Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
It just seems to get worse for for Microsoft on the Windows security front. Now the software company has been forced to create a patch for a patch released earlier this month which has introduced a new critical security vulnerability in Internet Explorer.
The bug in the MS06-042 security update causes Internet Explorer 6 with
Service Pack 1 to crash due a buffer overrun if the user visits certain
websites. However, Microsoft now admits that flaw is exploitable and
could allow an attacker to gain control of a computer if the user
visits a website specially designed for that purpose.
To make things worse, Microsoft has got into a public slanging match
with security company eEye for disclosing publicly that the MS06-042
security update itself creates an exploitable flaw. eEye has been
making a name for itself in recent months by discovering security flaws
in the products of large security vendors such as Symantec and McAfee.
According to Microsoft, eEye, which notified Microsoft of the
vulnerability in MS06-042, should have stayed quiet until Microsoft had
its fix for the patch completely ready for distribution.
However, eEye in its own advisory on its website refutes Microsoft's
criticism and accuses Microsoft of originally misrepresenting the
vulnerability saying:
"This information is already known in various research circles and also
with exploit writers. So it is important that IT administrators
understand the true threat of this problem that this is not simply a
crashing bug as Microsoft has been incorrectly misrepresenting it but
in fact that it is an exploitable security bug. Researchers and exploit
developers know this, therefore it is extremely important that IT
administrators are told what really is going on."
At last report, Microsoft had still not released a new fix for MS06-042
because it found problems in a fix that was supposed to be released on
Tuesday.
The news of the latest bug comes in a month where Microsoft software
security has been in the spotlight constantly. The Department of
Homeland Security issued an alert highlighting the serious nature of a
critical vulnerability in Windows addressed by security update MS06-040
and then Microsoft had to issue a fix for a problem discovered with
that patch.
In addition, it was revealed that two of the seven critical bugs
revealed by Microsoft in August also affected the Beta 2 version of its
upcoming replacement operating system Windows Vista. That news in
itself was surprising because Microsoft has put a lot of work into
making Vista bullet proof.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
