Running time: 53:59

Download MP3 file

Please install Flash to use the web based podcast player.

Subscribe... ----------------------------------- iTunes Google Zune Other podcast clients (pcast:// compatible) RSS

Leo Laporte and Steve Gibson

Security Now! with Steve Gibson, Episode 20 is ready for your consideration.

Main feed - courtesy AOL Radio

This week your questions and Steve's answers.

But first, notice of a very serious security flaw in all versions of Windows. This hole takes advantage of poor design choice in the Windows metafile interpreter and can be exploited by a malicious web site or by email attachments.

Despite the fact that the hole was discovered only yesterday, there are already numerous web sites trying to take advantage of it.

There's no patch yet from Microsoft, but fortunately the fix is very easy. Steve documents it at grc.com. Please go there now and apply the fix.

On this show we discuss:

• Logging into secure sites

• Hamachi troubles
• Getting WPA security on old wi-fi equipment
• Securing Windows Remote Desktop
• The unreliabilty of fingerprint scanners
• Using Gmail on a public network
• NAT routers vs hardware firewalls
• Speed issues with VPN
• Removing the Sony rootkit
• ISPs that only offer private IP addresses
• SSID hiding and why it doesn't work
• Port knocking as a form of security

Steve also hosts transcripts, show notes, and a 16kbps version of the show for the bandwidth impaired at grc.com.