Archive for February, 2010

I was browsing around and found a recording of FDR’s 1942 State Of The Union Address which then lead me to look up the entire address. The speech as a whole was of course about the current World War with Germany and Japan however certain parts of the address certainly would seem to apply to 2010 as much as they did to 1942.

We are fighting today for security, for progress, and for peace, not only for ourselves but for all men, not only for one generation but for all generations. We are fighting to cleanse the world of ancient evils, ancient ills.

Our enemies are guided by brutal cynicism, by unholy contempt for the human race. We are inspired by a faith that goes back through all the years to the first chapter of the Book of Genesis: "God created man in His own image."

We on our side are striving to be true to that divine heritage. We are fighting, as our fathers have fought, to uphold the doctrine that all men are equal in the sight of God. Those on the other side are striving to destroy this deep belief and to create a world in their own image—a world of tyranny and cruelty and serfdom.

That is the conflict that day and night now pervades our lives.

No compromise can end that conflict. There never has been, there never can be, successful compromise between good and evil. Only total victory can reward the champions of tolerance, and decency, and freedom, and faith.

Franklin Delano Roosevelt, January 6, 1942

Comments No Comments »

Malicious Office Documents Cause Security Woes

Exposure:

Today, Microsoft released two security bulletins describing seven vulnerabilities found in components that ship with Microsoft Office XP and 2003 for Windows, and Office 2004 for Mac. These bulletins do not affect the more current versions of Office, such as 2007 Microsoft Office System or Microsoft Office 2008 for Mac.

The vulnerabilities affect different versions of Office to varying degrees. Though the seven vulnerabilities differ technically, and affect two different Office components, they share the same scope and impact. By enticing one of your users into downloading and opening a maliciously crafted Office document, an attacker can exploit any of these vulnerabilities to execute code on a victim’s computer, usually inheriting that user’s level of privileges and permissions. If your user has local administrative privileges, the attacker gains full control of the user’s machine.

According to Microsoft’s bulletins, an attacker can exploit these flaws using many different types of Office documents. In one bulletin, Microsoft specifically states PowerPoint documents are vulnerable. However, they also mention any "Office file" in their other alert. Therefore, we recommend you beware of all unexpected Office documents.

If you’d like to learn more about each individual flaw, drill into the "Vulnerability Details" section of the security bulletins listed below:

  • MS10-003: Multiple PowerPoint Code Execution Vulnerabilities, rated Important
  • MS10-004: Microsoft Office MSO.DLL Code Execution Vulnerability, rated Important
Solution Path

Microsoft has released patches for Office to correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately, or let the Microsoft Automatic Update feature do it for you.

MS10-003:

MS10-004:

PowerPoint update for:

Comments No Comments »

Optimization WordPress Plugins & Solutions by W3 EDGE