Just a day after Microsoft released patches for vulnerabilities in some of its software, code designed to take advantage of those weaknesses appeared on the Internet. Most of the patches that Microsoft issued were for flaws that were widely known. But at least two flaws were made public for the first time on Tuesday as part of the company’s monthly security update. Security firms reported finding the code on Wednesday. The exploit code for previously unknown flaws means hackers could use the code to pounce on computer systems with managers who are slow to apply patches.

By way of an entry on Bob Sutor’s blog, ZDNet’s David Berlind found CNET editor Rafe Needleman talking about the various entries in the marketplace that could eventually serve as Web-based replacements for PowerPoint. Microsoft is already getting some pressure on the word processing and spreadsheet fronts (particularly now that Socialtext has taken on Dan Bricklin and his WikiCalc innovation under its open source wing). Should Web-based PowerPoint replacement get any traction, the implications for Office could be serious.

Microsoft tech evangelist and alpha blogger Robert Scoble talks about everything from his tensest moments at Microsoft to what Microsoft could have done to keep him, as he prepares to leave the software maker and join startup PodTech.Net.

Yahoo said on Monday that a software virus aimed at Yahoo Mail users had infected "a very small fraction" of its base of more than 200 million accounts. The email virus, or worm, has been dubbed Yamanner and landed in Yahoo mailboxes bearing the headline "New Graphic Site." Once opened, the message infects the computer and spreads to other users listed in Yahoo users’ email address books.

Open-Xchange, developer of Open-Xchange Server 5, and ChatterEmail, announced a joint initiative to promote standards-based mobility solutions for Smart Collaboration. Open-Xchange Server 5 enables Smart Collaboration by providing mission critical collaborative functions like email, calendaring, contacts and task management–fully integrated with advanced groupware features such as Smart Linking, Smart Permissions, document sharing, project tracking, user forums, and a knowledge base. Open-Xchange Server 5 works with the widest variety of browsers, mobile devices and rich clients such as Microsoft Outlook. ChatterEmail extends real time "push" email to Palm OS based Treo smartphones including the recently released Treo 700p.

Sensitive information on millions of U.S. military personnel and veterans remains at grave risk because of weak security controls that have not yet been fixed, government investigators said Wednesday. In testimony to Congress, the Government Accountability Office and Veterans Affairs inspector general detailed ignored warnings, weak management and lax rules in their review of VA information security following the theft of 26.5 million military personnel’s private data last month. They found that the Veterans Affairs Department routinely failed to control and monitor employee access to private information, did not restrict users to "need-to-know" data and often waited too long to terminate accounts when an employee quit or was fired.

Hot on the heels of revelations that it is reaching out to the open-source community to find ways of interoperating with software licensed under the GPL, Microsoft announced on June 14 that it has formed an Interoperability Customer Executive Council. The goal of the group is to identify areas for improved interoperability across not just Microsoft’s products, but also the broader software industry.

PR people often get a bad rap. To many editors, the folks pitching stories are annoyances, constantly trying to get an editor’s attention for some useless story idea or another. But here at ZATZ, we’ve found that public relations professionals are, in the most part, key assets, helping us bring you the most complete and rounded stories possible. It would be far harder doing our jobs without the regular help we get from the great folks in PR. And so, knowing we truly value PR people, we bring you this article. It’s not intended to poke fun at boneheaded PR mistakes. It’s honestly actually intended to help our favorite PR professionals be more successful in using email as a communication vehicle.

Read this OutlookPower article.

Symantec on Monday noted a new JavaScript worm that exploits an unpatched vulnerability in Yahoo Web mail. This vulnerability enables scripts embedded in HTML e-mails to be run by the user’s browser, which are normally blocked by Yahoo Mail for security reasons. The worm, JS.Yamanner@m, spreads from person to person when the user opens the e-mail that is originally sent by the worm. The worm then sends itself to the user’s contacts that also use Yahoo Mail, while simultaneously sending those e-mail addresses to a remote server on the Internet.

Flaws in driver software may be worrisome and a potentially serious threat, but security experts at Intel see no need for alarm. At least, not yet. In a recent experiment, researchers at the Santa Clara chipmaker searched for publicly known vulnerabilities in drivers for Microsoft’s Windows operating system. They also hunted for malicious code that took advantage of those security holes. In particular, they wanted to find problems in kernel-level drivers and exploits that would give an attacker full rein over a vulnerable system.