“I went to Henrico County for a $50 iBook but all I got was kicked in the balls”
From TimesDispatch.com reporting on the iBook sale chaos.
T-Shirts available on on E-Bay.
(via Marginal Revolution)
FrSIRT Advisories: Microsoft Internet Explorer “Msdds.dll” Remote Code Execution / Exploit
A critical vulnerability was identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands. This issue is due to a memory corruption error when instantiating the “Msdds.dll” (Microsoft Design Tools Diagram Surface) object as an ActiveX control, which could be exploited by an attacker to take complete control of an affected system via a specially crafted Web page.
This vulnerability has been confirmed on Windows XP SP2 with Microsoft Internet Explorer 6 SP2 and Microsoft Office 2002 (fully patched).
Note : The “Msdds.dll” library is installed with Microsoft Office and Microsoft Visual Studio.
Update: 18 Aug:
Apparently only DLL Version 7.0.9064.9112 is vulnerable, in Office 2002 and Visual Studio 2002. Heise reports that a kill-bit needs to be set in the registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\
The key {EC444CB6-3E7E-4865-B1C3-0DE72EF39B3F} needs to be set to: “Compatibility Flags”=dword:00000400
See Jan Berend Wever’s COM objects and MSIE vulnerabilities recap + additional fix
And then there’s ZOTOB and The battle of Plug&Play worms!
(via Heise Online)
A QuickTime-VR tour of the Polarstern, a German research vessel: Virtual PS
(via Heise Online)
Plugins to search both the WordPress Codex and WordPress Support forums from your Firefox search bar available from mozdev.org
(via Photo Matt)
Latest Spurls
Latest Jots
Latest Diggs
Tasty Links
This weblog is licensed under a