Berkeley CSUA MOTD:Entry 33532
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/07/08 [General] UID:1000 Activity:popular
7/8     

2004/9/14-15 [Computer/SW/OS/Windows] UID:33532 Activity:moderate
9/14    Another day, another critical Windows vulnerability:
        Buffer overflow in JPEG reading code could lead to arbitrary code
        execution, crying baby Jesus.
        http://www.pcworld.com/news/article/0,aid,117776,00.asp
        \_ Don't worry, the attacker would have to persuade the user to
           open a jpg!  How likely is that?
           \_ email worm in 3, 2, 1...
        \_ if only they would hire more permanent engineers instead
        of contractors who dont give a rats ass...

9/e     Shit
2025/07/08 [General] UID:1000 Activity:popular
7/8     

You may also be interested in these entries...
2013/3/25-5/18 [Computer/SW/OS/Windows] UID:54639 Activity:nil
3/25    It's strange that only every other Windows version is a hit.
        NT 4.0: hit
        2000:   flop
        XP:     hit
        Vista:  flop
        7:      hit
	...
2013/2/19-3/26 [Computer/SW/OS/OsX] UID:54611 Activity:nil
2/19    I program a lot by sshing to a Linux cluster.  So I'm used to using
        Xemacs to code.  This works fine from a Linux or Windows workstation,
        but sometimes I have to use a Mac.  On Mac, the meta is usually
        bound to option, but that often doesn't work over ssh for some reason.
        This makes using emacs a real pain.  Any suggestions on how to fix it?
        (Other than "use vi")
	...
2012/3/15-6/1 [Computer/SW/Languages, Computer/SW/OS/Windows] UID:54340 Activity:nil
3/15    Why does MS put double-quotes around the '8' in Windows Server 8, like
        the following?
        - Windows 8
        - Windows Server "8"
        \_ Because when they didn't do it, code didn't see the '\0'
           and went over?  Looks better than '8','\0' *shrug*
	...
2012/2/23-3/26 [Computer/SW/OS/Windows] UID:54312 Activity:nil
2/23    fixboot wrote FAT boot sector to my WinXP hard drive.  How can I convert
        the drive back to NTFS?
        \_ Does C:\WINDOWS\system32\convert.exe work?
	...
2011/12/21-2012/2/6 [Computer/HW/Laptop, Computer/SW/Editors/Emacs] UID:54269 Activity:nil
12/21   In Emacs, how do I make it so that it will resize its screen
        when the maximum resolution of my monitor changes? When I
        use my laptop, my emacs is too big (and I can't resize it
        because the bottom-right corner is not accessible).
        \_ Which OS?  Can't you drag the top border (not a corner) to resize
           the height to be smaller?
	...
2011/12/23-2012/2/6 [Computer/Rants] UID:54271 Activity:nil
12/23   http://venturebeat.com/2011/12/22/uc-berkeley-google-apps
        Oh noes! What Would Bill Gates Do?
        \_ http://lauren.vortex.com/archive/000701.html
           Microsoft to Transition Corporate IT to Google Apps
	...
2011/11/27-2012/1/10 [Computer/HW/Drives] UID:54244 Activity:nil
11/27   CalMail has been down for a few days (hardware failure and database
        corruption -- sounds like fun!) and is starting to come back online.
        Looks like they're planning to outsource all campus mail to either
        Google Apps or Microsoft 365 as part of Operational Excellence.
        <DEAD>kb.berkeley.edu/jivekb/entry!default.jspa?externalID=2915<DEAD>
        \_ http://ist.berkeley.edu/ciocalmailupdates/november-30-2011
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/5/19-7/30 [Computer/SW/Security] UID:54110 Activity:nil
5/19    Uh, is anyone still using this? Please mark here if you post and
        haven't added this yet. I'll start:
        \_ person k
        \_ ausman, I check in about once a week.
        \_ erikred, twice a week or so.
        \_ mehlhaff, I login when I actually own my home directory instead of
	...
Cache (1933 bytes)
www.pcworld.com/news/article/0,aid,117776,00.asp
Microsoft Warns of Critical JPEG Flaw Handling of images could allow an attacker to take over your PC. Joris Evers, IDG News Service Tuesday, September 14, 2004 A security flaw in the way many Microsoft applications process JPEG images could allow an attacker to gain control over a computer running the software, Microsoft warned this week. To take advantage of the flaw, an attacker would have to persuade a user to open a specially crafted image file. The image could be hosted on a Web site, included in an e-mail or Office document, or hosted on a local network, Microsoft says. Net Framework and third-party applications that distribute their own copy of the vulnerable JPEG parsing engine may also be vulnerable, Microsoft says. Software updates to correct the flaw in its products are available from Microsoft. The software maker also offers a tool to scan a PC for certain installed products that are known to contain the vulnerable JPEG image processing engine. Microsoft's rating system for security issues, vulnerabilities that could allow a malicious Internet worm to spread without any action required on the part of the user are rated critical. Issues that will not lead to the spread of a worm without any action taken by the user, but could still expose user data or threaten system resources, are rated important. The JPEG flaw was reported privately to Microsoft and it was not disclosed prior to the release of the warning and patches, the software maker says. There have been no reports of the issue being exploited, Microsoft says. warned of a flaw in the WordPerfect 5x Converter that it supplies as part of Office 2000, Office XP, Office 2003, and recent editions of its Works Suite. The WordPerfect converter flaw, which Microsoft rates "important," could allow an attacker to gain full control over a victim's PC, Microsoft says. A software patch is available for the vulnerable products to fix the problem.