before September 30.

rest of story

Dell axes high-end server

Dell axes high-end server

Dell once argued that an eight-processor server was powerful enough for most folks. Now, the company has backed off plans for systems even that size, canceling an Intel partnership in the process.

Dell had been funding Intel to build a chipset to yoke together as many as eight Intel Xeon processors for larger servers that are used for such demanding tasks as housing sales databases. But improvements in smaller two- and four-processor systems outpaced that of eight-processor systems during the "extended time" it took to develop the larger machine, said Neil Hand, a director of product marketing at Dell.

full story

Cisco IOS DoS exploit released in the wild

The risk posed by a serious DoS vulnerability to a wide range of Cisco Systems routers and switches has been upgraded following the release of an exploit onto a full disclosure mailing list.

As we reported yesterday, The DoS vulnerability arises from a bug in Cisco's core IOS software which means vulnerable devices to stop processing inbound packets on receipt of maliciously constructed IPv4 packets. Normal service would be restored only with a manual reboot.

No alarms will be triggered, nor will the router reload to correct itself. Cisco IOS versions 11.x and 12.x prior to 12.3 are affected by the vulnerability. That means almost everybody is affected.

rest of story

Microsoft's patches: Can you trust them?

Microsoft's patches: Can you trust them?

News Analysis: Instead of spending time and money implementing every patch that Microsoft releases, stick to the service packs and bolster your security policy, say experts.

To survive the next Slammer-like virus attack, updating applications and operating systems with every patch that Microsoft releases is the worst thing any business can do, according to advice from security experts and industry analysts.

full story

Microsoft issues doubleplus critical security fix

Microsoft yesterday warned of a critical flaw affecting all versions of its operating systems bar Windows 98 and ME.

The critical vulnerability opens the way for crackers to run malicious code and take over vulnerable machines. The flaw affects Windows NT 4, NT 4 Terminal Edition, Win 2000, XP and Win 2003 (irrespective of any service pack applied). Redmond has issued a fix, which users are strongly urged to review.

rest of story

Robosnail: Science or sex toy?

Researchers at MIT have come up with a new experiment that raises the question, "Where do you draw the line between science and simply having too much time on your hands?"

Lurking in MIT's Fluid Dynamics Lab is a rather large creature known as Robosnail. At first glance, the contraption appears to be a sophisticated sexual aid. It has a battery powered motor mounted on top of a goo-covered, plastic layer.

rest of story