Miles Associates LLC

Sounds like it is time to upgrade to IE 8; I have had no problems with IE 8, using it over the last several months:

Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that … Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 are affected.

The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code.

At this time, we are aware of no attacks attempting to use this vulnerability against Internet Explorer 6 Service Pack 1 and Internet Explorer 7.

via Microsoft Security Advisory 977981: Vulnerability in Internet Explorer Could Allow Remote Code Execution.

When you’re traveling this holiday season, you can enjoy free WiFi at 47 participating airports and on every Virgin America flight. Just bring a WiFi-enabled laptop or mobile device and stay connected to family and friends for free while you travel now through January 15, 2010.

via Free WiFi – A 2009-2010 Holiday Gift from Google.

In a statement, T-Mobile said it is working to get its service back up and running.

“T-Mobile customers may be experiencing service disruptions impacting voice and data,” the company said in a statement. “Our rapid response teams have been mobilized to restore service as quickly as possible. We will provide updates as more information is available.”

The above was at 8:00 pm Atlanta time.

Update 6:24 p.m. PT: T-Mobile issued an updated statement saying it now believes only 5 percent of customers are experiencing outages.

via T-Mobile experiencing widespread outage | Beyond Binary – CNET News.

Great insightful article with several nuggets that  I found to be timely refreshers; via Leadership Insights from Executive Velocity: Leadership: Trick or Treat?.

…Given the compelling case for securing the enterprise, why do CEOs fail to invest more in security solutions? Does this simply represent a failure of IT and security staff to make a compelling business case? Or are the CEOs in fact being short-sighted?

…Risk management is the only rational way to frame the debate…The management decision is one of making rational trade-offs between the probability of an event, and the cost of reducing that possibility – but not eliminating it…
…
Security spending for compliance, then, is a given. And while compliance spending may not comprehensively protect the enterprise against a breach, it does provide one important bit of protection: liability. From the CEOs perspective, while the cost per record of responding to a breach may be high, its nowhere near the potential cost of lawsuits resulting from said breach. And achieving compliance appears to provide a liability shield.

via Is Compliance the New Security Standard?.

A new zero-day bug affecting Adobe Reader and Acrobat is being exploited in the wild. Though the vulnerability affects the products on Unix, Mac and Windows systems, the exploit observed in the wild is focused on Microsoft Windows for the moment.

Adobe is warning users about a critical vulnerability in versions of Adobe Reader and Acrobat that is being exploited in targeted attacks.

via eWeek.

Google’s Gmail and Yahoo’s Mail were also targeted by a large-scale phishing attack, perhaps the same one that harvested at least 10,000 passwords from Microsofts Windows Live Hotmail, according to a report by the BBC.

via networkworld.com.