Unofficial patch for Windows URI bug posted; 'Hasta la vista' to bill on data breach costs

Security News Alert This newsletter is sponsored by Awareness Technologies Inc Learn how Desktop Agents Protect your Network Discover how desktop agents better protect against negligent employees and criminal activities from within your company. Learn how you can monitor Webmail, capture typed information, capture screen-based images and monitor off-net activities on every PC. Find out how you will significantly reduce all internal security threats with desktop agents. Network World's Security News Alert, 10/17/07 Researcher posts unofficial patch for Windows URI bug, 10/15/07: A researcher beat Microsoft to the patch punch Sunday by publishing an unofficial fix for a critical flaw in Windows XP and Server 2003 on PCs with Internet Explorer 7. Governor says 'Hasta la vista' to bill on data breach costs, 10/15/07: In a move that is likely to come as a major relief to retailers nationwide, California Gov. Arnold Schwarzenegger on Saturday vetoed legislation that would have made merchants in his state financially liable for the costs incurred by financial institutions because of retail data breaches. Trojan imitates Skype, steals login credentials, 10/17/07: Security analysts are warning of another malicious software program masquerading as an installer file for Skype. Webcast: Get the latest on NAC Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected. To learn more click here. Phishers move beyond eBay, PayPal, 10/16/07: EBay and PayPal, once the primary lures used by phishers to trick e-mail users into giving up personal information, aren’t as popular as they used to be. Oracle ships critical update for database, applications, 10/17/07: Oracle released its latest critical patch update on Wednesday, fixing 51 vulnerabilities in a range of products, including its flagship database line. After New York investigation, Facebook to beef up safety, 10/17/07: Facebook will step up the policing of pornography, harassment and inappropriate behavior on its social networking site, settling a consumer fraud investigation by New York State Attorney General (AG) Andrew Cuomo. Google testing YouTube antipiracy system, 10/16/07: Google has unveiled a test version of a much-awaited antipiracy system for its wildly popular yet controversial YouTube video-sharing site. Who needs NAC anyway?, 10/16/07: Network-access control still has a way to go before it becomes a standard component of network security in most companies, but signs of growth are there, with vendors predicted to sell $629 million in NAC enforcement appliances by 2010, according to Infonetics. In the meantime, for those who are undecided whether to jump into the NAC frenzy here are the answers to some important NAC issues. Windows security compliance tool debuts, 10/16/07: Promisec Tuesday is announcing a security compliance and configuration management tool for large Windows networks. Symantec to snap up Vontu?, 10/16/07: Rumors are swirling that Symantec may acquire start-up Vontu in a deal that hardly would come as a surprise, as large security giants scramble to add data-leak prevention technology to their product portfolios. Microsoft switching SharePoint to claims-based authentication, 10/16/07: Microsoft is replacing the authentication system for SharePoint Server and plans to make the collaboration platform one of the first of the company’s marquee applications to rely on a new claims-based identity model. How to get a grip on AJAX security, 10/15/07: Asynchronous JavaScript + XML (AJAX), the technology of choice today for building powerful, interactive Web applications, comes at a price. If developers aren't careful they will pay that price in security. The Network World IT Buyer's Guides provide comprehensive, detailed information on how to select, test, buy and deploy thousands of network and IT products. The new Network World IT Buyer's Guides offer even more features than before, here's just one that's worth checking out: Messaging Security

MOST-READ STORIES: 1. Funniest Microsoft videos on YouTube 2. Greenpeace: iPhone is toxic 3. Security companies to watch 4. Top 10 strategic technologies for 2008 5. Cisco buyout rumor mill focused on WiMAX 6. Salary survey: IT pay falls short 7. Could you be an Internet researcher? 8. Price drop puts Level 3 in CDN spotlight 9. Court won't let Microsoft, Best Buy off hook 10. Cell/Wi-Fi convergence based on novel approach MOST-VIEWED VIDEO: Cool Tools: Charging devices on the go

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by Awareness Technologies Inc Learn how Desktop Agents Protect your Network Discover how desktop agents better protect against negligent employees and criminal activities from within your company. Learn how you can monitor Webmail, capture typed information, capture screen-based images and monitor off-net activities on every PC. Find out how you will significantly reduce all internal security threats with desktop agents. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007