Wednesday, February 16, 2005

McAfee plans daily virus updates

By Robert Lemos CNET News.com
“Security specialist McAfee said Monday that it will start updating its virus-matching database every day, and that it will launch a customizable Web site that offers incident and threat information.

Starting Feb. 24, the company will move from weekly updates of its virus definition data files, or DATs, to daily updates, said Vincent Gullotto, vice president of the antivirus emergency response team for the company. DATS make up the dictionary of viruses that McAfee's software recognizes.

"We had this request from our customers for quite some time, and we studied whether we could do it and do it effectively," Gullotto said.

Gullotto said the move is also a response to the increasing number of threats found on the Internet every day. On average, McAfee adds detection for 50 new threats each day.

In addition, the company announced plans to publish security incident and threat information to a customizable Web site, MyAvert. The site will be available in March, the company said.

http://news.zdnet.com/2100-1009_22-5575678.html?tag=nl.e539

Monday, February 14, 2005

Optimize PDF Files

“Portable Document Format (PDF) is the defacto file format for presenting device-independent documents on and off the Web. While PDFs have become quite popular on the Web, many PDFs used in web sites are designed for high quality print output and are not optimized for the Web. Even PDFs designed for Web use can have a wait problem, weighed down with excess fonts, change histories, and unoptimized images and forms. Optimizing PDF files for the Web can significantly shrink their size and boost display speed, saving bandwidth and user frustration.

This article will give you tips and tools to optimize PDFs for minimum file size while still maintaining accessibility and search engine visibility.

http://www.websiteoptimization.com/speed/tweak/pdf/

Rogue Code

By Matt Hines
“Sample attack code released by security firms is putting unpatched PCs at risk, according to Microsoft.

Microsoft has urged customers to apply its latest security patches, after several companies published "proof of concept" attacks that exploit the flaws that the updates fix.

In a notice posted to its Web site late Thursday, the software giant highlighted proof-of-concept documentation, or sample software code to illustrate how a flaw might be used to attack a system, from two security software makers: Finjan Software and Core Security Technologies.

While Microsoft said it backs the disclosure of vulnerabilities and proof-of-concept code, a common practice in the IT security industry, it criticized the companies for publishing their test code mere hours after security patches had been released for the reported flaws.

"Microsoft will continue to support and advocate responsible disclosure, because we find it to be a vital tool to effectively identify and remedy security issues," the company said in its notice. "Microsoft is concerned that the publishing of proof-of-concept code within hours of the security updates being made available has put customers at increased risk."

Shortly after some of Core's proof-of-concept work was aired, an individual modified some of the code to create an actual threat, Microsoft said. The malicious code could expose computer users who have not yet installed its updates to attack.

http://techrepublic.com.com/5100-22_11-5574966.html