This Weeks Computing News

News Archive |

Posted by: Tweaker
Date added: 08:47, 16th May 2008
Source: Computer World News

Hewlett-Packard Co. today confirmed that some users of its AMD-based desktops have had problems after installing Windows XP Service Pack 3 (SP3), and said it would issue a patch this week to prevent machines from spiraling into endless reboots. HP also told users to delay installing XP SP3 until that patch was released.

Microsoft, meanwhile, acknowledged today that it's working on a hotfix of its own.

The confirmations were the latest additions to the weeklong saga of problems some users have encountered after upgrading Windows XP to SP3. Last week, reports began showing up on Microsoft's support forum of "endless reboots" crippling machines running Advanced Micro Devices (AMD) processors. Many of the users said that the out-of-control PCs were from HP.

Users, led by Jesper Johansson, a former program manager for security policy at Microsoft and currently an MVP (Microsoft Most Valuable Professional) who works at Amazon.com, identified several causes, including one limited to HP-branded systems. According to Johansson -- and later, Microsoft itself -- HP used a disk image created on an Intel-powered machine to factory-install Windows XP on AMD-based PCs. Microsoft had advised computer makers against doing that as long ago as 2004.

An errant reference in Windows Registry for an unnecessary device driver -- "intelppm.sys," a power-management driver designed only for Intel-based PCs -- causes the XP SP3 upgrade to install that driver to AMD systems, said Johansson. That causes the PC to fail to reboot when it restarts after the update. Because most XP machines are set by default to reboot on a failure, the PC reboots repeatedly; some users have had trouble interrupting the endless reboots and regaining control of their computers.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:44, 16th May 2008
Source: The Register

Scientists have launched a new game site designed to make computers smarter by harnessing the cognition of the humans playing the games. Gwap.com, short for games with a purpose, takes a Tom Sawyer approach to solving age-old computer problems by repackaging normally mundane tasks as online fun.

The games are the brainchild of Luis von Ahn, the Carnegie Mellon University professor whose research led to the CAPTCHA, which is used by websites to prevent computer scripts from signing up for accounts. The puzzles with blurred images and squiggly lines take advantage of computers' inherent difficulty recognizing patterns.

It turns out that isn't the only task that eludes computers. They're also not much good at taking an image and telling you if it's a cat or a dog, or describing if a song is happy or sad. So von Ahn is hoping to get online gamers to lend a hand to help change all that.

Gwap.com randomly matches players and engages them in a game that requires them to exchange tags that describe images, sounds and other data that's presented to them at the same time. One game called "Tag a Tune" gives players a clip of a song or a noise and then challenges them to enter as many tags as possible over the next several minutes. Players receive points each time their tag matches that of their partner.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:42, 16th May 2008
Source: Eweek News

The beta version of Yahoo's SearchScan security feature has come under fire for false positives and other mistakes.

SearchScan is the result of a partnership between McAfee and Yahoo to improve the security of Web searches. The feature, powered by McAfee's SiteAdvisor, alerts users when sites contain spam, spyware, adware or other malicious software that could damage a PC.

However, since the beta was unveiled May 6, there have been some cases of false positives. A URL mix-up by Yahoo seemed to label Google.com as a malicious site. In another case, AnyCoupons, a Web site operated by 77Blue, was classified as a spammer. Though both issues have been resolved, the latter left a bad taste in the mouth of 77Blue CEO David Lewis, who complained that Yahoo and McAfee were slow to fix the problem.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:55, 15th May 2008
Source: Computer World News

A botnet is now using a SQL injection attack tool designed to hack legitimate Web sites, a move meant to add more hijacked PCs to its collection, according to a security researcher.

The Asprox botnet, which specializes in sending phishing spam, is pushing an update to the infected PCs it controls, Joe Stewart, the director of malware research at Atlanta-based SecureWorks Inc., said today. The update is an executable file -- "msscntr32.exe" -- that installs as a Windows service dubbed "Microsoft Security Center Extension."

But the executable actually installs an SQL injection attack tool, said Stewart.

SQL injection attacks have become widespread as criminals increasingly target legitimate Web sites, figure out a way to hack them, then plant iFrames on those sites to redirect users to malicious servers. Those servers silently attack visitors' PCs, often trying multiple exploits, and if one works, they download additional code to the machine to hijack it from its rightful owner and add it to an army of infected systems.

