Robin Majumdar 2.0

PHPizabi, makers of one of the more feature-packed and popular social networking systems, announced earlier this afternoon a fix for a critical security flaw which could allow a malicious user to intercept the site owners MD5 password by exploiting a weakness in the usercomments.php script.

Although MD5 passwords are indeed encrypted, a commited cracker could decrypt the password using a powerful enough compute cluster and appropriate software.

We are sorry for the inconvenience

Grrr, this has been my experience with Windows Live OneCare 2.0 … after having uninstalled the 1.5 version of OneCare and installed the 90 day trial of the 2.0 release…. I suspect there is some file that the scanner engine doesn’t like, because I get this mysterious

Service Executable has encountered a problem and needs to close. We are sorry for the inconvenience.

message….

It is MsMpEng.exe that is crashing - version 1.5.1941.0 - along with mpengine.dll version 1.1.3109.0 which is the associated library. This is strange as it seems to be the Windows Defender component that is having a hard time…

Sigh…. if you are experiencing this in your Windows Defender and/or Windows Live OneCare setup, please leave me a comment!

Screenshot of the Service Executable crash info…

Oui, si vous avez des contacts qui vous envoi des liens vers le site www.solvurus.info par MSN Messenger (ou Windows Live Messenger) c’est que leurs ordinateurs sont infectés par un virus.

De plus, www.solvurus.info est un site qui prétends vous permets de savoir qui vous a bloqué sur MSN … mais a condition que vous leur donnez votre compte et mot de passe MSN / Hotmail / Windows Live Messenger… euh.. non merci!

Now in English:

If you have contacts in Windows Live Messenger - or MSN Messenger - sending you links by IM to a site www.solvurus.info .. their machine is infected with a Trojan and propagating virally through their instant messenger. In other words: warn them, and do not click on the links.

In addition, solvurus.info is a site purporting to let you find out who has blocked you on MSN Messenger… as long as you provide them with your MSN / Windows Live Messenger / HotMail credentials … no thanks!

A message we received just moments ago explaining the Doubleclick Performics data centre outage earlier today! Hopefully tracking affected will not include revenue loss!! (their statement is pretty vague)…

DoubleClick Performics experienced a system outage due to a complete power failure at our data center at approximately 9:30 a.m. CST on Saturday, Dec. 8, 2007 . While data was protected, the issue affected tracking, links and system availability. Power was restored and tracking and links were operational by approximately 2:30 p.m. CST. The interface experienced intermittent downtime throughout the afternoon but tracking is operational.

We sincerely apologize for this situation. The root cause remains under investigation and updates will be forthcoming as more is known.
DoubleClick Performics

Hmm Commissin Junction being the premier affiliate program that it is, I was real surprised to see the following trying to log in to the CJ Publisher site:

(I guess Resin is their inhouse system)

(more…)