Here We Go Again… Yet Another Microsoft Word Zero Day Exploit!

“Microsoft’s security response center has confirmed that a second zero-day vulnerability in its Word software program is being targeted by unknown attackers. The latest flaw comes just days after the software maker issued a security advisory to warn customers against opening Word documents from untrusted sources. The two vulnerabilities are entirely unrelated. The flaws were discovered during actual code execution attacks against select targets and highlight the Redmond, Wash., vendor’s struggle to cope with gaping holes in one of its most widely used products. According to a US-CERT advisory, the latest bug is a memory corruption issue that occurs when a Word file is rigged with malformed data structures. No other details were made available. Microsoft has not yet issued a formal prepatch advisory but, in a blog entry, Security Program Manager Scott Deacon listed affected software versions as Word 2000, Word 2002, Word 2003 and the Word Viewer 2003. He said Microsoft Word 2007 is not affected by the second vulnerability. ‘From the initial reports and investigation we can confirm that the vulnerability is being exploited on a very, very limited and targeted basis,’ Deacon added.”

Double Trouble: Microsoft Confirms Another Word Zero-Day Flaw

There you go… yet another reason to go to OpenOffice.org! ‘Nuff said.

The “RETRO Edition” of the Dr. Bill Podcast #66!

Dr. Bill Podcast – 66 – (12/09/06)
Click on the “Streaming MP3” badge below to play Streaming Audio of this Podcast.
Streaming MP3 Audio
 Download MP3
(Right-Click on the Link Above and Choose “Save” to Save the MP3 file locally on your PC.)

Click on the “Streaming Ogg” badge below to play Streaming Ogg Vorbis Format Audio of the Podcast.
Streaming Ogg Audio
 Download Ogg Vorbis Format
(Right-Click on the Link Above and Choose “Save” to Save the Ogg Vorbis file locally on your PC.)

We have “computery things” to do this week! TWO Geek Culture entries this week! Wow! Net Neutrality and the forces at work to destroy the vast wasteland that is the Internet! A RETRO Internet! A RETRO filmstrip-style video… watch it here:

The Internet of Tomorrow

Weird video of a guy called “The Computer Man” that is selling Mac tech over PC tech… made over 10 years ago. He told his boss that if it made the front page of Digg he would eat his milkman hat that he wears in the video. Check out the video here:

“The Computer Man” Video

MS-Paint as a web application. Amazing web version that is almost “pixel-perfect” in it’s replication of look and feel of the RETRO paint software! Christopher Clay used HTML, CSS, and Javascript to write this. An e-mail to the Doctor asking for a higher end version of MS-Paint. Richard wants to know if there is something that is like Paint but has better features… and of course, yes, there is! It is called Paint.NET! Check out Paint.NET HERE:

Get Paint.NET

The beta of Version 3.0 of Paint.NET rocks! Microsoft reports a Zero Day exploit of Microsoft Word… and says, get this: “Don’t use Word!” Wow! There are currently NO patches available to fix this! SCO is evil, and their lawsuit against Linux is DYING! Novell may have the last word! Good is triumphing over evil! James Kim and his family and the story of what happened over the past few weeks. They found his body this past week and though his family was rescued, but he didn’t make it. Our thoughts and prayers are with his family. Geek Software of the Week: a-Squared Free to find trojans and worms. Free, excellent, and a great addition to your arsenal against malware! Last item of the week: Microsoft has 6 security bulletins for Patch Tuesday this coming week! There will also be a patch to fix a problem with Visual Studio! Use OpenOffice.org! The Doctor is outta here!

Microsoft Gears Up for a BIG “Patch Tuesday” Next Week

Microsoft has been getting slammed again with exploits… and they are pushing to get a lot of important updates out next Tuesday… so get ready to update via Windows Update!

