Security Manifest

Benjamin Johnstone-Anderson, Microsoft MVP - Windows Security

Daily Update -- Wednesday, October 19th, 2005

Not much is in the news today, although I am happy to announce that rumours regarding the discovery of a worm using the latest Windows vulnerabilities was a false alarm.  More details follow

Trend Announces Fanbot.C Error
From InformationWeek:

A security firm on Monday mistakenly identified a new Trojan as the first to exploit one of last week's vulnerabilities in Windows, but corrected itself and labeled it as one which attacks the same bug as August's Zotob bot worm.

Fanbot.c, said Trend Micro late Monday, included a proof-of-concept exploit against one of the vulnerabilities disclosed Tuesday, Oct. 11 in Microsoft's MS05-051 security bulletin. Trend also said that although the Trojan was written in Visual Basic -- which usually indicates low-level skills on the part of the attacker and often means it's a "script kiddy" copy-cat -- arming malware with yet another exploit matched earlier hacker habits.

By early Tuesday, however, Trend had modified its technical description of Fanbot.c to say that the exploit was actually one directed toward the Plug and Play bug unveiled in August's MS05-039 bulletin.

The full article about the good news can be found here.

Posted: Oct 19 2005, 04:10 PM by trafton | with 4 comment(s)
Filed under: , ,

Comments

trafton said:

http://sd1026.sivit.org/~own1/ DF1 http://sd1026.sivit.org/~own10/ DF2 http://sd1026.sivit.org/~own11/ DF3 http://sd1026.sivit.org/~own-12/ DF4 http://sd1026.sivit.org/~own13/ DF5 http://sd1026.sivit.org/~own14/ DF6 http://sd1026.sivit.org/~own15/ DF7 http://sd1026.sivit.org/~own16/ DF8 http://sd1026.sivit.org/~own17/ DF9 http://sd1026.sivit.org/~own18/ DF10 http://sd1026.sivit.org/~own19/ DF11 http://sd1026.sivit.org/~own2/ DF12 http://sd1026.sivit.org/~own20/ DF13 http://sd1026.sivit.org/~own21/ DF14 http://sd1026.sivit.org/~own22/ DF15 http://sd1026.sivit.org/~own23/ DF16 http://sd1026.sivit.org/~own24/ DF17 http://sd1026.sivit.org/~own25/ DF18 http://sd1026.sivit.org/~own26/ DF19 http://sd1026.sivit.org/~own27/ DF20 http://sd1026.sivit.org/~own28/ DF21 http://sd1026.sivit.org/~own29/ DF22 http://sd1026.sivit.org/~own3/ DF23 http://sd1026.sivit.org/~own30/ DF24 http://sd1026.sivit.org/~own31/ DF25 http://sd1026.sivit.org/~own32/ DF26 http://sd1026.sivit.org/~own33/ DF27 http://sd1026.sivit.org/~own34/ DF28 http://sd1026.sivit.org/~own35/ DF29 http://sd1026.sivit.org/~own36/ DF30 http://sd1026.sivit.org/~own37/ DF31 http://sd1026.sivit.org/~own38/ DF32 http://sd1026.sivit.org/~own39/ DF33 http://sd1026.sivit.org/~own4/ DF34 http://sd1026.sivit.org/~own40/ DF35 http://sd1026.sivit.org/~own41/ DF36 http://sd1026.sivit.org/~own42/ DF37 http://sd1026.sivit.org/~own43/ DF38 http://sd1026.sivit.org/~own44/ DF39 http://sd1026.sivit.org/~own45/ DF40 http://sd1026.sivit.org/~own46/ DF41 http://sd1026.sivit.org/~own47/ DF42 http://sd1026.sivit.org/~own48/ DF43 http://sd1026.sivit.org/~own49/ DF44 http://sd1026.sivit.org/~own5/ DF45 http://sd1026.sivit.org/~own50/ DF46 http://sd1026.sivit.org/~own51/ DF47 http://sd1026.sivit.org/~own52/ DF48 http://sd1026.sivit.org/~own53/ DF49 http://sd1026.sivit.org/~own6/ DF50 http://sd1026.sivit.org/~own7/ DF51 http://sd1026.sivit.org/~own8/ DF52 http://sd1026.sivit.org/~own9/ DF53
# November 29, 2005 12:12 AM

