In today’s issue of SecurityProNews, David Utter details the latest Microsoft security update, this time, it’s aimed at Windows 2000. David also provides information about the state of Massachusetts and their battle against a number of spammers located in Boston.
|Microsoft Releases Windows 2000 Patch|
Apparently the Attorney General for the state has had enough and is taking aggressive measures to oust the suspected fraudulent mailers. In our last article, we provide information concerning McAfee’s recent announcement concerning protection against the MS05-024 vulnerability, which was announced by Microsoft earlier this week.
McAfee was certainly quick to put protective measures in place; something the security industry needs more of.
Enjoy the issue,
Chris Richardson and the rest of the SPN staff
Spammers Get An Unwelcome Inbox Message
David Utter | Staff Writer
Massachusetts Attorney General Tom Reilly files an emergency order to shut down one of the world’s largest spam rings.
The emergency court order obtained by Mr. Reilly aimed to shut down dozens of web sites operated by spammers in the Boston area. Messages sent by the gang included enticements to purchase counterfeit drugs, pirated software, and various adult material.
A lawsuit filed today by the state named Leo Kuvayev as the ringleader of the elaborate spam operation. Six other persons with ties to Boston were also named. The court order shut down numerous websites linked to Mr. Kuvayev, as well as two Internet companies.
Said AG Reilly of the spammers: “This type of spam is more than just an annoyance to consumers. It poses a real danger to people who may be fooled into buying counterfeit versions of prescription drugs or unwittingly open email links to sexually explicit websites.”
The two companies named in the suit were 2K Services, Ltd, and Ecash Pay, Ltd. All of the persons named in the lawsuit worked for one company or the other at some point. Both companies list the same post office box as their address.
While the exact number of spam messages sent won’t be known, the AG office estimates hundreds of millions were sent to recipients in and outside of Massachusetts. Mr. Reilly’s office enlisted the help of Microsoft in the investigation.
Microsoft established trap e-mail accounts and collected more than 45,000 messages in a three week period last summer. Investigators used the messages to track down Mr. Kuvayev.
One violation alleged by the AG’s office will be the violation of the federal CAN-SPAM act. This law didn’t ban spam, but it did encumber the sender with the requirement that unsolicited commercial e-mail be accurate and contain functional instructions on opting out of receiving those messages.
The spam ring also violated the Massachusetts Consumer Protection Act, due to their efforts to hide the true identities of those responsible for the mass mailings.
Windows 2000 Security Fix Released
David Utter | Staff Writer
A remote code execution vulnerability in Windows 2000 has been addressed by Microsoft with a patch.
In a Microsoft security bulletin, the software company disclosed a remote code execution vulnerability.
The Web View in Windows Explorer was identified as the vulnerable point. A malicious file containing certain HTML characters viewed by a user could allow for the execution of arbitrary code in the user’s context.
If that user has logged on with administrative privileges, an attacker could possibly take control of a remote system. Users of Windows 2000 should download the appropriate fix from Microsoft’s web site.
McAfee Announces Protection From MS05-024
SecurityProNews Staff Writer
McAfee announced that it provides system protection for the MS05-024 vulnerability as announced by Microsoft Corporation today.
This vulnerability has been reviewed by McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team) security research teams at McAfee. Based on its findings, McAfee AVERT recommends that users confirm the Microsoft product versioning outlined in the bulletin and update as recommended by Microsoft and McAfee, Inc. This includes deploying solutions to ensure protection against the exploits outlined in this advisory.
Microsoft Vulnerability Overview
— MS05-024 — Vulnerability in Web View Could Allow Remote Code Execution (894320)
The new bulletin covers one vulnerability in Microsoft Windows that, if exploited, could allow remote code execution. The remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. If a user previews a malicious file, an attacker could execute arbitrary code in the context of the logged on user. However, user interaction is required to exploit this vulnerability…