Microsoft to Ship 6 Security Bulletins, 2 Critical

“Microsoft reported on Dec. 7 that it will ship six individual security bulletins as part of its monthly Patch Tuesday update next week, with at least two of the fixes aimed at addressing critical issues in its products. In a preview of the patch release scheduled for Dec. 12, Microsoft said it would release five bulletins targeting vulnerabilities in its Windows operating system, at least one of which will address a flaw ranked by the company as critical, its most severe security rating. The sixth bulletin released by the company will attempt to close a critical hole in its Visual Studio development package.”

Paint.NET Gets Better All the Time!

Paint.NETHave you downloaded the new beta of Paint.NET? Dewd! You have to check it out! I have seen full blown, purchased software products that aren’t this cool and polished! And, it is FREE! If you have the older version installed it will uninstall that, then install the new version. This is still just a beta release, but I must say, I like where they are going with it! They have a very active community forum, and they are responding to bug reports and suggestions really well! Keep up the great work, guys! More about this project on the Podcast when I record it this Saturday… in response to an e-mail question I received. This is WAY more than just a photo editor!

Get Paint.NET

Geek Software of the Week: a-squared Free

a-squared FreeEmsi Software says, “Security must not be a privilege. Under this motto, Emsi Software provides the Malware scanner a-squared Free completely free of charge for private use. But it is not a very limited version, it is a full tool to clean your computer from Malware. Not only Spywares, as detected by classic Anti-Spyware programs, but also especially Trojans, Backdoors, Worms, Dialers, Keyloggers and a lot of other destructive pests, which makes it dangerous to surf the web.”

a-squared Free Malware Scanner

Pretty cool and free as well! Check it out, you may want to add it to your malware killing arsenal!

Former Tech-TV’er James Kim’s Body Found

James KimI am a long-time TechTV fan! I remember watching James Kim do “lab-rat” segments on TechTV. He was such a nice, personable guy on the air. Apparently he was in real-life as well. He and his family were missing since shortly after Thanksgiving. His family was found with their car, but he had left the car to go try and get help. With the snow, and other poor weather conditions, he just didn’t make it.

Searchers Find Body Of Missing SF Man

Our thoughts and prayers are with the Kim family. This is really a shame. It is nice that the “tech community” pulled together in concern and interest in this story… and I am so grateful that his family is safe… I just wish the news had been better for James himself. James was 35.

Final Nail in SCO’s Coffin

That’s what it looks like from here. SCO’s evil lawsuit to try and destroy Linux has been beaten on over and over recently. Now, it looks like Novell may have the last word.

Another Day, Another Knockout Punch Aimed at SCO

“Last week saw the end of most of The SCO Group’s claims that IBM contributed Unix code to Linux. ‘Now, Novell has filed a motion that undercuts all of SCO’s contract claims against IBM, based on a ‘silver bullet’ clause in the original sale of Unix to SCO. In its latest legal move against SCO, Novell on Dec. 1 filed for partial summary judgment against SCO in its own case. In this motion, Novell is asking the U.S. District Court to rule that the Unix APA (Asset Purchase Agreement), which sold Unix from Novell to SCO, gave Novell the right to waive SCO’s contract claims. Novell had long claimed that it never sold Unix’s IP (intellectual property) rights to SCO. This new motion, however, isn’t connection with those claims. In the APA, Novell has what Mark Radcliffe, co-chair of the Technology and Sourcing Practice Group at the law firm DLA Piper, called, when Novell first made these claims, a ‘silver bullet’ provision under the APA to block SCO’s actions under these licenses. ‘This provision permits Novell to amend, supplement, modify or waive provisions of the Unix licenses sold to SCO,’ Radcliffe said. ‘Novell also retained the unusual right to require SCO to follow its directions to amend, supplement, modify or waive these licenses and, if SCO does not comply, Novell can do so on SCO’s behalf.'”

Ba-da-bing – Ba-da-boom! SCO is history! I love it!

