Browse > Home /

Microsoft: The Afari that return 鸖 is very dangerous suffer attack user easily to ask of short duration to use

June 2, 2008

On June 2 message, according to foreign media coverage, microsoft safety group suggested a few days ago, because be put in safe hidden trouble, user of short duration does not use malic Safari browser.

Microsoft says, the likelihood after Windows XP and browser of Safari of installation of Windows Vista user suffers long-range attack. Hacker but the some site of script of ill will of existence of coax user visit, download below user unwitting circumstance and install baleful software.

Current, microsoft is investigating this issue, remind an user, before the problem is solved, do not use Safari browser. Minatory to this, the apple thinks however and without what alarming. And to Microsoft this is planted unusual proposal, the apple did not publish a comment.

Last year in June, the apple released the Safari browser that be aimed at Windows system and designs. But after a few hours, the user discovered safe flaw from which, and need not the user is participated in can launch attack.

Current, safari, Firefox and IE had formed the force of 3 sufficient tripartite balance of forces in browser market. Show according to NetApplications data, this year in Feburary, the market share of IE is 74.88% , firefox is 17.27% , and Safari is 5.7% .

Written by ITTech · Filed Under IT Magazine 

WindowsUpdate needs to improve 30 seconds to develop attack code

April 27, 2008

[dispatch of Sai Di net] on April 27 message, say according to a paper that publishs recently, after undertaking study to the patch software of Microsoft, researcher uses business to use a tool, be in the 30 seconds shortest the attack code that gave to use software blemish with respect to development inside time.

According to foreign media the report says, researcher studied the patch software of 5 Microsoft software, finding out these software is how by the amendatory. They are written in the paper, after undertaking study to patch software, they use software of a tool, in several minutes — the code that interconnected system of attack computer science department develops inside shorter even time.

This considers to make clear, go up from theory for, the hacker can develop baleful code immediately after acquiring patch software, make more PC are faced with by the possibility of code of infection ill will.

The hacker’s action is very quick. The 2nd Tuesday of every month releases Microsoft patch software, code is in the ill will that uses blemish be publicitied to be able to appear the following day normally. The hacker seeks the loophole in software through reverse engineering technology.

Guest of quickly nigrify of code of development ill will has more time to discover but punching bag, and right now Microsoft is releasing patch software through Windows Update. The paper points out, although 24 hour hind are released in patch software, the Windows computer that also has 80% only visited the server of Microsoft. Microsoft is done so intentionally, other software firm also is ” gradually ” those who release patch software, in order to reduce the load of the server.

Researcher says, this kind of state must get a change. They are written in the paper, we think, it is insecure that current patch software releases a mechanism, ought to get correction, with preventing to be based on the baleful code that automatic patch software issues better.

Researcher used a code that the name is EEye Binary Diffing Suite to analyse a tool.

Know exactly about sth is planted the method can prevent hacker fan the flames of disorder. The manufacturer can be concealed of purpose when developing patch software want amendatory limitation, nigrify guest finds the flaw in software harder.

In studying, researcher uses the blemish in was less than 2 minutes of time to find out Windows GDI, rapid design gave a kind to reject a service to atttack code.

Microsoft can release patch software above all, after all machines receive patch software, republication a password. This one password can solve lock patch software, but can prevent a hacker to have retrorse project to patch software; Another kind of choice is use P2P network, with releasing patch software quickly.

Written by ITTech · Filed Under IT Magazine 

China is emissary software the attack that country of the biggest fall victim comes from the United States is most

April 3, 2008

Browse IT bound releases ” safety of message of Chinese Internet year reports ” can see, last year, the computer virus that the whole world infects through software shows explosive type growth, only golden hill poison bully those who intercept and capture is new add virus example to be amounted to 240, 156 kinds, among them 73% what trojan virus adds number newly to occupy total virus to increase number newly, be as high as 175, 313 kinds.

Amount in the computer virus with giant, various items most rampant should count ” emissary software ” , the information of each domains such as the politics that they are eroding each country not only, economy, culture is safe, and the security of national defence information that gives each country brought unprecedented challenge.

