Home / Culture and Society / Science and Technology / Microsoft, Mozilla, and Stock Scammers – The BugBlog Report 11/13/06

Microsoft, Mozilla, and Stock Scammers – The BugBlog Report 11/13/06

Please Share...Print this pageTweet about this on TwitterShare on Facebook0Share on Google+0Pin on Pinterest0Share on Tumblr0Share on StumbleUpon0Share on Reddit0Email this to someone

Here are some of the most significant bugs from the past week in the BugBlog:

Microsoft eliminated a number of file import filters for some really old file formats. According to Microsoft, Excel 2007 won't be able to open or save in these formats: WK1 (1-2-3), WK4 (1-2-3), WJ3 (1-2-3 Japanese) (.wj3), WKS (1-2-3) WK3 (1-2-3), WK1,FMT(1-2-3), WJ2 (1-2-3 Japanese) (.wj2), WJ3, FJ3 (1-2-3 Japanese), DBF 2 (dBASE II), WQ1 (Quattro Pro/DOS), WK3,FM3(1-2-3), Microsoft Excel Chart (.xlc), WK1,ALL(1-2-3), WJ1 (1-2-3 Japanese) (.wj1), and WKS (Works Japanese) (.wks). Chances are, if you've been plugging away on a DOS version of Lotus 1-2-3, I guess you aren't the type of computer user contemplating a jump to Office 2007.

There is a bug in the way Mozilla Firefox, Thunderbird, and SeaMonkey handle RSA digital signatures. If the signatures use a low exponent, they could be forged. Mozilla fixed this in Firefox 2, but the fix was incomplete in Firefox They have come out with a bug fix release — Firefox and Thunderbird version, and SeaMonkey 1.0.6 — to take care of this and a few other bugs. Mozilla credits Ulrich Kuehn for finding this bug. Also, Mozilla notes they will continue to produce security and stability updates for Firefox 1.5.0.x through 4/27/2008. By that time, they probably hope everyone has upgraded to Firefox 2.0.

Overnight, I got emails from Darren, Rickie, Aron, Malinda, Carmen, Rita, Erin, Belinda, Hilary, Young, Odell, Tammie, Logan, Carlos, Addie, Maribel, Zachary, and Tristan. (What, no Isolde?) They all come with the subject line of "It's [name] :)" and they talk about a hot stock certain to zoom up in price. There are no links in the email, so it's not a phishing attack, and there's no attachment. There's often a couple of lines of wire-service news copy at the bottom to throw off the spam filters. This is just an old-fashioned stock tip scam, often referred to as a "pump and dump". People think they've received a hot tip, they buy the stock, pumping up its price. The scamsters, who bought the stock for pennies, dump it when the price goes up. Lucky me, I got a tip on seventeen different hot stocks last night.

Powered by

About Bruce Kratofil