"There are multiple things out there launching similar attacks," said Stewart in explaining why there's confusion about how the tool is being spread. Some analysts have mistakenly concluded that the SQL injection tool is using wormlike tactics, according to Stewart. "The tool does not spread on its own but relies on the Asprox botnet to propagate to new hosts," he said.

It is becoming increasingly difficult to separate the multiple attack vectors that criminals are using to hack legitimate sites, if only because SQL injection attacks have ballooned in scale. Last month, for example, a massive SQL-injection attack compromised more than a half-million pages, including some on sites run by the United Nations.

After the Asprox botnet seeds its bots with the msscntr32.exe file, the attack tool launches and uses Google's search engine to find potentially vulnerable pages. It then hits those pages with a SQL-injection attack and, if successful, plants a malicious iFrame on the site.

Visitors are redirected through a series of malware-hosting servers that try one or more exploits to crack the PC. If that works, a Trojan horse is downloaded and installed on the PC, adding it to the Asprox botnet; those compromised PCs are then used to spew more phishing spam.

Stewart has counted 1,000 sites that have been hacked by the SQL injection attack tool since Monday night. The sites include small business sites, domains for several small colleges and universities, and some hosted by law firms. Most are in the U.S.

Other security vendors, including F-Secure Corp. and Symantec Corp., have also uncovered evidence of new waves of SQL-injection attacks. Those firms have been pinning responsibility on Chinese hackers who are compromising legitimate sites to spread malware to steal game passwords.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:52, 15th May 2008
Source: Computer World News

Microsoft's having a tough year with reboots. First it was a reboot ad infinitum in February, brought on by a flawed update to Windows Vista. Now the same thing's happening to some users who have updated to Windows XP Service Pack 3 (SP3).

What gives?

We don't have the answer to that -- at the moment, no one seems to have the definitive answer to that. But we do have answers to the most pressing questions about the latest Windows snafu, including a developing game of blame.

What's happening? After some users update to Windows XP SP3, their PCs reboot -- which is normal -- but then fail to start up, and then reboot again and again, which is decidedly not normal.

The "endless reboot" cropped up immediately after Microsoft made XP SP3 available to the general Windows-using public by posting the service pack to Windows Update last week. Within a day, users were reporting problems in messages on Microsoft's XP SP3 support forum.

Why are some PCs rebooting endlessly? Microsoft hasn't given any official explanation, but users on the support forum sharing accounts have identified several possible causes. Some seem to affect only systems running processors made by Advanced Micro Devices Inc. (AMD), while others have also hit users with Intel-based PCs.

The Full Story here.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:49, 15th May 2008
Source: Beta News

The PS3 manufacturer said the feature that allows gamers to trade virtual items for real money will be expanded into two new titles to be released by its in-house game studio.

Those titles, The Agency and Free Realms, use technology from Live Gamer that serves as a secure back-end for online marketplaces. The company incorporated Sony's Station Exchange technology into its own product earlier this year.

Station Exchange made its first appearance in 2005 as part of Sony's MMORPG Everquest II, and allowed the company to offer auctions of virtual goods between players.

Estimates of the value of such a market for these virtualized goods have run as high as $800 million annually -- a staggering number considering many would say "it's just a video game."

"We are actively exploring free-to-play and other revenue models, and always looking for new ways to engage and entertain gamers," SOE president John Smedley said in a statement. "We trust them to handle this area of the business for us so that we can focus on creating and growing our games."

Of the games, The Agency is a spy-themed first person shooter, allowing full customization of attire, weaponry, gadgets, vehicles, gear and aliases. Free Realms is a fantasy adventure game offering deep customization of a player's avatar.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:48, 15th May 2008
Source: Beta News

The next version of the up-and-coming graphical browser -- a popular alternative to what phone manufacturers typically supply -- has emerged from beta and is available free.

The latest iteration of Opera Mini, which has already been ported over to Android, promises an all-around faster experience on the mobile Web. In addition to intelligent text-completion for entering URLs to speed the browsing process, Opera Mini's servers have been upgraded to expedite page loads. In-text searching ("Ctrl-F") was also added to streamline content location.

