Patch Windows now. The Windows Metafile exploits are beginning to look like one of the worst-ever Windows malware epidemics. It is a true drive-by exploit - infection with a whole raft of insidious malware just by looking at a web page with IE, or reading an email or IM with an image (depending on the program you use). It will really explode tomorrow when all the business PCs go back online, because as of now there is no good prevention with firewalls, anti-virus or IDS. The SANS Internet Storm Center handlers have been the most up to date source of information (first link above). The DSL Reports thread has good signal-to-noise. Insight and advice actually comes close to outweighing the usual microsoft-bashing in the latest /. thread on it. But Ilfak Guilfanov has outdone everyone with an unofficial patch (source included - admire the code - he is expertly patching a closed-source binary).
posted by jam_pony on Jan 1, 2006 - 347 comments

New Firefox build fixes IDN toggle Hear about the IDN debacle yesterday? Last night's build of Firefox fixes it. Download and install over your existing Firefox. The Mozilla tree is fixed too. [instructions inside]
posted by cavalier on Feb 8, 2005 - 38 comments

Windows Vulnerabilities XPlained I've always used Gibson Research's website to test my Windows system for vulnerabilities. With the latest BLAST aimed at MS, I thought to share his site with the class. While Mr. Gibson obviously has some axes to grind and bones to pick with Microsoft and with various software firewall makers, his explanations of how Windows can be XPloited in terms that are fairly easy to understand is most appreciated. Be sure to check out the numerous free utiltites (small downloads! I mean, really small!) that will help you plug nearly every hole in your Windows.
Didn't know MS had shut down www.windowsupdate.com til just now, either
posted by WolfDaddy on Aug 18, 2003 - 42 comments

"Today's heroes don't have to do anything; they just need to be noble victims" The people who lost their lives on September 11 -- office workers, firefighters, airline pilots -- have almost unanimously been labeled "hereos." Were they really, or were they "just" victims who tragically died while "doing their jobs"? According to this article, we should be hesitant to loosen the requirements for heroism: "Heroes often end up as role models, a task not well suited for victims. Moreover, by lowering the bar for heroism, we cheapen the word and, in some ways, the exploits of people who have earned the right to be called that in the past. " (via a & l daily).
posted by pardonyou? on Jan 15, 2002 - 58 comments