as you can see, microsoft can't seem to escape the problems caused by such a "popular os". however, item #2 in here does give rise to concern (the pro-linux scare). Hawke -------- Original Message -------- Subject: The eazy news bulletin Dec 6 2000 Date: Wed, 6 Dec 2000 09:35:43 -0000 From: Eazy Reply-To: eazy@wideboys.co.uk Organization: 0xBAD2D971 Newsgroups: alt.2600.hackers Followup-To: poster Exploit exposes Internet Explorer's file cache Georgi Guninski has uncovered yet another security hole in Internet Explorer Versions 5 and above. This latest vulnerability takes advantage of the HTML object and object type elements, allowing the malicious author of a Web page or HTML e-mail to embed a few lines of JavaScript that would reveal the name of IE's temporary Internet file folders. With help from KeyLabs, BugNet was able to reproduce this vulnerability as well as identify a couple of workarounds. http://www.zdnet.com/zdhelp/stories/main/0,5594,2659560,00.html "A computer virus that poses as a Shockwave movie and urges victims to install the Linux operating system has infected at least four Fortune 500 companies according to antivirus firms. Known as 'Prolin,' or pro-Linux, the bug politely places instructions on how to recover from infections on the victim's computer. Experts are concerned that it might spread quickly around the Internet." http://www.msnbc.com/news/496999.asp Computer Associates Warns Of Afeto Virus By Steve Gold December 01, 2000 Computer Associates has warned PC users to be on the lookout for a new virus called Afeto. Like many of the latest crop of viruses, WM97/Afeto spreads via e-mail, changing its appearance to avoid detection. Once executed on a host PC, the virus violates user's privacy by searching for JPEG format files, and sending the first one found to other PCs. The text of the Word document accompanying the image, CA said, reads "Para voces com afeto," a Portuguese phrase meaning "For you, with affection." Unusual for an e-mail-borne virus, Afeto does not scan and load a user's e-mail address book. Instead, it scans previously sent e-mails, resending them with the new payload. Ian Hamerof, CA's business manager, said that the Afeto virus is anything but affectionate. "This virus is disturbing in that it desecrates the privacy of all computer users - an issue that strikes at the heart of consumer confidence and e-business integrity," he said. CA said that its threat response teams are currently analyzing Afeto, and that it plans to release a new signature for the firm's InoculateIT antivirus software as soon as possible. CA's Web site is at http://www.cai.com . Reported by Newsbytes.com, http://www.newsbytes.com. Yahoo! delivers encrypted email Wednesday November 29, 10:16 AM EST    [ Privacy ] "As first reported in August, Yahoo! is providing its email encryption option through a deal with Zixit, a Dallas-based email encryption firm. Yahoo! will rout encrypted email through Zixit's SecureDelivery.com Web site. Yahoo! and Zixit representatives declined to comment on the public availability of the service and would not say whether it was an across-the-board launch or a temporary test." From ZDCOUK. Read here carefully: http://www.zdnet.co.uk/news/2000/47/ns-19359.html This is not end to end security like www.hushmail.com Interesting though! HONG KONG -- A dispute between the United States and China over the control of Chinese-scripted Internet addresses deepened on Monday as China reiterated its claim over all Chinese language Internet domain names. http://www.wired.com/news/politics/0,1283,40506,00.html?tw=wn20001204 Palestinian supporters are using a combination of hacking tools and viruses to gain what appears to be the upper hand in the Middle East?s ongoing cyber war. http://www.wired.com/news/politics/0,1283,40449,00.html?tw=wn20001202 Mice Marrow Can Net Neurons http://www.wired.com/news/business/0,1367,40467,00.html?tw=wn20001202 Researchers say they have successfully turned bone material in mice into brain cells. The scientists hope that the transplantation technique may lead to new therapies for brain disorders. Sony is recalling about 13,000 computers that use Transmeta's much- heralded microprocessor, although officials say flaws in the chip have been found in fewer than 300 NEC laptops. so-called 'first sale doctrine' takes the spotlight at public hearings on copyright law. Current owners like the Digital Millennium Copyright Act, but critics say new encryption technologies impede the rights of the public to resell what they've purchased. http://www.wired.com/news/politics/0,1283,40415,00.html?tw=wn20001130 Researchers in Texas get a grant to create corn that prevents AIDS by using their newly patented technology. AIDS activists give their blessing. SDMI Pays Hackers $5000 