Sam Costello

If users have put off patching their Apache Web servers against the vulnerability discovered Monday, they should wait no longer, as an exploit to attack the security hole is now circulating on the Internet, according to Oliver Friedrichs, director of engineering at SecurityFocus Inc.

Adding to a growing list of managed security services companies it has acquired in the last 18 months, RedSiren Technologies Inc. Wednesday announced the purchase of Veritect Inc. for an undisclosed amount.

Hoping to help users take another step toward autonomic computers, which are meant to manage, configure and maintain themselves, IBM Corp.

A new virus can, for the first time, infect image files, according to antivirus software company McAfee Security, a division of Network Associates Inc. This means that the virus could be spread through Web sites containing infected image files, and force antivirus companies to re-engineer their products, McAfee officials said.

Microsoft Corp. released two security bulletins late Tuesday, the first updating a patch the company released for a handful of its chat software clients in May and the second detailing a work-around to a flaw in its Internet Explorer Web browser that comes as a result of the aging Gopher protocol.

Oracle Corp. released patches for two security holes in its 9i database last week that could have allowed an attacker to take over or run code on affected systems.

A new measurement system recently announced by market research firm IDC could give supercomputer customers a new way to measure the performance of those systems and more accurately evaluate them before purchase, according to the company.

Sun Microsystems Inc. released a patch that closed two security holes in its Solaris operating system Tuesday. The holes could have allowed an attacker to take control of vulnerable systems.