The ward is a factory for the Combine
Category Archives: Security
We (the folks behind the options handle) run a blog JAWW and would not like at all for you to use it. Although our basic service is free, we do plan to charge you for advanced features such as <to be done, please help me — comments on what advanced features we could charge you are greatly appreciated ;->.
Our blog is designed to give you as little control and ownership over what goes on our blog as possible and encourage you to not express yourself freely, but instead, be responsible in what you send us in your comments.
In particular, make sure that none of the prohibited items listed below appear on comments or get linked to from comments (things like spam, viruses, hate content, etc), i.e. work by the Super-Akismet yourself, guys.
Please make sure you read through the list and the rest of the terms and disagree with them before you get started to comment or contribute by another means on this blog.
The options.WordPress.com (currently titled ‘JAWW’) is a hosted on the WordPress.com domain and completely owned by Automattic Inc. (see below; to be done) blog (hereafter “Blog”) operated by poor me (“poor me”).
Responsibility of Contributors
If you comment on this Blog, post material to this Blog, post links on this Blog to material on, or otherwise make material available by means of this Blog (any such material, “Content”), you are entirely responsible for the content of, and any harm resulting from, that Content. That is the case regardless of whether the Content in question constitutes text, graphics, an audio file, or computer software. By making Content available, you represent and warrant that:
- the downloading, copying and use of the Content will not infringe the proprietary rights, including but not limited to the copyright, patent, trademark or trade secret rights, of any third party;
- if your employer has rights to intellectual property you create, you have either (i) received permission from your employer to post or make available the Content, including but not limited to any software, or (ii) secured from your employer a waiver as to all rights in or to the Content;
- you have fully complied with any third-party licenses relating to the Content, and have done all things necessary to successfully pass through to end users any required terms;
- the Content does not contain or install any viruses, worms, malware, Trojan horses or other harmful or destructive content;
- the Content is not spam, and does not contain unethical or unwanted commercial content designed to drive traffic to third party sites or boost the search engine rankings of third party sites, or to further unlawful acts (such as phishing) or mislead recipients as to the source of the material (such as spoofing);
- the Content is not obscene or libelous, and does not violate the privacy or publicity rights of any third party; and
- you have, in the case of Content that includes computer code, accurately categorized and/or described the type, nature, uses and effects of the materials, whether requested to do so by poor me or otherwise.
By submitting Content to poor me for inclusion on this Blog, you grant poor me a world-wide, royalty-free, and non-exclusive license to reproduce, modify, adapt and publish the Content with commercial (and not only, poor me needs earning money) purposes by displaying, distributing and promoting your material.
If you want to delete Content, poor me may (or may not, depending upon our current mood and a good will level) use reasonable efforts to remove it from the Blog, but you acknowledge that caching or references to the Content may not be made immediately unavailable.
Without limiting any of those representations or warranties, poor me has the right (though not the obligation) to, in poor mine sole discretion (i) refuse or remove any content that, in poor mine reasonable opinion, violates any poor mine policy or is in any way harmful or objectionable, or (ii) terminate or deny access to and use of the Blog to any individual or entity for any reason, in poor mine sole discretion. poor me will have no obligation to provide a refund of any amounts previously paid.
Secunia Advisory: SA20153 Release Date: 2006-05-19 Critical: Extremely critical Impact: System access Where: From remote Solution Status: Unpatched Software: Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office XP
Microsoft Word 2002
Microsoft Word 2003
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an unspecified error. This can be exploited to execute arbitrary code.
NOTE: This vulnerability is being actively exploited.
The vulnerability has been reported in Microsoft Word 2002 and Microsoft Word 2003.
“We are still analyzing the trojan dropped by the exploit. What we do know is that it communicates back to localhosts[dot]3322[dot]org via HTTP. It is proxy-aware, and “pings” this server using HTTP POSTs of 0 bytes (no data actually POSTed) with a periodicity of approximately one minute. It has rootkit-like functionality, hiding binary files associated with the exploit (all files on the system named winguis.dll will not be shown in Explorer, etc.), and invokes itself automatically by including the trojan binary in
Note that, as of this morning, no anti-virus signatures detected this file as problematic according to virustotal.com