Top Security News Microsoft Patches Fix Image Vulnerabilities Critical fixes arrived for Microsoft applications in the August edition of their Patch Tuesday round of updates, including corrections for overflow vulnerabilities... Georgia, Russia Engaged In Cyber War Sites for Georgia fled the country in favor of hosting elsewhere as numerous DDOS attacks from Russia took out Georgian web properties. In looking at the ongoing digital conflict taking place, it appears if there is... Subway Card Hackers Can't Talk At Defcon A trio of MIT students planned to talk about the Boston subway's inherent problems with its payment card system, but an injunction took their presentation... Critical Microsoft Patches Arriving Tuesday With a dozen patches on tap for Microsoft for August 12th, security pros should note seven of them will arrive as fixes for critical issues. A Critical-rated patch... Thursday:08.14.08 Software clients from BitTorrent and uTorrent contain critical vulnerabilities that could permit remote code execution. The BitTorrent protocol permit fast sharing of files through a peer to peer process. Since people use it to move copyrighted material as well as works not restricted that way, the usage of P2P continues to be controversial. Security matters about the protocol are anything but controversial. When there is a flaw, someone will try to exploit it, and the popular appeal of BitTorrent makes it likely such an attempt could affect a lot of people. That makes the report out of security issue tracker Secunia, which said a stack based buffer overflow could be triggered by opening a .torrent file with an overly long "created by" field. The use of uTorrent's code in the BitTorrent client makes it vulnerable in similar fashion. Save Valuable Time and Resources with the Peer1 ValuePro Managed Hosting Plan Users of uTorrent can upgrade to the 1.8 RC7 version to eliminate the problem. The BitTorrent client has no solution or workaround available other than to avoid opening untrusted .torrent files. It's not news, it's MSNBC spam: If MSNBC felt left out while all of that fake CNN spam hit inboxes everywhere, they can stop worrying. Junk messages leading people to a phony CNN video codec, actually a disguised Trojan file, now have a copycat MSNBC version in circulation. PandaLabs said on their blog they witnessed MSNBC Breaking News spam leading people to the same fake CNN file. The security vendor said they expect to see more copycat spam in other variations hit the Internet in coming days. About the Author: David Utter is a business and technology writer for SecurityProNews and WebProNews. SecurityProNews is brought to you by: SecurityConfig.com NetworkingFiles.com ITmanagementNews.com NetworkNewz.com DatabaseProNews.com SQLProNews.com ITcertificationNews.com SysAdminNews.com LinuxProNews.com WirelessProNews.com About SecurityProNews SecurityProNews is updated in real time with vital internet security alerts, news and in-depth articles for IT Managers. SecurityProNews understands that IT Management Begins With Security. Advertising Newsletters Corporate Info Site Map Support © 2008 SecurityProNews. An email newsletter. , Inc. 2549 Richmond Rd. Lexington KY, 40509 All Rights Reserved. Terms under which this service is provided to you. Read our privacy policy. Contact us. SecurityProNews is part of the iEntry Inc. Network of sites and newsletters.