home contact keylogger.org add keylogger.org to favorites set keylogger.org as homepage Anti-Keylogger.org
Keylogger testing and reviews

Keylogger testing policy

Press-releases

Keylogger developers

Links 		Monitoring Software Keylogger articles

Get Free Software

Keylogger chat

Keylogger forum

Sponsorship & services
Advertising
Your Ad Here
Site News
Current section

August 07, 2008

New version of Spytech SpyAgent added!

New build of All In One Keylogger 3.1 added!
World news

August 29, 2008

ICO urges firms to step up privacy controls

Watch Out! Firing IT Workers Can Cost You

New security rules on tap for credit-card handlers

Royal College of Physicians improves database security

FBI warns of hit man scam

Bank of New York loses 12.5 million customer details

Microsoft introduces black screens for pirates

Four Quick Tips for Choosing an IM Security Product

Intel releases Bios update

Microsoft warns of IE8 lock-in with XP SP3

Apple confirms iPhone security bug, promises patch

Best Western forced to play defense on data breach disclosure
Newsletter
E-mail: 
Subscribe
Send to friend
E-mail: 
Send
Voting

We are planning to redesign our site. We would like You to express your opinion in this respect. Would you like to leave the site as it is? What changes would you like to suggest?

Yes, I like the site as it is.
It's ok, but some changes are necessary.
It should be changed completely.
VotingView results
DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

July 11, 2008

Apple TV gets a security update

Apple released a security update on Thursday for its Apple TV. Version 2.1 includes six patches that address buffer overflow and arbitrary code execution vulnerabilities.

Apple TV 2.1 can be automatically downloaded when the update is detected by the Apple TV device. The patches may take up to one week to be detected, depending on the day a device checks. A manual update can be accomplished by using the TV interface and selecting Settings > Update Software. This update will not appear in your computer's Software Update application or in the Apple Downloads site.

Here's an overview of the six patches, which affect only users of Apple TV:

* The update addresses a buffer overflow vulnerability described in CVE-2008-1015. According to Apple, "an issue in the handling of data reference atoms may result in a buffer overflow. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution". Apple credits Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.

* The update addresses a buffer overflow vulnerability described in CVE-2008-1017. Apple says "an issue in the parsing of 'crgn' atoms may result in a heap buffer overflow. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution". Apple credits Sanbin Li, working with TippingPoint's Zero Day Initiative, for reporting this issue.

* The update addresses a buffer overflow vulnerability described in CVE-2008-1018. Apple says "viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution". This update addresses the issue through improved handling of format strings.

* The update addresses an arbitrary code execution vulnerability described in CVE-2008-2314. Apple says "a URL-handling issue exists in the handling of 'file:' URLs. This may allow arbitrary applications and files to be launched when a user plays maliciously crafted QuickTime content. This update addresses the issue by no longer launching local applications and files". Apple credits Vinoo Thomas and Rahul Mohandas of McAfee Avert Labs, and Petko D. (aka pdp) Petkov of GNUCitizen working with TippingPoint's Zero Day Initiative, for reporting this issue.

* The update addresses a buffer overflow vulnerability described in CVE-2008-0234. Apple says "a heap buffer overflow exists in the handling of HTTP responses when RTSP tunneling is enabled. Playing maliciously crafted QuickTime content may lead to an unexpected application termination or arbitrary code execution".

* The update addresses a buffer overflow vulnerability described in CVE-2008-0036. Apple says "a buffer overflow may occur while processing a compressed PICT image. Opening a maliciously crafted compressed PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by terminating decoding when the result would extend beyond the end of the destination buffer". Apple credits Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.


Source: ZDNet Asia




All news for August 29, 2008:
15:12ICO urges firms to step up privacy controls
15:09Watch Out! Firing IT Workers Can Cost You
15:08New security rules on tap for credit-card handlers
15:05Royal College of Physicians improves database security
15:04FBI warns of hit man scam
15:04Bank of New York loses 12.5 million customer details
14:59Microsoft introduces black screens for pirates
14:57Four Quick Tips for Choosing an IM Security Product
14:54Intel releases Bios update
14:50Microsoft warns of IE8 lock-in with XP SP3
14:47Apple confirms iPhone security bug, promises patch
14:46Best Western forced to play defense on data breach disclosure

All news for August 28, 2008:
14:03IT administrators admit they’d steal data
14:02Stolen SSH keys used for attacks
14:01UK to lead e-crime prosecutor network
13:59Nortel Uses USB Drive to Secure Remote Work
13:56Symantec wants another chance
13:56PC Tools to be poor man's Norton
13:54Nasa hacker loses final legal challenge
13:53Full disclosure: The only protocol for net security
13:52Researchers exploit web protocol to hijack traffic
13:51Linux cryptography attacks seen in the wild
13:50McAfee: Criminals hijacking virtual worlds
13:48Microsoft Office Live Small Biz suffers outage, possibly lost e-mail
13:34Judge lets privacy advocate keep Social Security numbers on Web site
13:19Microsoft reveals IE8 Beta 2
13:01Malware infects space station laptops



All news for August, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!

Advertising
Your Ad Here
| home | testing and reviews | testing policy | press_releases | developers |

| articles | contest | chat | forum | sponsorship & services | contacts | links |
Copyright © 2003-2008, Keylogger.Org Team. All Rights Reserved.
Use of any information from this website is permitted only with hypertext link to www.keylogger.org.