OOB Security Patches for IE and Visual Studio

MS has announced that there will be an out-of-band-security-patch-fest on the 28th July. Obviously the related security flaws must be serious to warrant out of routine attention but in the same bulletin. MS states that up to date patched systems are protected from these vulnerabilities which suggests the original patch was a bit of a rush job and these patches will consolidate.

Windows 7 August 6

Microsoft comments made the RTM date for Windows 7 look pretty solid on August 6 with availability for developers soon to follow. The official launch date will still be October but it looks like the code is pretty much finalised. Could this be the real Vista?

Video ActiveX exploit - new rogue scams anyone?

A new exploit for a vulnerability in msvidctl.dll means that random surfing could lead to your PC being pwned from remote - erm ... as usual. Expect all rogue antivirus and antispyware peddlers to be using this exploit within a couple of days, followed soon after by multiple virus and trojan writers. In other words it might be a good idea to mitigate by setting the killbit on the offending active X control, which has no legitimate use in IE anyhow. See MS KB article http://www.microsoft.com/technet/security/advisory/972890.mspx or lazy people can use this ready made registry patch.

McAfee secures PCs - by update death

According to some users the latest McAfee Antivirus updates contain a false positive that is causing havoc amongst it's user base. McAfee products have long been plagued by update death and it seems lessons are yet to be learned. Tthe issue only affects the older scan engine with the new updates though so if you are a McAfee victi... I mean user make sure the scan engine is up to date as well as the vDefs.