Blogs

DLL Preloading remote attack vector (2269637)

http://www.microsoft.com/technet/security/advisory/2269637.mspx

This attack vector allows for the loading of malicious dynamic-link
libraries (DLLs) when loading certain programs in the Windows operating
system. It is due to applications not specifying the full path to the
trusted library to use in the programming code.

DLL Preloading remote attack vector (2269637)

http://www.microsoft.com/technet/security/advisory/2269637.mspx

This attack vector allows for the loading of malicious dynamic-link
libraries (DLLs) when loading certain programs in the Windows operating
system. It is due to applications not specifying the full path to the
trusted library to use in the programming code.

Wordpress 2.9.2 security update

http://core.trac.wordpress.org/ticket/11922

Release overview:
http://core.trac.wordpress.org/query?
status=closed&group=resolution&order=priority&milestone=2.9.2&resolution
=fixed

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Pages