Technology News

Daily Technology News

Vulnerability in Indexing Service Could Allow Remote Code Execution

Bulletin Severity Rating:Important – This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker set up a malicious Web page that invokes the Indexing Service through a call to its ActiveX component. This call could include a malicious URL and exploit the vulnerability, granting(…)

Vulnerabilities in Windows CryptoAPI Could Allow Spoofing

Bulletin Severity Rating:Important – This security update resolves two privately reported vulnerabilities in Microsoft Windows. The vulnerabilities could allow spoofing if an attacker gains access to the certificate used by the end user for authentication. More: continued here

links for 2009-10-22

Getting started with Oracle SOA Suite 11g – a review.. (Inside scoop on Oracle SOA Suite, BPM and EDA) "Heidi and her team have done a tremendous job to structure the labs and hands-on exercises in a didactic, explanatory way – with solutions all the way through. This way the book serves not just as(…)

More ways to check the existense of a resource with WLST

In one of my previous post, I discussed a couple of ways with which you can find out whether a particular configuration already exists before you create them. The methods are not just limited to the one on that post. So now I am here to discuss couple more way to do the same check.(…)

Active Template Library (ATL) Vulnerability

Certain Cisco products that use Microsoft Active Template Libraries (ATL) and headers may be vulnerable to remote code execution. In some instances, the vulnerability may be exploited against Microsoft Internet Explorer to perform kill bit bypass. In order to exploit this vulnerability, an attacker must convince a user to visit a malicious web site. More:(…)

Cumulative Security Update of ActiveX Kill Bits

Bulletin Severity Rating:Critical – This security update addresses a privately reported vulnerability that is common to multiple ActiveX controls and is currently being exploited. The vulnerability that affects ActiveX controls that were compiled using the vulnerable version of the Microsoft Active Template Library (ATL) could allow remote code execution if a user views a specially(…)

Synchronizing Coherence Clusters – A Tour of Push Replication

Lately I’ve been able to do some Coherence work with some local customers and play with the Coherence Incubator projects.  This entry will showcase one of the examples for Push Replication for sharing data among separate Coherence clusters. Inter-cluster Data Replication Coherence clustering technology makes a lot of sense for customers to be able to(…)

TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products

Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely. If enough TCP connections are forced into a long-lived or indefinite(…)