WinZip Vulnerable To Hacks
2004-09-03 08:19:00
WinZip this week warned users that its popular compression utility is vulnerable to a pair of buffer overflow-based attacks, and posted a new version to plug the holes.
The vulnerabilities could be used by hackers to compromise a WinZip-equipped PC and hijack the machine.
"WinZip was not aware that any of these vulnerabilities had been publicly described or exploited," the company said in an alert posted on its Web site. "However, WinZip recommends that all users upgrade to WinZip 9.0 SR-1 to avoid the possibility of future exploitation of these vulnerabilities."
Danish security firm Secunia rated the flaw as "highly critical," and said the vulnerabilities affected all version of WinZip as far back as v. 3.0.
The update, which can be downloaded free of charge by registered users from the company's site, also takes a page from Microsoft's Windows XP Service Pack 2 (SP2), and pops up cautions when users do potentially dangerous things, such as double-clicking an .exe file compressed within a Zip.
Numerous worms, including the most recent Bagle variant, have taken to packing their payloads in .zip files as a way to slip by defenses that block executable file attachments.
|
|
IBM Throws An Opteron Party
IBM on Thursday unveiled its second Advanced Micro Devices Opteron-based server, which the company hopes is ready for when AMD releases its dual-core processors. Big Blue also introduced a line of pretested, preconfigured Opteron-based clustered solutions.
Is That a Hard Drive in Your Pocket?
The next big thing in cell phones has arrived. Now you'll just have to figure out what to do with a 1.5-gigabyte handheld.
Linux Boosters Look To Keep The OS Together
Major Linux distributors on Monday said they have agreed to support a single version of the freely exchanged open-source operating system to ensure that it's growing popularity in corporations isn't derailed by fragmentation.
ICANN Rules Make Domains Easy to Hijack?
Network Solutions, one of the largest domain registrars, which manages over 8 million domain names, is warning its clients that a rule change at the Internet Corporation for Assigned Names and Numbers will leave domain names open to fraudulent transfers.
Growth Projected For Home Media Servers
Worldwide shipments of home media servers are expected to almost double this year to 6 million units, a market research firm said Wednesday.
Amazon's A9 Takes On Google, Yahoo
Online mega-retailer Amazon.com on Wednesday officially unveiled its search site, A9.com, in an effort to move on rivals such as Google, MSN, and Yahoo.
Although available as long ago as April in beta form, A9.com is now live in final form with personalization features including those that keep a running history of searches and let users record notes about any Web page they visit.
Open Enterprise Server To Beta Test In November
Novell's Open Enterprise Server is expected to begin public beta testing in early November, the software manufacturer announced this week. Open Enterprise Server includes Novell's NetWare and SUSE Linux Enterprise Server 9 operating systems with a common management interface, which lets customers choose how they want to deploy the product's networking, communication, collaboration and application services.
4.6 Million Domains Registered in Second Quarter
More than 4.6 million domain names were registered in the second quarter of 2004, bringing the total number of domain names registered worldwide to more than 64.5 million, according to VeriSign.
Internet Explorer Loses More Market Share
Microsoft Internet Explorer is continuing to lose share in the browser market, as its much-smaller competitors chisel at its dominant position, new Web site visitor data shows.
HostColor.com Released New Hosting Control Panel
Host Color (hostcolor.com), a Houston based web hosting company has released the first version of its new hosting Control Panel - Next Color. It will be used to manage servers and accounts in their new data center.
|
