Microsoft

Microsoft fixed eight flaws in Windows and Office today, but passed on patching one Windows component because it cannot be automatically updated.

The eight bugs patched today were far from the near-record 26 that Microsoft fixed last month when it delivered 13 security updates. Both of today's bulletins were ranked "important," the second-highest rating in Microsoft's four-step severity scoring system, even though the company acknowledged that the eight vulnerabilities could be used to completely compromise a Windows PC.

Microsoft's senior product manager for Internet Explorer, Pete LePage, says rival Google could be one of the companies that will benefit most from future improvements in Internet Explorer.

Mr LePage, on his first visit to New Zealand, says there are plenty of improvements yet to be made to the company's web browser – now on version 8 – and there is no danger of it running out of puff in the same way that word-processing programs ground to an innovation halt.

Microsoft's idea that the fight against malware could be funded by an Internet tax is "horrible," an analyst said Thursday as other experts weighed in on a recent comment by the company's security chief.

Earlier this week, Scott Charney, Microsoft's vice president for its Trustworthy Computing group, said that while there are plenty of ways to combat malware, scrub infected PCs, and take down botnets, no one wanted to foot the bill.

Microsoft will issue two bulletins addressing eight flaws in Windows and Office for this month's Patch Tuesday.

Both bulletins are listed as important - Microsoft's second highest alert rating - and will address flaws that could allow remote code execution in all supported versions of Office on Windows and Mac OS X, and Windows XP and higher.

Microsoft Windows Mobile operating systems have always been compatible with various handsets or personal digital assistants, even with those that did not feature enough performance for them, which essentially ruined user experience. Nevertheless, with Windows Phone 7-series Microsoft Corp. has very strict hardware requirements that will not allow it to run onto older cell phones.

I’ve been hanging out with a bad crowd lately.

In the interest of research, I’ve been digging into message boards and forums run by unabashed Windows enthusiasts who are intent on breaking Microsoft’s activation technology. I’ve had these forums bookmarked for years and stop in every once in a while just to see what’s new. This time I decided to drop by and actually try some of tools and utilities to see if I could become a pirate, too.

More and more personal, private information is being used and stored online than ever before, and at the same time, attacks on that information are increasing in frequency and sophistication. Phishing is a growth industry—it's very profitable to trick people into handing over names, passwords, credit card numbers, and so on, so that their finances can be pillaged. Important activities like banking and filing tax returns are being performed, and these need strong proof of identity.

In his keynote at the RSA security conference on Tuesday, Scott Charney, Microsoft's corporate vice president of Trustworthy Computing, suggested that the security industry should follow the health care model of quarantining infected PCs to prevent them from being used to send spam and conduct denial-of-service attacks.

Microsoft is looking into a new flaw that could let hackers run code if they can convince users to hit the 'F1' key in response to a pop-up window.

In a post on the Microsoft security blog, communications manager Jerry Bryant said that the flaw was made public on Friday, but that the company hadn't seen any attacks yet, and that computers running Windows 7, Vista or Sever 2008 are not affected - so XP users beware.

Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet's command-and-control centers.

But the company also admitted that it had not yet severed all communications between the controllers of Waledac and the thousands of compromised Windows computers used by hackers to pitch bogus security software and send a small amount of spam.