Microsoft announced that it would release a security update to help protect customers from exploitations of a vulnerability in the Windows Meta File (WMF) area of code in the Windows operating system on Tuesday, January 2, 2006, in response to malicious and criminal attacks on computer users that were discovered last week.

Microsoft originally planned to release the update on Tuesday, January 10, 2006 as part of its regular monthly release of security bulletins, once testing for quality and application compatibility was complete. However, testing has been completed earlier than anticipated and the update is ready for release. In addition, Microsoft is releasing the update early in response to strong customer sentiment that the release should be made available as soon as possible.

View: Knowledge Base
Download: Windows XP | Windows Server 2003 | Windows 2000 | Win XP x64
Source: MSFN

Asustek Computer, a leading maker of computer components, recently announced an innovation that has been around for years, but was never implemented. The company installed graphics processor on the backside of the Extreme N6600TOP Silent graphics card, which is expected to provide better cooling.

View: Full Story
Source: X-Bit Labs via Flexbeta

Microsoft Corp. said today it does not plan to release a fix for the Windows Metafile (WMF) flaw until Jan. 10, when a patch will be included as part of the company’s scheduled monthly updates for January. Microsoft has completed development of a patch for the flaw and is now testing it for quality and application compatibility, the company said in an advisory updating an earlier advisory released last week. The update will be available at Microsoft’s Download Center in 23 languages for all affected versions of the Windows operating system.

“Microsoft has been carefully monitoring the attempted exploitation of the WMF vulnerability since it became public last week, through its own forensic capabilities and through partnerships within the industry and law enforcement,” the company said in its statement. ” Although the issue is serious and malicious attacks are being attempted, Microsoft’s intelligence sources indicate that the scope of the attacks are not widespread.”

View: Full Story
Source: Computer World via MSFN

This week a new vulnerability was found in Windows: http://www.microsoft.com/technet/se…ry/912840.mspx. Browsing the web was not safe anymore, regardless of the browser. Microsoft will certainly come up with a thouroughly tested fix for it in the future, but meanwhile I developed a temporary fix – I badly needed it. The fix does not remove any functionality from the system, all pictures will continue to be visible. It should work for Windows 2000, XP 32-bit, XP 64-bit, and Windows Server 2003.

Technical details: this is a DLL which gets injected to all processes loading user32.dll. It patches the Escape() function in gdi32.dll. The result of the patch is that the SETABORT escape sequence is not accepted anymore. If for some reason the patch does not work for you, please uninstall it. It will be in the list of installed programs as “Windows WMF Metafile Vulnerability HotFix”.

Download: Windows WMF Metafile Vulnerability HotFix
Source: MSFN

Well, another year has just begun, and I would like to wish everyone a Happy New Year, and hope the new year brings what you want.

HAPPY NEW YEAR!

I have setup a forum where you can submit news, ask questions or just have general conversations. If you like when you register on the forum, post in the “Introduce Yourself” forum and tell us what you like to do etc.

I still have to theme the forum yet, it just has the default theme for now, it will slowly look better and better.

I hope you enjoy AusTech and the Forum, and hope to make it one of the best Australian Technology Websites.

View: AusTech Forum

Yes this has been confirmed too. It appears that microsoft forgot to digitally sign some of its demo discs and it appears that backups of the demo disc can be downloaded and copied and played on DVD-+R. This is huge luck in the scene because it will allow hackers to gain information into the executables of the xbox 360.

Source: Console News via Flexbeta

A virus masquerading as a new beta version of Microsoft’s MSN Messenger has begun circulating, antivirus company F-Secure said on its blog Tuesday. The virus, which F-Secure calls Virkel.F, comes as a file called BETA8WEBINSTALL.EXE that can be downloaded from a Web site. Running the program installs not a new MSN Messenger beta, but rather a virus that sends download links to a computer user’s MSN Messenger buddies. The virus falsely labels the link as “MSN Messenger 8 Working BETA.”

“It also connects your machine to a botnet server,” F-Secure warned, meaning that a person’s computer can be controlled remotely to attack other machines or send spam. Malicious software that uses instant messenger programs is growing more common. A November study by Akonix Systems identified 62 examples.

Source: ZDNet via MSFN

MSN Messenger lets you see when your friends are online and exchange instant messages with them. Send instant messages with cool, new emoticons, call anywhere in the world from your computer, see when someone’s typing, page a contact’s mobile phone, send pictures and music to your friends, and much more. You can also use this free program to make phone calls, send a message to a pager, trade pictures and music with your friends, and much more.

Rough outline of fixes in 7.5.0322:
- a lot of people were experiencing sign in issues with v7.5.311, we took some changes to fix that or to give better error messages to figure out whatwas going wrong. And there was another fix to get our error reporting correct.
- in Korea, if you were using an IME (Input Method Editor), you would type shortcut for your favorite emoticon and get an extra character. Now emoticons are key to any IM program and it didn’t make sense to not fix this (and we found a simple code fix).
- if you had a Dynamic Background from Blue Mountain, bought it and installed it, then the Text Ads which you should have been getting weren’t showing up.
- there is a DLL which is central to our Audio / Video features, we had to take a new version of that to fix a bug where Messenger would crash if you unplug a USB device after running the Audio Video Tuning Wizard on that device.

View: MSN Messenger Homepage
Download: MSN Messenger 7.5.0322
Source: Mess with MSN Messenger

The National Security Agency has been spying on Internet and telephone communications in and out of the United States in an immense program implemented in cooperation with major telecommunications companies, the New York Times reported late Friday. The news comes just a week after the Bush administration acknowledged the existence of a domestic spying program, while claiming the executive order was limited to those individuals with known terrorist ties. But the Times cites sources who say the surveillance was much broader than admitted.

View: Full Story
Source: BetaNews via Flexbeta