Hewlett-Packard announced that beginning Dec. 13 customers can register for a free Microsoft Windows Vista operating system upgrade, when it becomes available in early 2007. Once customers request a Vista upgrade, they will receive a kit that includes a Vista upgrade DVD and an additional DVD that will include the drivers needed to complete the installation.

A security update issued Tuesday for the Mac version of Microsoft Office was posted in error, the software maker said. The company encouraged consumers to uninstall the patch, which is still being tested. "Due to human error, they were accidentally published to the public Web sites before our full testing release process was complete," a Microsoft security official said Wednesday on the company’s Security Response Center blog.

Microsoft’s use of code-scrambling diversity to secure Windows Vista is getting crucial support from OEM partners. The software giant has convinced major U.S. computer makers–including Dell, Gateway and Hewlett-Packard–to make default changes at the BIOS level to allow a new Vista security feature called ASLR (Address Space Layout Randomization) to work properly. ASLR, which is used to randomly arrange the positions of key data areas to block hackers from predicting target addresses, is meant to make Windows Vista more resilient to virus and worm attacks.

The United States government is assigning a terror "risk assessment" score to every person, citizen or foreign national who crosses the border. The Department of Homeland Security plans to retain that score and information about your comings and goings for up to 40 years. But you have no way of learning what the score is. The system is supposed to flag suspicious people and cargo to make it easier for the Department of Homeland Security to stop criminals, terror suspects or dangerous materials at the border. Worst of all, the system doesn’t give citizens or their legal representatives the ability to check or challenge the accuracy of that information.

Microsoft and Novell published results from a jointly commissioned survey that asserts the two companies’ high-profile agreement will drive customers away from joint rival Red Hat. Communications firm Penn, Schoen & Berland Associates, which has been doing research for Microsoft for eight years, conducted 201 interviews with IT professionals to garner opinions on vendor partnerships and interoperability between Windows and Linux. The interviews were conducted two weeks after Novell and Microsoft announced their legal and technical agreement. Two-thirds of respondents were aware of the deal.

In one of the largest known security breaches at a university, the database at the University of California, Los Angeles has been broken into, exposing the private information of about 800,000 people. Administrators discovered November 21 that the database had been compromised, according to a letter dated Tuesday that was posted to the university’s Web site (PDF here). The hacker had exploited a previously undetected software flaw and gained access to the database from October 2005 until the discovery, Norman Abrams, acting UCLA chancellor, said in the letter.

Computer hackers will open a new front in the multi-billion pound "cyberwar" in 2007, targeting mobile phones, instant messaging and community Web sites such as MySpace, security experts predict. As people grow wise to email scams, criminal gangs will find new ways to commit online fraud, sell fake goods or steal corporate secrets.

Just in time for Microsoft’s release of its new Vista operating system, Laplink announced today it will have PCmover for Vista shipped to retail shelves by January 30, 2007 and available online by January 15, 2007. Laplink’s PCmover allows users to perform their migration using several options: genuine Laplink USB Cables, any local network (including wireless) or removable media (CD-R, DVD-R or external hard drives).

A New Jersey-based company specializing in the prevention of identity theft wants victims of the crime to participate in a free consumer education program. StrikeForce Technologies wants victims to share their stories and try out a copy of GuardedID, the company’s answer to preventing identity theft by keyloggers. Keyloggers install themselves onto computers without the knowledge of the owner to steal personal and financial information. Once installed on the user’s computer, a keylogger makes a copy of all keystrokes, the details of which are then secretly saved to a hidden file on the computer’s hard drive and retrieved by the hacker who created the keylogging program. The Privacy Rights Clearinghouse estimates 15 million people will have their identity compromised in 2006, an increase of more than 350 percent over last year, StrikeForce officials said.

Winnie the Pooh and Tweety stand ready to wreck havoc on your computer. According to a survey released by security company McAfee’s SiteAdvisor, online searches for even the most innocuous terms can be dangerous to your PC’s health. For example, the terms found in the Google Zeitgeist category of "childhood favorites"–including "Winnie the Pooh" and "Tweety"–turned up risky sites in 6.7 percent of search results. The survey, which updates one conducted in May, evaluates the safety of search results returned by the top five search engines: Google, Yahoo, Microsoft’s MSN, Time Warner’s AOL and Ask.com. McAfee SiteAdvisor compiled a list of 2,500 popular keywords and evaluated the first five pages of search results for each keyword, analyzing them for malicious content.