January 2007 - Posts

Microsoft Security Bulletin(s) for January 2007

January 9, 2007

Today Microsoft released the following Security Bulletin(s).

January Bulletin Summary

Critical

MS07-002 -  Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
MS07-003 -  Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (925938)
MS07-004 -  Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)

Important

MS07-001 -  Vulnerability in Microsoft Office 2003 Brazilian Portuguese Grammar Checker Could Allow Remote Code Execution (921585)

This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
 

Posted Tue, Jan 9 2007 13:37 by Don
Filed under:

Sophos seeks to stand between harmful sites, surfers

Sophos Monday unveiled an appliance that can block access to harmful Web sites to prevent malware infection as well as filter out banned Web sites for productivity purposes.

The company's WS1000 appliance, which supports as many as 1,000 simultaneous users, scans Web traffic to block user access to known sites where risk of spyware and other malicious code is high, says Ron O'Brien, senior security analyst at Sophos. In addition, the WS1000 is built to dynamically analyze Web browsing behavior to stop or warn users when they might be lured into a spam-based phishing attack to a Web site that may only go live for a brief period to steal personal information.

Story at computerworld.com 

Posted Tue, Jan 9 2007 5:29 by Don
Filed under:

Wi-Fi body aims to smooth security setup

The group that certifies Wi-Fi products aims to make more wireless LANs secure by taking some of the work out of locking them down.

The Wi-Fi Alliance is set to announce on Monday at the International Consumer Electronics Show its WPS (Wi-Fi Protected Setup) specification, which lays out an easier process for setting up a secure wireless LAN. The group will also reveal the first devices certified under WPS, though it will take a few more months for consumer products to reach store shelves.

Wi-Fi security has greatly improved since home users first embraced wireless LANs a few years ago, but most consumers still don't use the available tools because they are too hard to set up, said Frank Hanzlik, managing director of the Wi-Fi Alliance.

Computerworld 

Posted Mon, Jan 8 2007 12:04 by Don
Filed under:

Opera Browser Two Vulnerabilities

Description:
Two vulnerabilities have been reported in Opera, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error when processing JPEG files can be exploited to cause a heap-based buffer overflow via a JPEG file with a specially crafted DHT marker.

2) An error within createSVGTransformFromMatrix() can be exploited by passing an incorrect object to the said function.

Successful exploitation of the vulnerabilities allow execution of arbitrary code.

Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/

Solution:
Update to version 9.10

Sucunia Advisory
 

Posted Fri, Jan 5 2007 17:51 by Don
Filed under:

Microsoft Security Bulletin Advanced Notification - Update

Updated: January 05, 2007

Summary

On 9 January 2007 Microsoft is planning to release:

Security Updates

.    One Microsoft Security Bulletin affecting Microsoft Windows.
The highest Maximum Severity rating for this is Critical. This
update will be detectable using the Microsoft Baseline Security
Analyzer and the Enterprise Scan Tool. This update will require a
restart.

.    Three Microsoft Security Bulletins affecting Microsoft Office.
The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security
Analyzer. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

.    Microsoft will release an updated version of the Microsoft
Windows Malicious Software Removal Tool on Windows Update, Microsoft
Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update
Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

.    Microsoft will release no NON-SECURITY High-Priority Updates
for Windows on Windows Update (WU) and Software Update Services
(SUS).

.    Microsoft will release 2 NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins,
products affected, restart information and severities are subject to
change until released.

Microsoft will host a webcast next week to address customer
questions on these bulletins. For more information on this webcast
please see below:
.    TechNet Webcast: Information about Microsoft's Security
Bulletins   
.

At this time no additional information on these bulletins such as
details regarding severity or details regarding the vulnerability
will be made available until 9 January 2007.

Support:

Technical support is available from Microsoft Product Support
Services at 1-866-PC SAFETY (1-866-727-2338). There is no
charge for support calls associated with security updates.
International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Posted Fri, Jan 5 2007 16:42 by Don
Filed under:

PDF security risk greater than originally thought

A recently discovered security weakness in the widely used Acrobat Reader software could put Net users at more risk than previously thought, experts warned Thursday.

Initially, security professionals thought that the problem was restricted and exposed only Web-related data or could support phishing scams. Now it has been discovered that miscreants could exploit the problem to access all information on a victim's hard disk drive, said Web security specialists at WhiteHat Security and SPI Dynamics.