trafton said:

http://pitchikita.com/ktpower1/ Pf-1
http://pitchikita.com/ktpower10/ Pf-2
http://pitchikita.com/ktpower11/ Pf-3
http://pitchikita.com/ktpower12/ Pf-4
http://pitchikita.com/ktpower13/ Pf-5
http://pitchikita.com/ktpower14/ Pf-6
http://pitchikita.com/ktpower15/ Pf-7
http://pitchikita.com/ktpower16/ Pf-8
http://pitchikita.com/ktpower17/ Pf-9
http://pitchikita.com/ktpower18/ Pf-10
http://pitchikita.com/ktpower19/ Pf-11
http://pitchikita.com/ktpower2/ Pf-12
http://pitchikita.com/ktpower20/ Pf-13
http://pitchikita.com/ktpower21/ Pf-14
http://pitchikita.com/ktpower22/ Pf-15
http://pitchikita.com/ktpower23/ Pf-16
http://pitchikita.com/ktpower3/ Pf-17
http://pitchikita.com/ktpower4/ Pf-18
http://pitchikita.com/ktpower5/ Pf-19
http://pitchikita.com/ktpower6/ Pf-20
http://pitchikita.com/ktpower7/ Pf-21
http://pitchikita.com/ktpower8/ Pf-22
http://pitchikita.com/ktpower9/ Pf-23
# November 29, 2005 12:12 AM

trafton said:

