The BugBlog

The BugBlog http://www.bjkresearch.com/bugblog/ A daily look at computer bugs, incompatibilities and other things that go wrong with your computer en-us The BugBlog http://www.bjkresearch.com/images/bugblog88_31.gif http://www.bjkresearch.com/bugblog/ 88 31 2006, BJK Research LLC Tue, 24 Oct 2006 17:48 GMT http://backend.userland.com/rss made it from scratch brucek@bjkresearch.com brucek@bjkresearch.com 240 False Positive from Symantec AntiVirus Causes a Problem http://www.bjkresearch.com/bugblog/bb0610.cfm#1024 Anti-virus signatures for Symantec AntiVirus were shipped that apparently triggered a false negative alert that the sfc.dll file in Windows XP and 2000... http://www.bjkresearch.com/bugblog/bb0610.cfm#1024 Tue, 24 Oct 2006 17:48 GMT Microsoft Re-Releases XML Security Bulletin http://www.bjkresearch.com/bugblog/bb0610.cfm#1023 Microsoft has re-released their MS06-061 Security Bulletin, which fixed a bug in Microsoft XML Core Services. The first version of their patch did not correctly... http://www.bjkresearch.com/bugblog/bb0610.cfm#1023 Mon, 23 Oct 2006 12:53 GMT First IE 7 Bug is a Leftover http://www.bjkresearch.com/bugblog/bb0610.cfm#1020 The first bug in Microsoft Internet Explorer 7 is being discussed. It is a problem in redirection handling with the mhtml: URI handler. However, according to ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1020 Fri, 20 Oct 2006 14:59 GMT IE 7 Cracks Down on ActiveX Controls http://www.bjkresearch.com/bugblog/bb0610.cfm#1019 Microsoft Internet Explorer 7 can no longer be considered beta software - so it's time for the BugBlog to start taking a look. The good news is that IE 7 imposes a lot more security on ActiveX controls. That's good -- although ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1019 Thu, 19 Oct 2006 12:56 GMT Flawed Opera Causes some Dissonance http://www.bjkresearch.com/bugblog/bb0610.cfm#1018 Opera 9 has a heap overflow bug that may cause the browser to crash when it tries to handle a very large link. Opera says they have fixed this in Opera 9.02, and that the impact of the bug is a ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1018 Wed, 18 Oct 2006 13:26 GMT Netflix Fixes a Cross-Site Hijacking Bug http://www.bjkresearch.com/bugblog/bb0610.cfm#1017 Netflix has fixed a bug on their site that may allow an attack called Cross Site Request Forgery. This type of attack may allow an outsider to change your address, add movies to your queue, and otherwise ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1017 Tue, 17 Oct 2006 13:48 GMT Excel 2003 May Yield the Wrong YIELD http://www.bjkresearch.com/bugblog/bb0610.cfm#1016 One of the Microsoft Excel 2003 financial functions will give you the wrong answer under a particular set of inputs. If you are using the YIELD function, and the security settlement date is... http://www.bjkresearch.com/bugblog/bb0610.cfm#1016 Mon, 16 Oct 2006 13:48 GMT Lower Your Defenses When You Install IE 7 http://www.bjkresearch.com/bugblog/bb0610.cfm#1013 With the official release of Microsoft Internet Explorer 7 soon upon us, you may want to know that Microsoft's IEBlog is reminding everyone that they recommend that you temporarily turn off all you anti-virus and and anti-spyware applications before... http://www.bjkresearch.com/bugblog/bb0610.cfm#1013 Fri, 13 Oct 2006 13:46 GMT Bug in AOL Control http://www.bjkresearch.com/bugblog/bb0610.cfm#1012 When you install America Online 9.0 Security Edition, it installs an ActiveX control, AOL.PicDownloadCtrl.1t, that is marked as being safe for scripting. Security researchers at iDefense discovered a buffer overflow ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1012 Thu, 12 Oct 2006 13:18 GMT Bugs in Microsoft Server Services http://www.bjkresearch.com/bugblog/bb0610.cfm#1011 Another bug in an ActiveX control puts users of Windows 2000, Windows XP, and Windows Server 2003 in jeopardy. The bug is in the WebViewFolderIcon ActiveX control, and if you visit a malicious website... http://www.bjkresearch.com/bugblog/bb0610.cfm#1011 Wed, 11 Oct 2006 12:49 GMT Another Critical ActiveX Bug for Microsoft http://www.bjkresearch.com/bugblog/bb0610.cfm#1010a Another bug in an ActiveX control puts users of Windows 2000, Windows XP, and Windows Server 2003 in jeopardy. The bug is in the WebViewFolderIcon ActiveX control, and if you visit a malicious website... http://www.bjkresearch.com/bugblog/bb0610.cfm#1010a Tue, 10 Oct 2006 19:20 GMT Waiting for Microsoft http://www.bjkresearch.com/bugblog/bb0610.cfm#1010 The BugBlog will be updated later this afternoon, after Microsoft releases the Patch Tuesday Security Bulletins. http://www.bjkresearch.com/bugblog/bb0610.cfm#1010 Tue, 10 Oct 2006 12:18 GMT Mac OS X 10.4.8 RAID Update May Cause a Panic http://www.bjkresearch.com/bugblog/bb0610.cfm#1009 If you are updating to Mac OS X 10.4.8 or OS X 10.4.8 Server