-
Month of PHP bugs roundup
The month of PHP bugs is over and I thought that I make a little list with things you can do to mitigate the bugs where possible: Update to PHP 5.2.1 and watch out for the next version and update to it as soon as it comes out. Do not PHP4, because there is a…
-
Month of PHP Bugs (MOPB) update
As the days pass by, new vulnerabilities are disclosed on the Month of PHP bugs. An important (and very useful) change is that markings have been added to the main page which show the vulnerabilities that are not addressed in the latest (5.2.1) release and the ones which are not directly related to PHP (for…
-
Undisclosed Microsoft bug
Over at the eEye research site you can read a worrying and little confusing advisory (how can something be a local privilege escalation and a remote code execution attack at the same time?). I’m eagerly awaiting more details about this. In the mean time, don’t forget to subscribe to their Zero-Day tracker. Update: I don’t…
-
Talking out of your head (as opposed to an other body part)
Recently a hoax / misinformation / hype is making its way around the web (or at least the part of the web I see ;)). I’m talking about the article title Internet Explorer 7 – Still Spyware Writers Heaven. While I’m by no means a MS fan and criticized the IE7 team for not making…