computerwoche.de

Archiv

Kumo expected, Adobe patches with Microsoft

22.05.2009
The mystery surrounding why fraudsters shelled out big bucks for old Nokia phones was solved this week. The answer, of course, involves illegal activities. Another puzzle possibly close to being solved involves Microsoft's new search engine, which supposedly debuts next week. In security news, Adobe Systems took a patch practice from Microsoft and Conficker isn't dead yet.

1. : Adobe will use a quarterly security patch cycle to fix its flawed software. Hackers have lately targeted Adobe's Acrobat and Reader, which are used to create and read PDF (Portable Document Format) files. Adobe will issue its patches every three months on the second Tuesday, the same day that Microsoft releases its patches. This move was intentionally, Adobe said, and will allow IT staff to simultaneously test the updates before applying them to the PCs. Adobe sees the update cycles as permanent, saying that "no product is going to be completely free of vulnerabilities."

2. : Fraud investigators replicated an online banking scheme that involved using old Nokia 1100 mobile phones. Using software created by hackers, some of the phones can be reprogrammed to receive another person's phone number and text messages. Some banks send one-time passwords that are needed to complete Internet banking transactions. A compromised phone gives bad guys access to this sensitive information. This hack also requires a person's online banking log-in information, but security researchers claim key-logging programs can easily garner these details. Unsurprisingly, criminals were willing to pay exorbitant amounts, such as US$7,567, for a used 1100 phone.

3. : Sprint starts selling Palm's new smartphone on June 6, the mobile carrier announced on Tuesday. The Pre will run webOS, Palm's new mobile OS, and come with a touchscreen display. Will it draw crowds like the iPhone?

4. : Internet rumors swirled on Tuesday that Microsoft will unveil its Kumo search engine next week. Microsoft has said very little about Kumo, beyond that it is internally testing a search engine using the Kumo.com URL. Screenshots of Kumo leaked to the Web in March led one analyst to believe that the search engine won't contain new technology, but will be tweaked to produce better search results. Microsoft is expected to incorporate semantic search abilities into a future engine. This technology, which attempts to understand the full context of phrases being searched for, was gained through an acquisition Microsoft made last June.

5. : A security researcher posted attack code that exploits a flaw in Apple's Mac OS X since the company has failed to patch its software. The code exploits a vulnerability in the Java software that comes with the OS. Sun Microsystems, Java's creator, fixed the problem in December, but Apple has yet to address the issue. The flaw allows unauthorized programs to run on a person's Mac. Apple said it is aware of the bug and working on a fix, but did not provide a date.