1641

Denial of Service attacks against secure web sites
http://www.norman.com/security_center/security_center_archive/2011/dos_attacks_against_secure_web_sites/en-us

1642

Worm wriggles through year-old flaw, builds zombie-net. More a business failure than a software security failureā€™
http://www.theregister.co.uk/2011/10/26/jboss_worm/

Tsunami Trojan: First Mac attack based on Linux crack. Slips in Mac OS X backdoor, phones home
http://www.theregister.co.uk/2011/10/26/tsunami_mac_backdoor/

1643

Facebook sees 600,000 compromised logins per day
http://arstechnica.com/gadgets/news/2011/10/facebook-sees-600000-compromised-logins-per-day006-of-all-logins.ars

1644

Duqu exploits previously unknown vulnerability in Windows kernel
http://www.h-online.com/security/news/item/Duqu-exploits-previously-unknown-vulnerability-in-Windows-kernel-1370369.html

1645

I still wonder if ā€œcompromisedā€ means actual hacked accounts or simply attempts to access an account using
an incorrect password ??? (Something all of us have probably done on occasion.)

1646

Microsoft releases Security Advisory 2639658
http://blogs.technet.com/b/msrc/archive/2011/11/03/microsoft-releases-security-advisory-2639658.aspx
https://technet.microsoft.com/en-us/security/advisory/2639658

1647

So the fix involves something that might break other things. Iā€™ll wait for the actual patch and depend on Avast in the meantime.

1648

Whilst I too will wait for the actual security update, when you download the hotfix/fixit there is normally an associated one to reverse the fix. If I were to use the fixit I would download the reversal function also.

1649
Microsoft is currently still working on a security update. However, the company said that the update will not be ready in time for its upcoming monthly patch day, known as Patch Tuesday, next week.

As Dave said, you can Enable/Disable the fix: http://support.microsoft.com/kb/2639658

1650

Revoking Trust in DigiCert Sdn. Bhd Intermediate Certificate Authority
https://blog.mozilla.com/security/2011/11/03/revoking-trust-in-digicert-sdn-bhd-intermediate-certificate-authority/
http://blogs.technet.com/b/msrc/archive/2011/11/03/untrusted-certificate-store-to-be-updated.aspx
http://www.entrust.net/advisories/malaysia.htm

1651

Microsoft Security Bulletin Advance Notification for November 2011
http://technet.microsoft.com/en-us/security/bulletin/ms11-nov

1652

Major DNS Cache Poisoning Attack Hits Brazilian ISPs

here is a large-scale DNS cache-poisoning attack going on in Brazil at the moment, with potentially millions of users affected by a tactic that is forcing the to install a malicious Java applet before they can reach many popular sites, including Google, Gmail and Hotmail.

More

1653

Niceā€¦!!! :slight_smile:
http://www.avast.com/zero-day-exploit-reports

1654

Security update available for Adobe Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb11-27.html

1655

Thanks, I didnā€™t even know I had it installed. It must have come with the computer. I just updated it but Iā€™m not sure I even need it.

1656

NP. And if you donā€™t need it, just drop it. :wink:

1657

Are Adobe Shockwave Player and Adobe Flash Player now rolled into one application/plug-in called Adobe Shockwave Player ?

1658

AFAIK, Flash Player and Shockwave Player are still 2 different things. I certainly have them both as separated tools, with different versions. Both are from Adobe.

1659

Yes thought so, but the plugin for adobe flash player in firefox is reported as Shockwave Flash (and I though I had avoided adobe shockwave player.

1660

At Adobe homepage, see attachment.