SECURITY...

• Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting - Greyhats' Paul has discovered a vulnerability in Internet Explorer (example), which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to an error in the DHTML Edit ActiveX control when handling the "execScript()" function in certain situations. This can be exploited to execute arbitrary script code in a user's browser session in context of an arbitrary site. The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.
• Microsoft Fixes "Critical" XP Firewall Issue - As I mentioned earlier, Microsoft has quietly released an update to Windows XP to fix a potentially serious configuration problem in the firewall that ships as part of Windows XP Service Pack 2. Users who installed SP2 on their Windows XP machines and also have file and printer sharing enabled may have been sharing their files and printers with the entire Internet, according to Microsoft. By default, file and printer sharing makes changes to the SP2 firewall to give computers on the "local network" access to shared resources. However, the definition of that local network depends on the Internet service provider. In some cases, especially with dial-up ISPs, it meant the entire Internet, according to Microsoft
• Microsoft Download Notifications - Stay up-to-date with the latest updates, additions, trial software, service packs, and more from the Microsoft Download Center.
• Christmas card virus hits one in 10 emails - The Zafi-D worm (W32/Zafi-D), discovered earlier this week posing as a Christmas greeting, is spreading rapidly around the world. IT security experts have reported that the virus is currently accounting for around three-quarters of all virus reports, with some estimates suggesting that the infection is present in as many as one in 10 emails.
• Students uncover dozens of Unix software flaws - Students have found some 44 security flaws in various Unix applications, according to a list of advisories posted online. The flaws, which range from minor slipups in rarely used applications to more serious vulnerabilities in software that ships with most versions of the Linux operating system, were found as part of Bernstein's graduate-level course at the University of Illinois at Chicago.
• Sony to start copy-protecting US CD releases from early 2005 - Sony is set to start copy-protecting its music CDs early next year following experiments with an anti-copy technology by First 4 Internet. They have successfully used this technology on recent prerelease discs. Sony has been aiming to copy protect all its music for quite a while now, but have decided against it until they got a solution that is compatible with all playback equipment.

OFF-TOPIC...

• Bill Gates Answers Most Frequently Asked Questions - Microsoft Chairman and Chief Software Architect Bill Gates answers the questions he is asked most frequently, including the secret to his success.
• Car self-destructs in assassination bid -  A middle-aged Frenchman has become the latest victim of murderous technology after his car exploded as he activated the central locking system. The unnamed victim from Valenciennes used his electronic key to unlock the vehicle, at which point a spark from the security system ignited leaked gas from cylinders the man had rather ill-advisedly stored in the boot. The car was completely totalled in the blast, while the flying Frenchman as whisked to hospital with facial injuries.
• Major Climate Change Occurred 5,200 Years Ago - A professor of geological sciences at Ohio State and a researcher with the Byrd Polar Research Center, Thompson points to markers in numerous records suggesting that the climate was altered suddenly some 5,200 years ago with severe impacts.
• Pfizer Celebrex Trial Stopped After Heart Attacks - Pfizer Inc. on Friday said patients taking its blockbuster arthritis drug Celebrex (homepage) in a long-term cancer-prevention trial had more than twice the number of fatal or non-fatal heart attacks as those taking a placebo. In related news, Dining regularly on a "Polymeal", devised with ingredients to boost the health of the heart and blood vessels, could cut the risk of cardiovascular disease by more than three-quarters, researchers claim. They say feasting on fish, garlic, almonds, fruits and vegetables, dark chocolate, all polished off with a glass of wine could substantially reduce the risk of problems such as heart attack when compared with the general population.

TECHNOLOGY...

