| Top
Security News |
A
Worm In The Apple
Abingdon, England-based SophosLabs discovered a worm in the Apple OS X platform.
The virus named OSX/Leap-A or OSX/Oompa-A moves through instant messaging, specifically,
the iChat client.
Brazilian
Hacker Smash
Brazilian authorities raided a phishing scam, arresting 55 people, in which authorities believe millions of dollars were stolen...
NCSA
Examines 2006 Cyber Threats
In conjunction with the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA) announced their Internet threat list for 2006 and online best practices to help protect consumers from online threats...
Croatian
Crashes BitDefender For Beer, Vampires
Security software company BitDefender recently held a contest called "Crash and Win," inviting Linux junkies to take a shot at their beta version of Mail Protection for Enterprises product...
China
Can’t Deal With Pirates
Most of the time, pirates in any venue are looked down upon. Those who spread
secrets aren't always the good guys.
New
Danish Websites Hacked
Muslim hackers continue their retaliatory assault on Danish websites over the political cartoons run in Danish newspapers last year and more recently in other European publications...
Olympic
Computer Viruses
The Olympics is meant to be a symbol of international cooperation and goodwill.
Hundreds of athletes from all over the world compete in the winter and summer
Olympic games.
Microsoft
Shows New Firewall Beta
Microsoft's been putting out some eye candy leading up to next week's RSA Conference.
They opened the shades on their new ISA 2006 firewall public beta
|
|
|
|
Microsoft issued security advisories on Tuesday regarding vulnerabilities in Windows. First comes another possible problem tied to the WMF vulnerability and the other is tied to a research paper about default services behavior.
The first advisory is related to the Windows Metafile (WMF) problem. Some older versions of Internet Explorer (IE) with this vulnerability could allow an attacker to get in and pull the old arbitrary code trick on the logged on user. Possible actions to set off this problem could be: getting a WMF image from a malicious website; opening an email attachment; clicking on a link in an email that takes one to a malicious website, or Outlook Express users who view the naughty messages in the preview pane.
Microsoft said this in their advisory:
Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site, preview a malicious e-mail message, or open an attachment that exploited the vulnerability. In both Web-based and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The other advisory is tied to a research paper about default services behavior. It suggests one could "exploit overly permissive access controls on third-party application services." Also mentioned was the attempt to exploit default services in Windows XP Service Pack 1 and Windows Server 2003.
Microsoft's advisory says if users have updated Windows XP to Service Pack 2 and Windows Server 2003 to Service Pack 1, it should deal with these issues. The advisory said this:
Microsoft has investigated these reports and the findings are summarized in the chart below. Microsoft has confirmed that customers who run Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1 are not vulnerable to these issues because security-related changes were made to these service packs as part of our ongoing security improvement process. Users who run Windows XP Service Pack 1 and Windows Server 2003 Gold may be at risk, but the risk to Windows Server 2003 users is reduced.
Users are encouraged to contact their third-party software vendors whose products require services installation to determine if any non-default Windows services are affected.
Microsoft is not aware of any attacks attempting to use the reported vulnerabilities
or of customer impact at this time. Microsoft will continue to investigate the
public reports to help provide additional guidance for customers as necessary.
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
