Security News (updated throughout the day)

• Vuln: HP Performance Insight Remote Command Execution Vulnerability
• Vuln: Microsoft Excel XLSX File Parsing Remote Code Execution Vulnerability
• Vuln: Opera Web Browser 'Content-Length' Header Integer Overflow Vulnerability
• Vuln: Multiple Apple Wireless Products FTP Port Forward Security Bypass Vulnerability
• Bugtraq: ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability
• Bugtraq: SQL injection vulnerability in wILD CMS
• Bugtraq: IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
• Bugtraq: [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands
• More rss feeds from SecurityFocus

Sorry: It's not possible to reach RSS file http://rssnewsapps.ziffdavis.com/eweeksecurity.xml
(you will probably hide this message in "live" and simply show nothing)

Network World on Privacy
Latest privacy news and analysis from NetworkWorld.com.

• Schneier: Fight for privacy or kiss it good-bye
• Pa. district accused of student spying puts IT workers on leave
• Open Identity Exchange backs U.S. gov't privacy guidelines
• Senator to introduce Internet human rights bill
• Google hopes to launch German Street View this year
• 'Spygate' teenager demands webcam pix from Pa. school
• High school confidential: Spies, lies, and alibis
• Suspend airport body scanner program, privacy groups say
• FTC seeks extensive information from firms being investigated for P2P breaches
• You don't know tech: The InfoWorld news quiz

Recent Security at Home information
Keep up to date with the ten most recent syndicated articles from Microsoft Security at Home.

• Microsoft security updates for July 2009
• Microsoft security updates for June 2009
• Microsoft security updates for May 2009
• What is a botnet?
• What is spam?
• What are Internet filters?
• What is identity theft?
• Microsoft security updates for April 2009
• Protect yourself from the Conficker computer worm
• How to prevent a computer worm

Microsoft Security Bulletins
Microsoft Security Bulletins

• MS10-017 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)
• MS10-016 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
• MS10-015 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)
• MS10-014 - Important: Vulnerability in Kerberos Could Allow Denial of Service (977290)
• MS10-013 - Critical: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)
• MS10-012 - Important: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)
• MS10-011 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
• MS10-010 - Important: Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)
• MS10-009 - Critical: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)
• MS10-008 - Critical: Cumulative Security Update of ActiveX Kill Bits (978262)
• MS10-007 - Critical: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
• MS10-006 - Critical: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)
• MS10-005 - Moderate: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)
• MS10-004 - Important: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
• MS10-003 - Important: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)
• MS10-002 - Critical: Cumulative Security Update for Internet Explorer (978207)
• MS10-001 - Critical: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270)
• MS09-074 - Critical: Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)
• MS09-073 - Important: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
• MS09-072 - Critical: Cumulative Security Update for Internet Explorer (976325)
• MS09-071 - Critical: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318)
• MS09-070 - Important: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726)
• MS09-069 - Important: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
• MS09-068 - Important: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)
• MS09-067 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

SecurityFocus News
SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

• News: Twitter attacker had proper credentials
• News: PhotoDNA scans images for child abuse
• News: Conficker data highlights infected networks
• News: Popular apps need better patching, says report
• Brief: Google offers bounty on browser bugs
• Brief: Cyberattacks from U.S. "greatest concern"
• Brief: Microsoft patches as fraudsters target IE flaw
• Brief: Attack on IE 0-day refined by researchers
• News: Monster botnet held 800,000 people's details
• News: Google: 'no timetable' on China talks
• News: Latvian hacker tweets hard on banking whistle
• News: MS uses court order to take out Waledac botnet
• Infocus: Enterprise Intrusion Analysis, Part One
• Infocus: Responding to a Brute Force SSH Attack
• Infocus: Data Recovery on Linux and <i>ext3</i>
• Infocus: WiMax: Just Another Security Challenge?
• Gunter Ollmann: Time to Squish SQL Injection
• Mark Rasch: Lazy Workers May Be Deemed Hackers
• Adam O'Donnell: The Scale of Security
• Mark Rasch: Hacker-Tool Law Still Does Little
• More rss feeds from SecurityFocus

CERT/CC
At the CERT Coordination Center, we study Internet security vulnerabilities and incident activity, research security and survivability in wide-area networked computing, and develop information to help you improve security at your site.

Sorry: It's not possible to reach RSS file http://www.computerworld.com/news/xml/0,5000,584,00.xml
(you will probably hide this message in "live" and simply show nothing)

LinuxSecurity.com - Security Advisories
The central voice for Linux and Open Source security news.

• Pardus: 2010-39: Firefox: Multiple Vulnerabilities
• Pardus: 2010-38: Sudo: Privilege Escalation
• Slackware: 2010-067-01: httpd: Security Update
• Debian: 2008-1: typo3-src Multiple Vulnerabilities
• Ubuntu: 907-1: gnome-screensaver vulnerabilities
• SuSE: 2010-016: Linux kernel

Apple Hot News
Hot News provided by Apple.

• iPad Available in US on April 3
• Apple World’s Most Admired Company
• 10 Billionth Download for iTunes
• iTunes Store Tops 10 Billion Songs Sold
• Introducing Aperture 3
• Architecture in Motion: RTKL and iPhone
• Apple Launches iPad
• Apple Reports All-Time Highest Revenue and Profit
• Logic Pro 64-bit the talk of the NAMM music show
• The Apple App Store Economy: Infographic from gigaom.com
• A Guided Tour in the Palm of Your Hand: iPod touch at the Cooper-Hewitt
• Apple Releases New MobileMe Gallery App
• Introducing Bento 3 Contact and Customer Manager
• iPod touch + Edu Apps = Happy Students
• Camera Pro Preaches iPhone Photography
• Global Mobile U
• How the iPhone Could Reboot Education
• 30 Must-Have Games for iPhone and iPod touch
• iPhone Improves Legal Services
• Snow Leopard Server “a tremendous value”

Stupid Security
Exposing Fake Security Since 2003

• Homeland Security out of a job?
• Arabic-language flashcards don't fly with TSA
• TSA Worker Fired For "White Powder" Prank
• TSA Logo Competition
• 8 year old on watch list
• Roundup of Web "Security" Articles
• Slovak Air Security Test Goes Very Wrong
• Full Body Scanners - Millimeter Waves Pass Through Powder
• Books banned on Canada flights to US
• TSA Says Historical Canal Mule Skinners Need Biometric ID