IE flaw gives hackers access

Microsoft warned yesterday that a flaw in its Internet Explorer browser gives attackers access to files stored on a PC under certain conditions, reports the BBC.

"Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in protected mode, an attacker may be able to access files with an already known file name and location," Microsoft said in a security advisory.

The vulnerability requires that an attacker knows the name of the file they want to access, it said.

A report into the security of Internet banking systems has found that one of the biggest problems is the reuse of log-in passwords on multiple sites, says Computing.co.uk.

Online security firm Trusteer monitored over four million computers for a year, and found that 73% of Internet banking customers used the same password for their online banking services as they did for other, less secure, sites.

"Using stolen credentials remains the easiest way for criminals to bypass the security measures implemented by banks to protect their online applications, so we wanted to see how often users repurpose their financial service user names and passwords," says Amit Klein, chief technical officer at Trusteer, and head of the company's research organisation.

After removing Google's Android driver code from the Linux kernel, Novell Fellow and Linux developer Greg Kroah-Hartman has argued that the mobile operating system is incompatible with the project's main tree, writes The Register.

Kroah-Hartman deleted the Android drivers on 11 December - Android code is no more as of version 2.6.33 of the kernel release - and yesterday, with a post to his personal blog, he explained the move in detail.

"No one cared about the code, so it was removed," he wrote. "As I've stated before, code in the staging tree needs to be worked on to be merged to the main kernel tree, or it will be deleted."

The group behind the world's most popular smartphone operating system - Symbian - is giving away "billions of dollars" worth of code for free, states PC World.

The Symbian Foundation's decision to make its code open source means that any organisation or individual can now use and modify it "for any purpose".

Symbian has shipped in more than 330 million mobile phones, the foundation says.