The next version of Microsoft’s much criticized Internet Explorer browser is being built to resist hijacking attempts by spyware and other malicious software, according to a Microsoft developer.

Rob Franco, lead program manager for IE Security at Microsoft, wrote in a blog entry on Thursday that Internet Explorer 7 for Longhorn will contain a feature called “low rights IE.” The feature essentially removes administrator rights, so that the system will not allow unknown applications, such as spyware and other potentially dangerous code, to be installed without express permission from the user.

Source: News.com

A security flaw in the installation of Adobe’s License Management Service has put customers at risk of privilege escalation attacks, according to a warning from the software maker.

An advisory from Adobe Systems Inc. said the vulnerability affects multiple products, including the widely used Adobe Photoshop CS, Adobe Creative Suite 1.0 and Adobe Premiere Pro 1.x.

The company has provided updates with instructions on its Web site.

Software developer Macromedia Inc. has released patches rated “important” for a privilege escalation vulnerability in multiple products in the Macromedia MX 2004 suite.

The bug is similar to the license management flaw patched by Adobe and affects a range of Macromedia applications, including Studio, Studio with Flash Professional, Flash Professional, Flash, FreeHand, Dreamweaver, Fireworks, and Director, Captivate and Contribute 2.x.

Hotfixes and updating instructions are available for download here.

Internet security specialist Symantec Corp. has rolled out new versions of its pcAnywhere remote control tool to fix a potentially serious security hole.

In an online advisory, Symantec warned that the flaw could be exploited by malicious, local users to gain escalated privileges.

Affected products include pcAnywhere 9.x, 10.x and 11.x.

Source: eWeek

Visa USA today announced the rollout of new patent-pending technology that can help stop card fraud before it
occurs, right at the checkout line. Called Advanced Authorization, the new technology will give all Visa cardholders, merchants and financial institutions powerful, new fraud protection, and prevent an estimated $164 million in fraud losses over the next five years.

Visa is the first in the industry to introduce technology like Advanced Authorization that instantaneously detects potential fraud occurring not only on individual cardholders’ accounts, but throughout the Visa network. This dynamic capability allows Advanced Authorization to pinpoint and address coordinated attacks on multiple accounts in real time. While high-tech fraudsters have devised ever-more sophisticated attacks, Visa is fighting back with new technology to detect these emerging threats and help shut them down on the spot.

When a Visa card is swiped, Advanced Authorization provides an instantaneous rating of that transaction’s potential for fraud to the financial institution that issued the card, including whether it was part of a reported data security compromise.

The Issuer is then able to send an immediate response back to the merchant whether to accept or decline the transaction, based in part on the sophisticated evaluation provided by Visa’s Advanced Authorization. This new technology is being applied to every Visa credit and check card purchase today. Issuing financial institutions determine how to incorporate the expanded fraud information into their existing risk systems.

Yahoo Inc., owner of the most-visited Web site, may consider developing its own Internet browser to help attract more users and advertisers toits Web sites, Chief Executive Officer Terry Semel said.

“You could look to Yahoo to do most everything that makes sense on the Internet going forward,” Semel said Friday in an interview in New York. Developing a browser may make sense “at some point in time,” he said.

Yahoo ranks second to Google Inc. in Internet search and is fighting to attract users and the advertisers that seek to reach them. Google is stepping up competition with Yahoo by adding products such as a personalized home page and online maps. Developing a browser could help both companies further lock in users to their Web sites.

Source: Inside Bay Area

Symantec will soon launch a redesigned website trying to make online experience more productive and easier. The new site provides tailored tools and information for Enterprise, Small Business and Consumer customers, including: Streamlined access to products & service, Improved search, Security alert warnings, Self-service support and Simplified online purchasing.

Although the content on the Preview site is complete, it may not be as up-to-date as the live site.

Symantech opened a preview site where you can explorer and submit feedback.

Visit Symantech Preview Site.

A man was arrested Monday for allegedly setting up a phony Internet portal site to lure victims into giving personal data, an official said. Police said it was Japan’s first arrest linked to a form of identity theft called phishing.

Kazuma Yabuno, a 42-year-old office worker in the western city of Osaka, was taken into custody and accused of violating copyright and unauthorized access laws, a Tokyo Metropolitan Police official said on condition of anonymity.

Yabuno allegedly defrauded users with his phony Yafoo! Japan site, which closely resembled — and has the same pronunciation in Japanese as — that of popular Net portal and auction site operator Yahoo! Japan, the official said.

Police were investigating whether Yabuno came up with the scam to steal credit card information and other sensitive information.

Source: AP

Nokia today said it was developing a new mobile phone web browser based on Apple’s Mac OS X application, Safari.

Nokia is using Safari’s open source components, which Apple once again touted last week at its Worldwide Developers Conference. To be fair, Nokia owes as much to the KDE open source project as it does to Apple, since that’s the basis on which the Mac maker worked.

Nokia will use the Apple code to create a browser for its Series 60 user-interface, which itself sits on top of the Symbian OS. So too does Nokia’s Series 80 UI, which will presumably continue to use the Opera browser after Nokia licensed it in March.

Source: The Register