   China is attack of ” of ” emissary software one of countries of the biggest fall victim

As the development of IT, the computer gains ground more and more in social life. The computer was brought to our life on one hand convenient, also brought hidden trouble to information safety on the other hand. Open computer everyday, perhaps opened a pair to peep the eye that steals him information at the same time.

   According to statistic, in suffer ” emissary software ” in the country of attack, china is one of the biggest fall victim countries. Last year second half of the year, the whole world has 64 thousand computers on average to be affected by baleful program about everyday, among them 26% is in China, prep above of this one scale is other any countries.

The data shows, in recent years, in the power of the transmission on the world the biggest virus is in China almost indulge in wilful persecution passes.

   Website of American attack mainland is frequent

Processing of technology of lash-up of network of Chinese country computer coordinates a center to was atttacked to the network 2005 ever undertook sampling monitoring, discover 220 thousand lead plane outside the condition ever had launched attack to our country mainland.

Among them, Undertake to the mainland the website atttacks the most frequent country and area to be: The United States (40% ) , Japan (11% ) , Chinese Taiwan (10% ) with Korea (8% ) . Monitor return discovery, there are 27 thousand trojans to the mainland to atttack a source about outside the condition, basically be located in the United States, Korea and Chinese Taiwan; There are 16 thousand IP to carry out control to the corpse lead plane of the mainland about outside the condition, still basically be located in the United States, Korea and Chinese Taiwan. Be distorted in website page respect, the mainland is distorted website gross achieves 24477, among them governmental website is distorted the amount is 3831, occupy whole continent area to be distorted 16% of the website.

   Military information construction should be prevented ” emissary software “

Build the development of the propulsion of transition and IT as army, increasing in year after year with the computer amount that needs at national defence, this defends to safety of national defence information raised taller requirement. From investigation the circumstance looks, a lot of people think, the computer that will be used at army and need of national defence construction and internet carry out physics to isolate, OK have nothing worry about.

Actually, tools of all sorts of freeware or public domain software that we often use, and of all sorts of version of new download upgrade software or installation software, probable it is one is concealed ” emissary software ” carrier.

The branch that the person that legionary a few computer are used and place hold national defence part-time to build function often did not realize this one problem, they are paid attention to only external safety keeps secret and computer screen, and ignored through the software contagion to virus, make ” emissary software ” inbreak had an opportunity that can be exploited to sbs advantage.

   By ” emissary software ” the symptom of attack

Browser by ineffable revise increased a lot of toolbars, open a webpage to become however irrelevant strange page, file is revised by for no reason or missing, computer shuts automatically suddenly machine… an elder IT personage says: “If produced this kind of phenomenon, probable was to come up against emissary software ” .

“Emissary software ” it is virus of computer of huge of safe to national defence information harm. Slip into target interior like spy same, “Emissary software ” slip into often take the kind that concealments quite.

It is the commonnest that software is bound also be most a kind of covert means, it with some normally practical software is put together, when the user is installing this practical software, “Emissary software ” undertake be installinged automatically stealthily. Although install the statement that a few faintness can give out in the agreement in software commonly, but after be afraid without how many person meeting patience sees that expatiatory agreement, nod again affirm. Return some software to be being hit even instead ” emissary software ” name, actually itself is ” emissary software ” .

The fact proves, browse a few baleful websites or click among them after certain link, make possibly also be installed to go up in your browser or system ” emissary software ” program. “Emissary software ” often have double software character, apparently have practical, the basic function that provides attraction, for instance Mp3 is broadcasted, BT downloads, or a little game, but concealed a secret component among them actually, the online act that records an user is used to and will pertinent information returns software promulgator.

Investigation shows, the personal computer that the whole nation had 81% 2006 has been affected ” emissary software ” , some computer are affected ” emissary software ” amount amounts to 25 kinds even, and another findings report to 2066 enterprises, the company report that the whole nation has 80% has ” emissary software ” problem. “Emissary software ” the harm has compared virus more serious, the number one that makes safety of information of harm national defence ” killer ” .

   Information safety needs to prevent develop simultaneously

The development of IT resembles a Shuang Renjian, brought new challenge to national defence safety. Network technology nowadays already became a kind of new war to fight method. Use ” emissary software ” the national defence of peek the other side is confidential, destroy the network of the other side, once be successful can give the other side to cause huge loss, bring about even break down in the round.

