TechRepublic - Microsoft Word Help Center :
"This collection of 'how tos' articles tricks and tips and downloads will help you take advantage of Microsoft Word"
Free Registration
http://techrepublic.com.com/1200-26-5227574.html?tag=nl.e103
Friday, November 12, 2004
Thursday, November 11, 2004
MSN Search (beta)
It isn't google, but it's surprisingly good
http://beta.search.msn.com/
http://beta.search.msn.com/images/results.aspx?FORM=IRHP&q
http://beta.search.msn.com/news/results.aspx?FORM=NRIR&q
http://beta.search.msn.com/
http://beta.search.msn.com/images/results.aspx?FORM=IRHP&q
http://beta.search.msn.com/news/results.aspx?FORM=NRIR&q
The trouble with using ems and percents for font sizing
The trouble with using ems and percents for font sizing:
"When good intentions fail
Relative font sizing is a great idea that fails to live up to its promises of user accessibility or design flexibility for the Web builder. In order to use relative font sizing successfully, you need to plan your page design and CSS styles very carefully to avoid the potential problems of nesting elements. You can do it, but it's not easy and it imposes significant restrictions on your design options. Otherwise, you need to rely on keywords or absolute measurements for font sizing. "
Free registration
http://builder.com.com/5100-6371_14-5210803.html?tag=nl.e601
"When good intentions fail
Relative font sizing is a great idea that fails to live up to its promises of user accessibility or design flexibility for the Web builder. In order to use relative font sizing successfully, you need to plan your page design and CSS styles very carefully to avoid the potential problems of nesting elements. You can do it, but it's not easy and it imposes significant restrictions on your design options. Otherwise, you need to rely on keywords or absolute measurements for font sizing. "
Free registration
http://builder.com.com/5100-6371_14-5210803.html?tag=nl.e601
Monday, November 08, 2004
US-CERT Vulnerability Note VU#842160 IE contains a buffer overflow vulnerability
US-CERT Vulnerability Note VU#842160:
"Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. "
A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of FRAME and IFRAME elements. Publicly available exploit code uses JavaScript to prepare heap memory with blocks that consist of NOP slides and shell code. After mishandling overly long SRC and NAME attributes, IE dereferences a memory address that may fall within one of the prepared heap blocks, running through the NOP slide and executing the attacker's shell code. Without the ability to prepare the heap blocks, this attack become significantly more difficult.
Other programs (e.g., Outlook, Outlook Express, AOL, Lotus Notes) that use the WebBrowser ActiveX control could be affected by this vulnerability
Install Windows XP Service Pack 2 (SP2)
Microsoft Windows XP SP2 does not appear to be affected by this vulnerability.
Disable Active scripting
Disabling Active scripting makes it more difficult for an attacker to prepare the heap to easily execute arbitrary code. At a minimum, disable Active scripting in the Internet zone and the zone used by Outlook, Outlook Express, or any other software that uses the WebBrowser ActiveX control. Instructions for disabling Active scripting can be found in the Malicious Web Scripts FAQ.
Do not follow unsolicited links
http://www.kb.cert.org/vuls/id/842160
"Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. "
A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of FRAME and IFRAME elements. Publicly available exploit code uses JavaScript to prepare heap memory with blocks that consist of NOP slides and shell code. After mishandling overly long SRC and NAME attributes, IE dereferences a memory address that may fall within one of the prepared heap blocks, running through the NOP slide and executing the attacker's shell code. Without the ability to prepare the heap blocks, this attack become significantly more difficult.
Other programs (e.g., Outlook, Outlook Express, AOL, Lotus Notes) that use the WebBrowser ActiveX control could be affected by this vulnerability
Install Windows XP Service Pack 2 (SP2)
Microsoft Windows XP SP2 does not appear to be affected by this vulnerability.
Disable Active scripting
Disabling Active scripting makes it more difficult for an attacker to prepare the heap to easily execute arbitrary code. At a minimum, disable Active scripting in the Internet zone and the zone used by Outlook, Outlook Express, or any other software that uses the WebBrowser ActiveX control. Instructions for disabling Active scripting can be found in the Malicious Web Scripts FAQ.
Do not follow unsolicited links
http://www.kb.cert.org/vuls/id/842160
Subscribe to:
Posts (Atom)
Posts
