| Top
Security News |
Russian
Bugs Bust French Internet Users
Computer criminals from Russia lifted more than €1 million from French bank
accounts using what some call sleeper bugs to infect computers...
Liberty
Alliance Continues To Grow
The Liberty Alliance Project, a consortium aimed at improving online authentication
standards announced this morning the addition of 15 new members...
LogLogic
Logs Exchange Email
San Jose-based LogLogic announced on Monday the first edition of their information
logging software designed to keep track of all email messages...
NyxemD
Update: Indian Damage Control
While the NyxemD virus remained a low threat for many people in this country,
some places had a problem with it. Reports from other countries are coming in...
Spanish
Hacker Heads For Hoosegow
Sometimes getting even isn't such a good idea. Santiago Garrido, 26, decided a
"denial of service" worm was the way to go when he got booted from the
"Hispano" IRC chat room.
Windows
OneCare Live Is On Its Way
Discussions on Microsoft's security product have been ongoing for some time. The
discussion will really kick in as Microsoft let it be known the Windows OneCare
Live is coming out shortly.
Hacking
Xboxes For Fun And Profit
Apparently, the original Xbox has been completely hacked without the need for
any modchip/softmod. According to hackers online, this also opens the door for
them to really begin hacking on the Xbox360.
|
|
|
|
Microsoft issued security advisories on Tuesday regarding vulnerabilities in Windows. First comes another possible problem tied to the WMF vulnerability and the other is tied to a research paper about default services behavior.
The first advisory is related to the Windows Metafile (WMF) problem. Some older versions of Internet Explorer (IE) with this vulnerability could allow an attacker to get in and pull the old arbitrary code trick on the logged on user. Possible actions to set off this problem could be: getting a WMF image from a malicious website; opening an email attachment; clicking on a link in an email that takes one to a malicious website, or Outlook Express users who view the naughty messages in the preview pane.
Microsoft said this in their advisory:
Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site, preview a malicious e-mail message, or open an attachment that exploited the vulnerability. In both Web-based and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The other advisory is tied to a research paper about default services behavior. It suggests one could "exploit overly permissive access controls on third-party application services." Also mentioned was the attempt to exploit default services in Windows XP Service Pack 1 and Windows Server 2003.
Microsoft's advisory says if users have updated Windows XP to Service Pack 2 and Windows Server 2003 to Service Pack 1, it should deal with these issues. The advisory said this:
Microsoft has investigated these reports and the findings are summarized in the chart below. Microsoft has confirmed that customers who run Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1 are not vulnerable to these issues because security-related changes were made to these service packs as part of our ongoing security improvement process. Users who run Windows XP Service Pack 1 and Windows Server 2003 Gold may be at risk, but the risk to Windows Server 2003 users is reduced.
Users are encouraged to contact their third-party software vendors whose products require services installation to determine if any non-default Windows services are affected.
Microsoft is not aware of any attacks attempting to use the reported vulnerabilities
or of customer impact at this time. Microsoft will continue to investigate the
public reports to help provide additional guidance for customers as necessary.
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