Problem of increasingly outstanding safety of national defence information, caused the widespread attention of the world. Solve problem of safety of information of good national defense, must want idea of national defence of aggrandizement the whole people, walk along the innovation that paddle one’s own canoe to develop way.

– enhance network safety consciousness. It is to strengthen confidential education, make worker of national defence battlefront understands current situation of international network security further, realise steal close as austere as what steal secret accuse and denounce at a meeting instead sex, enhance ego to be on guard consciousness; 2 it is the computer that is used at national defence domain, want to use the software that provides technically, do not use pilfer edition software and hold all sorts of software up and down in Internet at will, cut off virus to infect a source; 3 it is the legislation that the country wants to strengthen information security aspect, increase blow scampish software, ” emissary software ” the strength that waits for baleful software, purify network space.

– strengthen team of network news person with ability to build. Outside wanting to draw lessons from army a few practices, induct receive network ace, build team of safety of good network news, raise safety of our country network to be on guard ability.

– accelerate software to develop pace. Now, beautiful, imprint waiting for a country is big country of accepted software development and sale, opposite lag is returned in this respect our country, the country should strengthen development to have the software of own intellectual property. Want to develop the software that to us national information safety has major effect especially, satisfy the main field such as national defence and army to need.

– strengthen oppose virus technology research. Current, in network safety domain, the technical safeguard method that basically uses has firewall, inbreak detect, data is added mix closely turn over virus to wait, the application that opposes virus technique among them is most wide, the country should strengthen the research that opposes virus technique, promote national defence information safe active defense ability ceaselessly.

   Relevant link: 5 action prevent ” baleful software “

1, do not log onto undesirable website.

2, unfamiliar of not informal download software, arise possibly to user data especially damage, if divisional software, hard disk arranges software of management of information of software, individual,wait.

3, when installing software, answer to read the user agreement with accessary software and service instruction carefully.

4, should use carefully to shareware, after avoiding software to expire, appear certain the case that be restricted because of the function and loses personal data.

5, when getting online, should use ” the software that reduce toxin individual firewall safe assistant ” stereo defense system, resist the enroach on of baleful software.

Written by ITTech · Filed Under IT Magazine 

Attack of the 2nd round of large-scale hacker erupts influence webpage exceeds 200 thousand

March 18, 2008

Dispatch of Sai Di net on March 18 message, according to foreign media coverage, afterwards evens more recently after 10 thousand websites are atttacked, researcher has disclosed new large-scale hacker charge.

The researcher of safe manufacturer McAfee estimates, this the action had had a week, undertook altering to framework of a lot of websites in the hacker inside this paragraph of time, involved about 200 thousand webpages.

Great majority suffers the webpage of the influence to use PhpBB forum software, mcAfee says. The hacker is embedded in the webpage that is atttacked the website that code of script of a T guides the victim’s browser to be able to suffer invisible attack.

With large-scale the goal of the attack that launchs pair of person that browse is different, atttack this more apt coax user starts their baleful effective load with one’s own hands.

“This attack and the hacker attack of 4 forms bright contrast last week, the great majority that the effect gets in hacker attack of 13 days is use Microsoft ActiveServerPages (.ASP) the webpage that place of Web development software writes, ” the researcher CraigSchmugar of McAfee explains on firm gain guest.

“ASP attack and PhpBB attack are in effective and laden respect is discriminating, the method is very different also. Sundry hacker formula was used in ASP attack, and PhpBB attack relies on social engineering. And PhpBB attack relies on social engineering..

The webpage that is atttacked will be guided to reach the network address that is website of a pornography it seems that. After the user was landing a webpage, “Signal of false multimedia number makes up decoder ” social engineering attack can attempt to begin to start. To watch the movie on the webpage, the user installs need be announcemented a special video multimedia number signal makes up decoder.

Next the user can download program of a Trojan horse, this program will install package of a baleful software in the system of the user, display the wrong message of sex of a deceit next, tell an user commendatory this multimedia number to signal makes up decoder to cannot be installed.

Written by ITTech · Filed Under IT Magazine 

Expert proposal Microsoft abandons Yahoo to turn attack software business SAP

February 26, 2008

Guide language: Foreign media publishs analytic article to say today, to be in network search and advertisement market overtake Gu Ge, microsoft is buying Yahoo with all one’s strength. But the personage inside a few course of study thinks, probably Microsoft ought to abandon Yahoo, turn and buy the whole world the biggest business uses software firm SAP.