• Symantec to buy Veritas for $13.5 billion - In a long-rumored move, security software maker Symantec said Thursday that it will buy storage specialist Veritas Software in a deal worth roughly $13.5 billion.
• iTunes Music Store Downloads Top 200 Million Songs - Apple today announced that music fans have purchased and downloaded more than 200 million songs from the iTunes Music Store. The 200 millionth song was part of "The Complete U2" and was purchased by Ryan Alekman from Belchertown, MA. iTunes has made it easy to give the gift of music this holiday season with iTunes prepaid cards that are available from retailers like Amazon.com, Best Buy, Circuit City, CompUSA, Kroger, RadioShack, 7-Eleven, Target, as well as Apple's online store and Apple's retail stores and offer $15 or $25 of music on the iTunes Music Store.
• Microsoft Acquires Anti-Spyware Leader GIANT Company - Microsoft today announced that it has acquired GIANT Company Software Inc., a provider of top-rated anti-spyware and Internet security products. Microsoft will use intellectual property and technology assets from the acquisition to provide Microsoft Windows customers with new tools to help protect them from the threat of spyware and other deceptive software. In addition, key personnel from GIANT Company will be joining Microsoft's security efforts.
• Multicore Chips May Push Intel Off Its Bus - As Intel moves in step with the rest of the chip industry toward the multicore design era, it is preparing to overhaul the memory bus architecture that has served it well for so many years, according to company executives and analysts. Multicore processor designs are considered the solution to the performance scaling problem brought on by increased amounts of power leakage in modern chips. Transistors are now so small that increasing a chip's frequency, and therefore the amount of power it consumes, is not the simple exercise that kept companies like Intel going for many years.
• Nanotech Brings Cheap Flat TVs From Diamond Dust - Nanotech scientists are going to develop new TV display technology made from diamond dust. It opens up the possibility of cheaper and more power efficient flat panel displays, for use in wide screen digital TVs and many other applications.
• NEC develops prototype hybrid CD/DVD/HD-DVD drive - According to this UK website, the NEC engineers have created a prototype optical disc drive that supports the new HD-DVD format and is also compatible with exsiting CD and DVD formats. The three-format drive supports playback of read-only (ROM) and rewritable versions (RW) of HD-DVD and read-only, write-once (R) and RW versions of CDs and DVDs.
• Nokia hologram to expose fake, unsafe batteries - Nokia has begun applying a holographic sticker to its mobile phone batteries in a bid to prevent fake power packs being inadvertently purchased as the real thing. The mobile phone giant is pitching the move as a safety matter rather, though it's clearly just as interested in winning back the revenue lost to other battery suppliers.

HARDWARE...

• Intel 'to cut' Celeron D, Grantsdale prices - Intel will prune the prices of its Celeron D processors and 915-class chipsets next year, reports coming out of Taiwan claim. The Celeron D cuts will take place on Sunday, 20 February 2005, and see up to 13.6 per cent. The cuts target the 325, 330, 335, 340 and 345 chips, in both their regular forms and the 'J" variants with Execute Disable Bit support. The price of the 345 will fall from $127 to $117, the 340 from $117 to $103, the 335 from $103 to $89, the 330 from $83 to $79, and the 325 from $79 to 73, the reports say.
• PCI Express to Get 5GHz Speed in 2007 - The PCI-SIG, the Special Interest Group responsible for PCI Express architecture, announced that the data rate for the next planned revision of the PCI Express specification will be 5GHz, which is two times higher compared to today's 2.50GHz speed. The new spec will be finalized in the second half of 2005 with actual products shipping in 2007.
• 6800 STD/GT/Ultra PCIe almost unavailable - Most of PCIe SLI slots got filled with 6600GT cards which are really highly available at the moment. Most of people in most parts of the world could not buy any 6800GT or slower cards. I can not recall that anyone said that it bought 6800 Ultra PCIe card. I saw 6800GT PCIe in Scan.co.uk shop but it costs £383.05. At current exchange rate that is exactly $744.32. So much about $399 price.
• Gigabyte creates dual-GPU graphics card - Gigabyte will announce Friday a graphics card running two graphics processors on one board. According to sources, the SLI card will lift current 3DMark2003 record levels by a significant margin while being priced lower than ATI's and Nvidia's single-GPU high-end cards.
• Ultima Electronics unveils portable TV/DVD player - The Artec T2 Happy Go is only 870 grams in weight and sports a seven-inch 16:9 LCD display. In addition, there is automatic search for digital-video broadcasting-terrestrial (DVB-T) channels; reception of analog TV and FM radio channels; and DVD-player functions with stable high-definition display of high-speed motion. The unit also utilizes DigiDeep (digital deep) Integration (DDI) technology and built-in Dolby Digital surround sound.
• Four Socket 939 Motherboards Shootout - Overclockers New Zealand compared four socket 939 motherboards from Asus, Gigabyte, MSI, and Soltek
• nVidia GeForce 6600GT goes AGP - TweakTown take a look at the AGP version of their 6600GT graphics card.
• Gigabyte GV-NX66T128D GeForce 6600GT - PC Stats has posted a review of Gigabyte GV-NX66T128D GeForce 6600GT videocard.
• Single Drive and RAID 0 SATA NCQ Performance with Seagate's Barracuda 7200.7 - Bjorn3D's Chad has spent some time testing some of Seagate's NCQ drives to see if there is a performance difference: "For people with a motherboard based on Intel's 915 or 925 Express chipsets who want to maximize their system's performance, I would definitely recommend taking advantage of the native NCQ capability of their system by pairing it with an NCQ-capable drive or, better yet, multiple drives configured in a RAID array. "
• Seagate's Barracuda 7200.7 NCQ hard drive - Although Native Command Queuing is most definitely an elegant and intelligent way to minimize the impact of a hard drive's mechanical latency, our test results show that better performance certainly isn't guaranteed with the Barracuda 7200.7 NCQ and Promise's FastTrak TX4200. The best applications for NCQ are undoubtedly the kinds of multi-user environments that IOMeter simulates. With an increasing number of concurrent I/O requests to read or write data from different areas of a disk, command queuing's optimized request rescheduling really shines. NCQ also scales better with lower I/O loads than Western Digital's Tagged Command Queuing, whose CPU utilization is also much, much higher.
• 16x DVD Writer Group Test - All the drives on test are also Dual Layer compatible, so you'll be able to burn to 8.5GB discs if you can afford them. However, despite the fact that Dual Layer burners have been around for a while, only one of the drives was able to write to Dual Layer media at 4x instead of the excruciatingly slow 2.4x standard. So, if you're thinking of asking Santa for a new DVD writer this Christmas, read on to find out which one makes the best stocking filler.
• NEC SpectraView 1980 high-end 19 in TFT monitor - First of all, the SpectraView 1980 is actually an S-IPS (In Plane Switching) TFT MultiSync 1980SXi that has undergone the SpectraView treatment. Many of our readers will also instantly recognise NEC/Mitsubishi's angular design that we saw in the both the 2080UX+ and the 2180UX models we've reviewed. Personally, I like the overall industrial look of these monitors but I know that some will prefer monitors with smoother lines. Of course, it's largely down to personal preference, but what you can't argue with is the range of adjustability that these monitors offer.
• Cooler Master Aquagate Liquid Cooling System review - The Cooler Master Aquagate Liquid Cooling System is indeed one of the most innovative watercooling unit at the moment. There is no other all-in-one watercooling unit like it in terms of versatility, flexibility and looks. Its ease of installation will be a main attraction to those thinking of watercooling but just couldn't be bothered with DIY kits. No matter what type of case you have, the Aquagate will always have a place in your system, internally or externally.
• Digital Concepts CompactFlash Card Reader review - The reader itself is nothing special: a silver plastic case with a good grip and a label up front. It's a single piece so if you have to get it open for some reason, you'll have to pry it apart. There's also a green power LED. The light doesn't blink or change colors; it remains on as long as the reader has power, regardless of whether a card is inserted and/or is being read from/written to.

