Stories about: SDL

The headline seems a bit melodramatic, "Antivirus tools pave the way for malware". A company called n.runs AG is claiming to have found hundreds of security holes in multiple antivirus programs, which can be exploited by the very malware the products are supposed to protect you against. The company's press release implies that many of the holes have to do with the way various antivirus programs parse inspected data files. Not surprisingly, n.runs AG has a solution they can sell worried companies.

Nearly six and a half years ago, in the aftermath of the September 11 terrorist attacks and amid concerns about growing online threats, then-Microsoft CEO Bill Gates sent out a companywide e-mail that some consider his most important ever.

Good news for users of Windows Vista. According to figures compiled by PC Tools, the OS has experienced only slightly more vulnerabilities than Windows 2000, which appeared eight years ago when malware was far less common.

Bill Kendrick is a software machine. He is the lead designer and developer of New Breed Software, a company creating free and open source games, libraries, tools and utilities across a range of operating systems, mobile devices, hand held and home video consoles. He has personally created a diverse range of classic Web-based games that run across all browsers, and has worked as a professional video game developer since 2003.

I've been at several recent conferences where virtual machine (VM) and security "experts" were telling audiences how VM technology can be used to improve computer security. Wow! They are either drunk on the marketing Kool-Aid, misinformed, or simply trying to misrepresent VM capabilities to sell more product.

For years, many security consultants and well-meaning guidelines have recommended completely disabling ActiveX in Internet browsers (mainly Internet Explorer) to prevent a particular type of Web client-side attack. Running a browser without ActiveX enabled can be a frustrating experience for end-users, as many popular and legitimate Web sites use ActiveX to enhance the user's overall experience.

Mac users have long gloated that the Mac OS is safer than Windows. The gloating should stop: There's plenty of recent evidence that Vista is, in fact, a safer operating system than Mac OS X.

On March 12, McAfee's AVERT labs reported 10,000 Web pages using Active Server Pages (ASP) had been infected through SQL injection. A few days later, Microsoft employee Neil Carpenter detected 14,000 maliciously-modified Web pages. After the initial SQL injection, the automated attack injected a malicious Javascript or Iframe code to redirect visitors to criminal-controlled Web sites. The malicious Web sites then attempted to invisibly exploit end-users using multiple, previously patched vulnerabilities, or if no vulnerabilities were found, attempted to socially engineer the visitor into running additional software.

Microsoft's Windows Vista recorded about half as many vulnerabilities in its first full year of availability as Windows XP did in its opening 12 months, company security executives said Thursday.

It was nearly 10 years ago that FedEx first decided to translate its Web content and applications for non-English-speakers throughout the world. At the time, it was ahead of the game, but today, companies in all kinds of industries realize it's crucial to speak to customers around the world in their native languages.

Flawed antipiracy software now being exploited by attackers has been bundled with Windows for the last six years to protect game publishers, Macrovision said Wednesday.