   Buy Yahoo unwise

Since found, microsoft once had faced countless competitors, there is no lack of among them IBM such super tycoon. But, microsoft never has encountered the adversary that such dimensions pester Gu Ge very lesserly, hard however however. Although Microsoft has the advantage of 100 billion dollar on market prise, but this does not have too big effect however, because Gu Ge has been in,force, speed and brains respect keep banner. Go a few years in, to be in network search and advertisement market overtake Gu Ge, microsoft considered all methods almost. Final, microsoft begins to carry out a few equipment to accept the plan of doubt, move to buy Yahoo for example.

At the beginning of this month, microsoft announces to had been referred to Yahoo board of directors buy quoted price, the hope adds a stock to buy latter and total share with the cash of every 31 dollars. According to Microsoft the share price at that time, the total value that this trades is 44.6 billion dollar. Nevertheless, because share price of Microsoft of period of time dropped continuously in the past, trade value also shrink is controlled to 42 billion dollar. Week of board of directors rejected Yahoo formally of Microsoft buy quoted price, think this one price ” great the value that underestimated Yahoo ” .

Su Ma Nuo of library of · of Er of Michael of professor of business school of Si Long of college of industry of hemp province grain (Michael A. Cusumano) does not value Microsoft to buy Yahoo to trade, he once wrote the books that concerns software and Microsoft originally too much. He expresses, microsoft thinks those who buy is vintage Internet asset only to the utmost. These asset had entered winter, and Microsoft still should pay exorbitant excessive price for this. Because pressing hope beats Gu Ge, microsoft ignored a kind of most smooth strategy, that relies on oneself advantage ego to develop namely. The advantage of Microsoft depends on of all kinds applying facing an enterprise to sell software and other, score rich and generous gain from which.

   Ought to learn inscriptions on bones or tortoise shells of the Shang Dynasty

If Microsoft thinks to begin large-scale bought opportunity is already mature, also ought not to buy Yahoo, should select a main firm of domain of business affairs software however, strengthen oneself dominant position further. Microsoft present target is the Internet business oneself be together with Yahoo conformity, but rather these two recent situation not the business of beautiful is amalgamative, expect the miracle appears again, the advantage territory that still enhances oneself further produces satisfactory result more possibly.

Kusumanuo thinks, microsoft ought to learn to inscriptions on bones or tortoise shells of the Shang Dynasty, wisely choice buys an end. Go a few years in, denounce of inscriptions on bones or tortoise shells of the Shang Dynasty is gigantic endowment bought many congener company. Inscriptions on bones or tortoise shells of the Shang Dynasty finished 13 strategies to buy 2005, 2006 is 13, was 11 2007. Pass a series of buying, inscriptions on bones or tortoise shells of the Shang Dynasty enlarged product line and client group further, because be far from core business,also avoided at the same time, and the risk that pay exorbitant excessive price and produces.

This year in January, inscriptions on bones or tortoise shells of the Shang Dynasty announced brushstroke heavyweight is bought again, will buy system of software company BEA with 8.5 billion dollar. Of BEA system famous degree not tall perhaps, but inter the domain is a company that having major force truly. The headquarters of inscriptions on bones or tortoise shells of the Shang Dynasty and BEA is located in Silicon Valley, but do not resemble Gu Ge and Yahoo fetching in that way attention. Trade through this, inscriptions on bones or tortoise shells of the Shang Dynasty is in important among the market held lead dominant position, also strengthened the core business of oneself further at the same time. Altogether, inscriptions on bones or tortoise shells of the Shang Dynasty is dedicated all the time at business market, do not have by numerous and complicated the Internet domain with complex, ceaseless heat is abstracted.

Software field is used in business, microsoft also is having very good show all the time. In fact, the camp that Microsoft has an in part closes come from at business client, this is main productivity of tool of system of its email infrastructure, database, developer, office applies profit from, and other software. Buy through beginning, microsoft still made a series of business software, namely Microsoft Dynamics. Microsoft hopes to the whole world through this one product the biggest business uses software firm SAP and inscriptions on bones or tortoise shells of the Shang Dynasty of the 2nd big firm to launch immediate challenge. But so far, this still is a desire only.