SOFTWARE...

• Microsoft ChristmasTheme 2004 - MS's christmas desktop theme with new wallpaper, animated cursors, new icons, new sounds and a 3D screensaver.
• Spybot Search and Destroy Detection Update 2004-12-17 - Update your Spybot S&D detections without the need for the included WebUpdate.
• PHP 5.0.3 and 4.3.10 final - The PHP Group has released the final versions of the next PHP 4.x and 5.x releases.
• SpeedFan 4.18 - SpeedFan is a freeware program that monitors fan speeds, temperatures and voltages in computers with hardware monitoring chips. SpeedFan can even access S.M.A.R.T. info for those hard disks that support this feature and show hard disk temperatures too, if supported
• Bart's PE builder v3.1.0 released - Bart's PE Builder helps you build a "BartPE" (Bart Preinstalled Environment) bootable Windows CD-Rom or DVD from the original Windows XP or Windows Server 2003 installation/setup CD, very suitable for PC maintenance tasks. This new version features completely new user interface, removed the resource limits (user resources limit & 24 hour time limit), adds new (easy) way of adding storage and network drivers, CD burning, slipstream dialog that helps less advanced users to slipstream, etc.
• PhotoDVD, DivxToDVD and CopyToDVD updated - VSO Software has updated its CopyToDVD, VSO DivxToDVD and PhotoDVD software. CopyToDVD v3.0.39 adds more video format for dvd video conversion, copyright detection bypassed on non-removable support, DivxToDVD v0.3 improves support for mpeg4, nerodigital, aac, H264, H263, mov. and PhotoDVD 0.9.93 adds some languages, fixes some audio relative problems and some movie duration calculation.
• The NTToolkit 1.70 - The NTToolkit is a set of small and useful utilities designed to help network administrators with their daily administrative tasks. The NTToolkit is freeware and constantly under development.
• HostsMan 1.1.1 - HostsMan is a freeware application that lets you manage your Hosts file with ease. Features: nable/disable usage of hosts file, open Hosts file with one click, prevent other programs of writing to the hosts, scan hosts for errors, easily replace all 127.0.0.1 with 0.0.0.0 (and vice-versa), find how many host names, easily install newly downloaded hosts file, create encrypted backups of your hosts file.
• Ethereal 0.10.8 - Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source license allows talented experts in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.
• ATI Optimized Driver 64bit V0.1 Beta - This driver is created by ATI and modified by TechConnect Magazine, they designed this driver to provide the maximum performance and Quality.