Handsets equipped with JSR-75, a standard for accessing PIM data and file systems on J2ME phones, receive several upgraded features in this release. These features include site caching so that pages may be viewed in their entirety without a connection, and uploading and downloading without having to be re-routed through the phone's native browser. Depending on whether native browsers have internal firewall-like address restrictions for phones' own safety purposes (such as BlackBerry's, for instance), this may or may not be perceived as a feature.

A banner feature of Opera Mini 4 is Opera Link, the ability to sync both bookmarks and speed dial listings with other devices running Opera Mini 4 or Opera 9.5.

The beta period for this product was a relatively quick one, lasting just over one month.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 08:46, 14th May 2008
Source: C/Net News

If ever there was pressure, it falls on the shoulders of development teams trying to follow up a smash hit with a sequel.

That's the position that the folks at Epic Games find themselves in right now as they put the finishing touches on their forthcoming video game, Gears of War 2. And that's because the original Gears of War sold more than 5 million copies, becoming one of the most successful titles for Microsoft's next-generation video game console.

On Tuesday, Gears of War 2 was one of the featured games at the Microsoft Games Studio Spring Showcase event here. Dozens of video game journalists flocked to the shindig, as they do each year, for a series of tight controlled demos and hands-on play with a few of the titles.

Full story here.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 21:30, 13th May 2008
Source: Microsoft

Microsoft has released the latest monthly security updates for May 2008 and has made them available for download from the Microsoft Download Center and also from Windows Update/Microsoft Update.

Critical:

-KB951207: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution

-KB951208: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution

-KB950749: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution

Moderate:

-KB952044: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service

Microsoft has released the usual update for the Windows Malicious Software Removal Tool and the Windows Mail Definition Update (x86) (x64).

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 23:48, 12th May 2008
Source: Tech ARP News

The release of Windows Vista Service Pack 1 not only heralded a long-awaited update of the operating system, it also meant the end of two common Windows Vista anti-activation exploits - the Grace Timer exploit and the Paradox OEM BIOS activation crack. But those who think they can escape by not updating to Service Pack 1 would be sadly mistaken.

That's because Microsoft has surreptitiously released an anti-hack detection update via Windows Update. Those who chose to have Windows Vista install updates automatically would have this update installed and running by now. If you chose to manually select updates to be installed, you should find this update listed.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 23:46, 12th May 2008
Source: Windows Live Messenger

As some of you might have faced problem with Windows Live Messenger blocking some of the URLs, now the problem has been fixed and this is what Messenger Team had to say :

"Greetings Messenger fans

As some of you noticed, we had a problem from Friday night to Saturday morning where our Messenger service was incorrectly blocking some legitimate IP addresses. We sincerely apologize for any difficulties this caused our users. And we want to thank those of you that reported this problem to us so that we could quickly fix it. Because of your help, the incorrect block was only in place for a few hours.

As you can imagine, we are very serious about our efforts to block virus, malware and other harmful URLs from being passed on to our users. And we're continually working to improve this process so that we can keep our users safe without having a negative impact on your Messenger service.

There have been some pretty outlandish speculations on what happened so I'd like to give you some facts about our process for trying to block unsafe URLs and about what happened Friday night:

* There are a number of factors that can be used to determine whether a URL is potentially harmful: number of times a URL is sent, the frequency of the URL being sent, the number of accounts the URL is sent from, manually checking the URL, comparing with other "block lists", etc.

* When a URL is deemed harmful, a block can be instated for a specific URL (i.e. www..com/) or an entire domain (i.e. *..com)

* This entire process for Messenger is managed by a 3rd party that is a Microsoft partner

* On Friday, Microsoft did not request to block any of the URLs that were accidentally blocked

* The blocks were made by our partner as a result of their process to block harmful URLs

* We are still investigating the specific reason our partner made these incorrect blocks and we will work with them to improve their process for detecting harmful URLs while not blocking safe ones

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

Posted by: Tweaker
Date added: 23:43, 12th May 2008
Source: Electronista News

Microsoft is launching a mystery device nicknamed "Lips" as part of a gaming event tomorrow, says a rumor reportedly confirmed by 8Bit Joystick. Nicknamed "Lips," the device is expected to be a voice communication add-on for the Xbox 360 but is unlikely to be a typical headset, which is either packed into higher-end Xbox models as a wired headset or sold separately for wireless versions. Speculation has the device offering some level of voice recognition or else a dedicated microphone for music games.

  Tools: Comments (0) | Link to this news item | Send to a friend | Submit News

News Archive |