Microsoft today said it will patch at least 14 vulnerabilities next week, including four in Internet Explorer (IE), making it three months in a row that the company has plugged holes in its browser.
Of the nine updates set for Aug. 14, five will be labeled "critical," the most serious of the four ratings Microsoft uses. The other four will be pegged "important," the next-lower threat ranking.
A security researcher has admitted that he has managed to crack the ROPGuard tool that won second prize at the recent Microsoft BlueHat contest.
According to Arstechnica, security researcher Shahriyar Jalayeri has demonstrated an exploit that bypasses the tool's protection. According to a blog, Jalayeri said that he managed to bypass EMET 3.5 and wrote a full-functioning exploit for CVE-2011-1260 with all Enhanced Mitigation Experience Toolkit's (EMET) ROP mitigation enabled.
Microsoft and the New York Police Department have jointly developed a data aggregation and analysis system that allows officers to tap into live video camera feeds, 911 calls, mapped crime statistics, and license plate readers to fight crime.
Based on Microsoft technologies, the Domain Awareness System will be available to law enforcement and intelligence agencies around the world, with the city of New York receiving 30 percent of the revenues, New York Mayor Michael Bloomberg and Police Commissioner Raymond Kelly announced today.
When Microsoft released the preview of Internet Explorer 10 at the beginning of June and announced that in Windows 8 the browser will be sending a “Do Not Track” signal to Web sites by default, the statement started a heated discussion among advertisers, online analytics companies, and the Tracking Protection Working Group of the World Wide Web Consortium.
Microsoft has blocked a popular work-around that let users boot directly to the Windows 8 desktop, a co-author of an upcoming book on the operating system confirmed today.
"Microsoft made some changes to Windows that prevent the .scf hack from working correctly," said Rafael Rivera in an email reply to questions. Rivera blogs at WithinWindows.com and along with Paul Thurrott, is the co-author of Windows 8 Secrets, a book slated for release next month.
Firefox is still fighting back. After dipping below 20 percent share in May, it looked like the browser was sure to relinquish its silver medal position to Chrome. June saw a surprise turnaround and that's continued into July.
Internet Explorer stays in gold with a 53.90 percent share of the desktop market, down 0.10 point from June. Firefox is up 0.14 points to 20.2 percent. Chrome picks up the bronze with an 18.9 percent share, down 0.18 points from a month ago. Safari is up 0.17 points to 4.90 percent, and Opera essentially unchanged, down 0.01 points to 1.59 percent.
Microsoft last week warned IT administrators that critical vulnerabilities in code licensed from Oracle could give attackers access to Exchange Server 2007 and Exchange Server 2010 systems.
Oracle patched the vulnerabilities in its "Oracle Outside In" code libraries as part of a massive update on July 17 that fixed nearly 90 flaws in its database software.
Outlook.com has seen more than 1 million people sign up for the service in just a few hours, Microsoft has said.
The sign-up figures for the successor to Hotmail were tweeted by @Outlook yesterday just over six hours after the new service was first announced.
The changes include the new email address -- @outlook.com -- which will replace the older @hotmail.com address, used by hundreds of millions worldwide across its more than 10 years of its service. Users can already "Upgrade to Outlook.com" to keep their existing address.
Researchers have devised an attack against a Microsoft-developed authentication scheme that makes it trivial to break the encryption used by hundreds of anonymity and security services, including the iPredator virtual private network offered to users of The Pirate Bay.
Windows 8 is looking like it will be a more secure operating system to install than Windows 7, but that doesn't mean it's 100 percent. A security researcher claims that he has found at least three attack points in Windows 8 that could leave the OS open to exploits.