http://www.winplanet.com/winplanet/opinions/2717/1/?nl SDMI has awarded $5000 each to undisclosed hackers who successfully broke its copy protection technology. British Spies Want 7 Year Records http://www.winplanet.com/winplanet/news/2726/1/?nl The spooks and police in Britain are trying to get legislation forcing telephone companies and ISPs to send their logs to a central government database. Politicians and privacy advocates aren't too pleased. Windows 2000/NT4 "Phone Book Service Buffer Overflow" Patch Location: http://cws.internet.com/mspacks-ms00sp.html Download: www.microsoft.com/technet/security/bulletin/MS00-094.asp Rating: Not Reviewed - Windows ME/NT/9x "Incomplete TCP/IP Packet" Vulnerability Patch Location: http://cws.internet.com/mspacks-msmesp.html Download: www.microsoft.com/technet/security/bulletin/MS00-091.asp Rating: Not Reviewed - Internet Explorer 5 "Browser Print Template" and "File Upload via Form" Vulnerabilities Patch Location: http://cws.internet.com/ie-security.html Download: www.microsoft.com/technet/security/bulletin/MS00-093.asp Rating: Not Reviewed - Windows 2000 "Domain Account Lockout" Vulnerability Patch Location: http://cws.internet.com/mspacks-ms00sp.html Download: www.microsoft.com/technet/security/bulletin/MS00-089.asp Rating: Not Reviewed - Xnews v3.11.14 - a News Reader Location: http://cws.internet.com/news-xnews.html Download: http://xnews.3dnews.net/xnews.zip Rating: 5 Stars Upgrade Meter: 2 - NewsBin v3.3 Beta 18 - a Newsreader Location: http://cws.internet.com/news-nbin.html Download: http://www.newsbinpro.com/cgi-bin/fcount.cgi?nb33b18.zip Rating: 4 Stars Upgrade Meter: 3 # AntiVirus eXpert for ICQ # http://www.filefarm.com/filefarm/windows/description/1259/?nl This module of the seven-part AVX 2000 Professional antivirus system protects ICQ users from virus-infected files received during instant -messaging sessions. AntiVirus eXpert or AVX 200 Professional is a virus scanning product that also checks both Web downloads and inbound emails. The professional version is available for a 30-day demo and the ICQ module is free. -> Internet Explorer Security v1.0 - (534kb) - New ~ http://www.freewareweb.com/to.pl?Internet+Explorer+Security Internet Explorer Security is a useful freeware utility that allows you to protect Internet Explorer options and disable some functions that might be dangerous when your kids (or other persons) use them . Win Sniffer v1.2 The basic objective of the Win Sniffer is to show weakness of current internet protocols, such as ftp, telnet, http authorization, pop2/pop3,. imap, nntp, ICQ, pcAnywhere, socks 5. Console version can pick up mail messages that users send via pop2/pop3 or smtp protocol. In other words, with this program you'll have possibility to read your "friends" (or just collegeagues) mail and you will know theirs passwords. Isn't it fascinating? Unlike many simple sniffers (or packet decoders) Win Sniffer 1.1 decode not just packets but protocols. It means that you will see passwords and mail, not garbage. And of couse it's extremly easy to use. Windows 98/NT4, Shareware, 802 KB http://www.softwareblast.com/entries/00005680.sml Compress Compress is a slick little tool you can use to squeeze more space out of your crowded hard drive. It's very easy to use -- and a viable option if disk space is at a premium. Compress opens as a tiny window with a prominent progress meter. Select Compress from the Program menu to compact one or more data files (text, graphic, and multimedia files). The original files are quickly replaced with new, compressed versions that represent a significant savings in disk space. The original filenames are retained but appended with a new extension. Just double-click on the compressed data file, and it opens with its associated application -- just as it did before it was compressed. Windows 95/98/Me/NT/2000 Freeware http://cgi.zdnet.com/slink?68164:9762335 New scripts at http://javascriptsource.com Forms -> Quantity Totals BG Effects -> Bouncing Image Forms -> Checkbox Counter Calculators -> Amortization Calculators -> Quadratic Solver Forms -> Validation (IP Address) Calculators -> Graphing Function Navigation -> Browser Calculators -> Kinetic Energy Forms -> Validation (SSN) Clocks -> Bar Clock Calendars -> US-Euro Calendar Games -> Box Puzzle Games -> Mind Reader Messages -> Banner Rotater BG Effects -> Stubborn Image Forms -> HTML Preview Scrolls -> Self Correcting Text BG Effects -> Full Size Image Forms -> Dynamic Table Calculators -> Distance Speed Time Calculator BG Effects -> Matrix A 61-year-old man from Arizona called Roger Baxter has changed his name to "Christian Glory Hallelu Yah". He claimed that he had a long conversation with God before reaching the decision. Alright the last one's not strictly on topic :)