Microsoft knew of critical IE bug

Microsoft yesterday confirmed it has known about a bug behind widespread Internet Explorer (IE) attacks for more than a year, but defended its security process against critics, reports Computerworld.

According to Mike Reavey, director of Microsoft's Security Response Centre, the company first got word of a critical flaw in an ActiveX control in early spring 2008. The bug can be exploited through IE6 and IE7 on Windows XP.

Two researchers, Ryan Smith and Alex Wheeler, reported the bug to Microsoft when they worked together at IBM's ISS X-Force in 2007. Although both Smith and Wheeler have declined to say when they reported to vulnerability, the bug's common vulnerabilities and exposures) number pointed to an early 2008 reporting date.

BT has announced 69 more locations that will have superfast fibre-based broadband services available by summer 2010, says Computing.co.uk.

Towns across the country will see fibre to the cabinet installed, with a minority also having fibre to the premises.

BT said a million homes will have access to high-speed broadband by March next year, with a further half a million live by summer. The telecoms giant is spending £1.5 billion on the roll-out, which aims to have 10 million homes connected by 2012 - some 40% of the UK.

A North Carolina teenager has been arrested and accused of phoning in bomb threats to schools and universities so he could charge admission for people to watch in real-time over Web cams as police responded, reports The Register.

Ashton Lundeby, 16, of Oxford, North Carolina, took part in a group that used VOIP software and online gaming services to pull off the public stunts, which attracted hundreds of spectators, according to documents filed in federal court, in Indiana, this week.

"The conspirators created a 'channel' over which members of the conspiracy could broadcast their misdeeds to as many as 300 individuals simultaneously," the indictment states. "The audience was then able to hear the hoax bomb threat call, or other threat, and watch the law enforcement response or the public evacuation on the channel."

Korea is experiencing a third wave of suspected cyber attacks. One of the country's biggest banks, a leading national newspaper and the South Korean spy agency appear to have been targeted, reports the BBC.

Some reports suggest the attacks might be the work of North Korea. South Korea and the US reported similar attacks earlier in the week, with the White House and the Pentagon targeted.

The South Korean government, and the country's Internet service providers, are still trying to fight off what appears to be a deliberate attempt to shut down major Web sites that began earlier this week.