From ultra-mobile PCs to high-end systems built for the road warrior, here's a look at what's sleek, light and fast in the notebook PC space.
The phishers and spammers are at it again. And what better vehicle to distribute malware than a highly trafficked, international sporting event like the 2008 Beijing Summer Olympic Games? From the convincing to the inane, here are a few scams to watch for in the next few weeks. Let the games begin.
The Chinese capital of Beijing is humming with excitement over the Games Of The 29th Olympiad. ChannelWeb offers glimpses of how tech giants are showcasing their latest technology advancements on the world's stage.
Critical Flaws Open Up Firefox 2.0x To Attack
7:04 PM EDT Wed. Jul. 02, 2008
Researchers at Secunia, a Copenhagen, Denmark-based security company specializing in vulnerability assessment and management, issued a security advisory Wednesday, warning users of multiple errors they deemed "highly critical."
If exploited, the critical vulnerabilities could potentially allow remote attackers to conduct cross-site scripting and spoofing attacks, bypass security restrictions, disclose sensitive or system information, potentially compromise a user's system, access a user's system or launch a denial of service attack, according to the advisory.
In order for the attack to be successful, a hacker would have to entice or trick a user into viewing a malicious Web page or downloading a file infected with malicious code. However, users are only susceptible to exploitation if they're running versions prior to 2.0.0.15, the advisory warned.
Altogether, the vulnerabilities include multiple memory corruptions errors in the layout and JavaScript engine, a flaw in the handling of unprivileged XUL documents, and a bug in the "mozIJSSubSciptLoader.LoadScript" function that allows remote attackers to run arbitrary code with Chrome privileges.
Other errors can only be successfully exploited if an add-on using the affected function is installed. Those include multiple flaws in the block reflow process, the processing of file URLs contained within local directory listings, errors in the implementation of the JavaScript same origin policy and a glitch in the JAR file verification.
Additional errors can be found in the implementation of file upload forms and in the implementation of Java LiveConnect on Mac OS X. An uninitialized memory access error in the process of improperly encoded "properties," and flaws in the processing of "Alt Names" provided by peer trusted certificates and in the handling of Windows URL shortcuts also enable attackers to launch spoofing attacks or to access sensitive information.
Security experts recommend that users apply the latest version of Firefox, 2.0.0.15, onto their computers in order to protect themselves from attack, which can be downloaded from the Mozilla Website.