SAP is better choice

Kusumanuo suggests, buy Yahoo with its, microsoft still is inferior to going after SAP. This is not the idea of an an empty hole invites the wind-weakness lends wings to rumors, in fact, two companies are early by 2003 ever closed to had undertaken negotiating. Microsoft is in the position of an envy making a person, the data center of almost all enterprise is put in the product of this company. Big company is the optimal client of software company undoubtedly, because they are willing,pay higher price for the complex, software that converts character surely. Meanwhile, once big company begins to use the software of some company, the supplier won’t change inside several years normally.

Well-known, client of 500 strong companies should compare a few fortune 10 thousand thousands of email ” client ” many important, because latter won’t be a service to pay fee, and also do not get the attention of network advertiser. Current, the market prise of SAP is 59 billion dollar about, microsoft wants to buy the excessive price that is afraid it is certain to should pay successfully. Microsoft buys Yahoo and SAP unlikelily at the same time, because these two trading total prices are worth more than 120 billion dollar. Even if Microsoft, also finish without sufficient financial resources so large-scale trade, accordingly this company must make a choice.

If CEO of inscriptions on bones or tortoise shells of the Shang Dynasty Lawrence Ailisen (Lawrence J. Ellison) is person of Microsoft palm door, so who can he choose? From the point of the experience in the past, he won’t choose Yahoo. The interest that buys Yahoo to be able to be brought to Microsoft is very few, have the problem with personnel and redundant business only probably, is not big company client. Of course, ailisenshi is willing to see Microsoft buys SAP least of all on border, because this is meant,inscriptions on bones or tortoise shells of the Shang Dynasty will face the competitor of a be terrified by the sight of sth or sb making a person. The president Frank of Computer Economics of IT research firm · Sikawo (Frank Scavo) expresses: “Microsoft buys SAP to will become the nightmare of inscriptions on bones or tortoise shells of the Shang Dynasty. “Microsoft buys SAP to will become the nightmare of inscriptions on bones or tortoise shells of the Shang Dynasty..

Gu Ge also is not willing to see the combination of Microsoft and SAP. Although apparently object Microsoft buying Yahoo to the utmost, dan Gu song may be celebrated secretly privately actually. Once come to an agreement with Yahoo, microsoft will face a lot of problems, the checkup that includes superintendency section, Yahoo is outstanding the talent’s prediction of a person’s luck in a given year, and the conformity of personnel and business is waited a moment. Want to solve these problems, microsoft may need a lot of time, and Gu Ge will be in share of market of more of race to control of this paragraph of time.

If Microsoft turns and buy SAP, enhance the advantage domain of oneself further, affirming to Gu Ge is not a good news. Because of the buildup of Microsoft oneself actual strength, early social evening affects the competition with Gu Ge. On the other hand, gu Ge also is marching to big company market. 2007, gu Ge bought Postini of provider of enterprise mail filter. In business software market, the progress that Gu Ge obtains is limited, future still has very a paragraph long the route should go.

If Microsoft loses reason, go all lengths the Yahoo that buys be in hot water, so in the competition with Gu Ge, this company will end with sufferring a defeat. (Meng Fan)

Written by ITTech · Filed Under IT Magazine 

“Avoid kill virus ” the idiomatic attack instrument that makes a hacker

November 18, 2007

A when turn over virus manufacturer to was begun a few days ago ” hacker behavior ” investigation shows, about 4 think into the netizen that compares knowledge of understanding network safety, “Avoid kill virus ” the idiomatic attack instrument that already made a hacker. This and the viewpoint be identical that turn over virus expert.
“Avoid kill virus ” it is to show through adding the technology such as housing to avoid the software that reduce toxin examines killed virus, it can make the computer is lost defend, the harm is great. The great majority netizen that joins investigation is right ” avoid kill virus ” increasingly grow in quantity is anxiety-ridden, think this is the biggest menace that the software that reduce toxin is faced with. They still think, the software reducing toxin that has active defence function can prevent effectively ” avoid kill virus ” inbreak the computer.

Written by ITTech · Filed Under Technology industry