on a Mac Pro with a software RAID boot volume, Apple says you need to take special precautions. Don't... http://www.bjkresearch.com/bugblog/bb0610.cfm#1009 Mon, 09 Oct 2006 12:18 GMT A Big Patch Tuesday http://www.bjkresearch.com/bugblog/bb0610.cfm#1007 October 10 is Patch Tuesday, and it will be an extra special one. Microsoft has announced that there will be six security bulletins for Windows, and at least one of them is rated Critical. There will ... http://www.bjkresearch.com/bugblog/bb0610.cfm#1007 Sat, 07 Oct 2006 13:49 GMT Buffer Overflow Bugs in CA BrightStor http://www.bjkresearch.com/bugblog/bb0610.cfm#1006 Security researchers at Tipping Point found a number of buffer overflow bugs in CA BrightStor ARCserve Backup R11.5, BrightStor Enterprise Backup 10.5... http://www.bjkresearch.com/bugblog/bb0610.cfm#1006 Fri, 06 Oct 2006 12:45 GMT Microsoft VML Bug Wins the Bug of the Month http://www.bjkresearch.com/bugblog/month/200610.cfm Sony is the Manufacturer behind the Dell and Apple Recalls http://www.bjkresearch.com/bugblog/month/200610.cfm Thu, 05 Oct 2006 21:32 GMT ATI TV Guide May Lose Its Listings http://www.bjkresearch.com/bugblog/bb0610.cfm#1005 When using the ATI Multimedia Center 9.15 software with an ATI multimedia card, you may sometimes get a corrupted database for the TV listings. This may prevent the... http://www.bjkresearch.com/bugblog/bb0610.cfm#1005 Thu, 05 Oct 2006 12:45 GMT Mozilla Bug Report Was a Hoax http://www.bjkresearch.com/bugblog/bb0610.cfm#1004 The 10/2 Mozilla JavaScript bug report was a hoax. While there is a bug that may be used to crash your browser, attackers can't use it to run hostile code on your computer. Any other claims by the two researchers, who probably won't be invited back to make any more presentations, should also be considered fraudulent. While the BugBlog often reports on what independent researchers say (and these reports also included quotes from Mozilla's security spokesman that lent some credence to their claims) rest assured that these two will no longer be considered valid sources. http://www.bjkresearch.com/bugblog/bb0610.cfm#1004 Wed, 04 Oct 2006 12:36 GMT JavaScript Bug in Mozilla- Not? http://www.bjkresearch.com/bugblog/bb0610.cfm#1002 There appears to be a major retraction in the claims about this JavaScript bug in Mozilla. .... http://www.bjkresearch.com/bugblog/bb0610.cfm#1002 Tue, 03 Oct 2006 19:58 GMT McAfee Protection Had a Hole http://www.bjkresearch.com/bugblog/bb0610.cfm#1003 There is a bug in McAfee ProtectionPilot 1.1.0 and McAfee ePolicy Orchestrator 3.5.0 that may allow remote attackers to run their own code on the "protected" computer. This happens via.... http://www.bjkresearch.com/bugblog/bb0610.cfm#1003 Tue, 03 Oct 2006 14:19 GMT JPEG Image Bug in Mac OS X http://www.bjkresearch.com/bugblog/bb0610.cfm#1001 There is a bug in the way that Mac OS X 10.4.x computers view JPEG2000 images. An attacker may be able to construct one of these images that can either crash the application viewing it, or run.... http://www.bjkresearch.com/bugblog/bb0610.cfm#1001 Sun, 01 Oct 2006 15:52 GMT Dreamweaver Says Your Parameter Is Incorrect http://www.bjkresearch.com/bugblog/bb0609.cfm#0929 Adobe says that you may get an error message in Macromedia Dreamweaver that says: Parameter is incorrect. (That happens to be an error message that I run into.... http://www.bjkresearch.com/bugblog/bb0609.cfm#0929 Fri, 29 Sep 2006 13:58 GMT Another ActiveX Problem for Microsoft http://www.bjkresearch.com/bugblog/bb0609.cfm#0928 At the risk of turning the BugBlog into "All Microsoft, All of the Time" -- US-CERT reports on another bug in an ActiveX control, which will cause a security problem for Microsoft Internet Explorer... http://www.bjkresearch.com/bugblog/bb0609.cfm#0928 Thu, 28 Sep 2006 13:21 GMT Microsoft Issues Early Patch for VML Bug http://www.bjkresearch.com/bugblog/bb0609.cfm#0927 Microsoft has issued an out-of-cycle security bulletin (meaning they didn't wait for Patch Tuesday) for the VML Buffer Overrun bug in Microsoft Internet Explorer. This bug was being actively exploited .... http://www.bjkresearch.com/bugblog/bb0609.cfm#0927 Wed, 27 Sep 2006 11:24 GMT Internet Explorer VML Attacks Increasing http://www.bjkresearch.com/bugblog/bb0609.cfm#0926 The Internet Storm Center reports that there is much more hostile activity targeting the VML security bug in Microsoft Internet Explorer. They say "The exploit is widely known, easy to.... http://www.bjkresearch.com/bugblog/bb0609.cfm#0926 Tue, 26 Sep 2006 12:59 GMT The Big Picture: Symantec's Internet Security Report http://www.bjkresearch.com/bugblog/bb0609.cfm#0925 Symantec has released the latest version of their semi-annual Internet Security Threat Report. Targeted attacks, especially phishing attacks, are becoming.... http://www.bjkresearch.com/bugblog/bb0609.cfm#0925 Mon, 25 Sep 2006 13:03 GMT