Story at news.com.com 

Posted Fri, Jan 5 2007 7:48 by Don
Filed under:

Microsoft Security Bulletin Advanced Notification - January 2007

Issued: January 04, 2007

Summary

On 9 January 2007 Microsoft is planning to release:

Security Updates

.    Three Microsoft Security Bulletins affecting Microsoft Windows.
The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security
Analyzer and the Enterprise Scan Tool. Some of these updates will
require a restart.

.    One Microsoft Security Bulletins affecting Microsoft Windows
and Microsoft Visual Studio. The highest Maximum Severity rating for
this is Important. These updates will be detectable using the
Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
These updates will require a restart.

.    One Microsoft Security Bulletins affecting Microsoft Windows
and Microsoft Office. The highest Maximum Severity rating for this
is Important. These updates will be detectable using the Microsoft
Baseline Security Analyzer. These updates may require a restart.

.    Three Microsoft Security Bulletins affecting Microsoft Office.
The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security
Analyzer. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

.    Microsoft will release an updated version of the Microsoft
Windows Malicious Software Removal Tool on Windows Update, Microsoft
Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update
Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

.    Microsoft will release no NON-SECURITY High-Priority Updates
for Windows on Windows Update (WU) and Software Update Services
(SUS).

.    Microsoft will release 2 NON-SECURITY High-Priority Updates on
Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins,
products affected, restart information and severities are subject to
change until released.

Microsoft will host a webcast next week to address customer
questions on these bulletins. For more information on this webcast
please see below:
.    TechNet Webcast: Information about Microsoft's Security
Bulletins   
.
   
At this time no additional information on these bulletins such as
details regarding severity or details regarding the vulnerability
will be made available until 9 January 2007.

Support:

Technical support is available from Microsoft Product Support
Services at 1-866-PC SAFETY (1-866-727-2338). There is no
charge for support calls associated with security updates.
International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspx

Posted Thu, Jan 4 2007 14:21 by Don
Filed under:

Apple guru combats month of bugs

A software engineer has vowed to quickly provide a patch for flaws in Apple Computer software that are set to be made public by researchers Kevin Finisterre and the pseudonymous LMH this month.

The vulnerability researchers' "Month of Apple Bugs" project, launched Monday, promises to announce a hole in Apple software on each day in January. However, a senior open-source developer with extensive experience working for the Mac maker says he is attempting to offer a fix for each flaw found.

CNet 

Posted Thu, Jan 4 2007 8:42 by Don
Filed under:

IRS Phishing Scam and Identity Theft

US-CERT continues to receive reports of phishing scams that target online users. Most recently, users have reported receiving emails that appear to be from the Internal Revenue Service (IRS). The phishing email claims to offer a tax refund and requests users to click on a link to provide personal and possibly sensitive information. Identity thieves could use this information to further compromise unsuspecting victims.

A spokesperson for the IRS has confirmed that they do not solicit anything by email.

US-CERT 

Posted Thu, Jan 4 2007 6:23 by Don
Filed under:

Glitches dent confidence in Google's offerings

A serious flaw is discovered in Google's free email service allowing hackers to steal users' entire contact lists.

To exploit the flaw, the hacker would add a piece of code to their website server, which in turn gave them access to the Gmail contacts of passing browsers, so long as they were also signed in to their Gmail account in another window.

The hacker could then add the stolen contacts to an email spam database, or sell them to other spammers.

Story continues 

Posted Tue, Jan 2 2007 6:45 by Don
Filed under:

Month of Apple Bugs kicks off

Two researchers released a vulnerability in Apple's QuickTime for Windows and the Mac OS X on Monday, kicking off the Month of Apple Bugs.

The initiative, modeled after July's Month of Browser Bugs and November's Month of Kernel Bugs, will focus on a single platform, but could include flaws in non-Apple products for the Mac OS X, according to the researchers, Kevin Finisterre of Digital Munition and the person behind the Month of Kernel Bugs, known only by his initials, L.M.H. The duo claims to have discovered enough flaws in Apple's Mac OS X and other Mac OS X software to release a vulnerability for each of the 31 days in January.

Securityfocus 

Posted Tue, Jan 2 2007 4:57 by Don
Filed under:
More Posts « Previous page