Zero Day Exploit on Microsoft Word Documents

DON’T OPEN THAT WORD DOC! That’s what Microsoft is saying. Yep, you read that right. Microsoft is saying NOT to use Word! Yep… if ever there was a time to switch to OpenOffice.org, that time is NOW!


Microsoft Issues Word Zero-Day Attack Alert

“Microsoft on Dec. 5 warned that an unpatched vulnerability in its Word software program is being used in targeted, zero-day attacks.

A security advisory from the Redmond, Wash., company said the flaw can be exploited if a user simply opens a rigged Word document. Affected software versions include Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. There are no pre-patch workarounds available. Microsoft suggests that users ‘not open or save Word files,’ even from trusted sources. ‘As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources,’ the company said. Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save or Cancel before a file is opened. This offers a minor warning mechanism for Word users. The high-risk alert comes exactly one week before the company’s scheduled December Patch Tuesday, but there is no word yet from Microsoft on the timing of its fix for Word.” (Emphasis mine.)

The “fix” is simple: OpenOffice.org. Download from the link below:

OpenOffice.org

MS-Paint as a Web App!

Canvas PaintThis guy has developed an MS-Paint (nearly EXACT clone) as a web application!

Canvas Paint

He says: “A near pixel-perfect copy of Microsoft Paint in HTML, CSS and JavaScript, using the ‘canvas’ tag as specified by WHATWG and supported by Safari 1.3, Firefox 1.5 and Opera 9. This web app is not authorized by, supported by or in any way affiliated with Microsoft.” The programmer is Christopher Clay. Hat’s off to you, dewd!

The “Me and Vista down by the Schoolyard” Edition of the Podcast #65!

Dr. Bill Podcast – 65 – (12/02/06)
Click on the “Streaming MP3” badge below to play Streaming Audio of this Podcast.
Streaming MP3 Audio
 Download MP3
(Right-Click on the Link Above and Choose “Save” to Save the MP3 file locally on your PC.)

Click on the “Streaming Ogg” badge below to play Streaming Ogg Vorbis Format Audio of the Podcast.
Streaming Ogg Audio
 Download Ogg Vorbis Format
(Right-Click on the Link Above and Choose “Save” to Save the Ogg Vorbis file locally on your PC.)

Your weekly prescription of tech news and tech goodness! Listen to all the podcasts of the Techpodcasts Network! Lot’s of great e-mails! The “Expedia” “.COMMM!” done for the Doctor! No matter where you get the podcast… you need to visit the Blog! Our Geek Culture for the week… a parody song about Vista being a year late! Me and Vista down by the Schoolyard?? Based on the Paul Simon song, “Me and Julio Down by the Schoolyard.” “Vees-ta” or “Viss-ta?” Microsofties make up your mind! Baily, Bailee, Bayley… but really it is “Bailey!” Web sales and “Black Friday!” Late Christmas shoppers make the last Saturday before Christmas the biggest shopping day! How to compile the CentOS Linux kernel! The Doctor hints at a secret! What could it have to do with the new release of the Democracy Player? Hummmmmm…. The new version of the Democracy Player uses less RAM and is very cool! Open Source coolness in the Democracy Player and the Broadcast Machine:

Player:
http://www.getdemocracy.com/watch/
Server:
http://www.getdemocracy.com/broadcast/

“Cranky Geeks” and DL.TV and something else?!?! Linux for Christians!?! What Ichthux Linux is… and where to get it. E-Sword.net and a free Windows Bible search tool and Strong’s Concordance, and more! All FREE! On Linux there is Bibletime. The Evil SCO legal case and how it is dying out! Hooray! SCO is a bunch of turkeys! Geek Software of the Week! The Doctor can’t find the GSotW Drumroll! The Doctor will get it together! Wildfire Instant Messaging Server and the Spark IM Client! Recording all the activity from e-mail and IMs… yuukkk! The end of another exciting Dr. Bill Podcast! Write me: DrBill AT TheComputerCurmudgeon.com DOT COMMMMMM! Send your questions!

1 2 3 4