Computer Security Blog

Instead of leaving its customers with a software security breach, Microsoft rushed to release its WMF patch ahead of the scheduled Jan 10th release.

Previously Microsoft had stated that it would not release a patch until it had thoroughly tested it and not before the security updates is scheduled to be released.

However, within the past 24 hours, two other websites have published unauthorized patches for the WMF security breach. Even though Microsoft was not going to release a security breach sooner, it notified its customers not to install the unauthorized patch, and instead disable the dll file.

Throughout this whole ordeal Microsoft has received heavy criticism, and responded by releasing the WMF patch today. However, Microsoft stated that it would still release other security updates for their regular January 10th timeframe.

According to the folks at scmagazine.com, many male employees would show a good looking, nicely dressed woman, how to use a company computer if she walked in looking for help. This might seem like a joke or unbelievable, but “according to this year's CSI/FBI survey on Computer Crime and

Security more than $30 million worth of damage was caused by insiders stealing proprietary information. FBI and other security analysts still maintain that the majority of threats originate from insiders or people with insider privileges.”

The rest of the article entitled, “Social Engineering and other threats to internal security “, revealed how hacker Keith Mitnik was able to use ‘social engineering’ to gain access to your computer. Mitnik described a scenario in which a promotional CD sent to an employee could be used to gain access to a company’s computer.

The computer security team at Purdue University issued a recommendation yesterday, that people buying computers this holiday quickly install an anti-virus program and security patches.

Even though many of the new computers will have anti-virus software installed, Mike Carr, the chief computer security officer at Purdue, recommends that the computer be upgraded with the latest virus definitions, "Anti-virus software is only as good as its latest update," Carr said. "Most vendors release regular updates to meet the latest computer virus threats."

Carr also encouraged people to install the latest patches available for the software they are using. Read more about Carr’s recommendations at this website.