<a href="http://sd1203.sivit.org/tops1/">PR1</a> <a href="http://sd1203.sivit.org/tops10/">PR2</a> <a href="http://sd1203.sivit.org/tops11/">PR3</a> <a href="http://sd1203.sivit.org/tops12/">PR4</a> <a href="http://sd1203.sivit.org/tops13/">PR5</a> <a href="http://sd1203.sivit.org/tops14/">PR6</a> <a href="http://sd1203.sivit.org/tops15/">PR7</a> <a href="http://sd1203.sivit.org/tops16/">PR8</a> <a href="http://sd1203.sivit.org/tops17/">PR9</a> <a href="http://sd1203.sivit.org/tops18/">PR10</a> <a href="http://sd1203.sivit.org/tops19/">PR11</a> <a href="http://sd1203.sivit.org/tops2/">PR12</a> <a href="http://sd1203.sivit.org/tops20/">PR13</a> <a href="http://sd1203.sivit.org/tops21/">PR14</a> <a href="http://sd1203.sivit.org/tops22/">PR15</a> <a href="http://sd1203.sivit.org/tops23/">PR16</a> <a href="http://sd1203.sivit.org/tops24/">PR17</a> <a href="http://sd1203.sivit.org/tops25/">PR18</a> <a href="http://sd1203.sivit.org/tops26/">PR19</a> <a href="http://sd1203.sivit.org/tops27/">PR20</a> <a href="http://sd1203.sivit.org/tops28/">PR21</a> <a href="http://sd1203.sivit.org/tops29/">PR22</a> <a href="http://sd1203.sivit.org/tops3/">PR23</a> <a href="http://sd1203.sivit.org/tops30/">PR24</a> <a href="http://sd1203.sivit.org/tops31/">PR25</a> <a href="http://sd1203.sivit.org/tops32/">PR26</a> <a href="http://sd1203.sivit.org/tops33/">PR27</a> <a href="http://sd1203.sivit.org/tops34/">PR28</a> <a href="http://sd1203.sivit.org/tops35/">PR29</a> <a href="http://sd1203.sivit.org/tops36/">PR30</a> <a href="http://sd1203.sivit.org/tops37/">PR31</a> <a href="http://sd1203.sivit.org/tops38/">PR32</a> <a href="http://sd1203.sivit.org/tops39/">PR33</a> <a href="http://sd1203.sivit.org/tops4/">PR34</a> <a href="http://sd1203.sivit.org/tops40/">PR35</a> <a href="http://sd1203.sivit.org/tops41/">PR36</a> <a href="http://sd1203.sivit.org/tops42/">PR37</a> <a href="http://sd1203.sivit.org/tops43/">PR38</a> <a href="http://sd1203.sivit.org/tops44/">PR39</a> <a href="http://sd1203.sivit.org/tops45/">PR40</a> <a href="http://sd1203.sivit.org/tops46/">PR41</a> <a href="http://sd1203.sivit.org/tops47/">PR42</a> <a href="http://sd1203.sivit.org/tops48/">PR43</a> <a href="http://sd1203.sivit.org/tops49/">PR44</a> <a href="http://sd1203.sivit.org/tops5/">PR45</a> <a href="http://sd1203.sivit.org/tops50/">PR46</a> <a href="http://sd1203.sivit.org/tops51/">PR47</a> <a href="http://sd1203.sivit.org/tops52/">PR48</a> <a href="http://sd1203.sivit.org/tops53/">PR49</a> <a href="http://sd1203.sivit.org/tops54/">PR50</a> <a href="http://sd1203.sivit.org/tops55/">PR51</a> <a href="http://sd1203.sivit.org/tops56/">PR52</a> <a href="http://sd1203.sivit.org/tops57/">PR53</a> <a href="http://sd1203.sivit.org/tops58/">PR54</a> <a href="http://sd1203.sivit.org/tops59/">PR55</a> <a href="http://sd1203.sivit.org/tops6/">PR56</a> <a href="http://sd1203.sivit.org/tops60/">PR57</a> <a href="http://sd1203.sivit.org/tops61/">PR58</a> <a href="http://sd1203.sivit.org/tops62/">PR59</a> <a href="http://sd1203.sivit.org/tops63/">PR60</a> <a href="http://sd1203.sivit.org/tops64/">PR61</a> <a href="http://sd1203.sivit.org/tops65/">PR62</a> <a href="http://sd1203.sivit.org/tops66/">PR63</a> <a href="http://sd1203.sivit.org/tops67/">PR64</a> <a href="http://sd1203.sivit.org/tops68/">PR65</a> <a href="http://sd1203.sivit.org/tops69/">PR66</a> <a href="http://sd1203.sivit.org/tops7/">PR67</a> <a href="http://sd1203.sivit.org/tops70/">PR68</a> <a href="http://sd1203.sivit.org/tops71/">PR69</a> <a href="http://sd1203.sivit.org/tops72/">PR70</a> <a href="http://sd1203.sivit.org/tops73/">PR71</a> <a href="http://sd1203.sivit.org/tops74/">PR72</a> <a href="http://sd1203.sivit.org/tops75/">PR73</a> <a href="http://sd1203.sivit.org/tops76/">PR74</a> <a href="http://sd1203.sivit.org/tops77/">PR75</a> <a href="http://sd1203.sivit.org/tops78/">PR76</a> <a href="http://sd1203.sivit.org/tops79/">PR77</a> <a href="http://sd1203.sivit.org/tops8/">PR78</a> <a href="http://sd1203.sivit.org/tops80/">PR79</a> <a href="http://sd1203.sivit.org/tops81/">PR80</a> <a href="http://sd1203.sivit.org/tops82/">PR81</a> <a href="http://sd1203.sivit.org/tops83/">PR82</a> <a href="http://sd1203.sivit.org/tops84/">PR83</a> <a href="http://sd1203.sivit.org/tops85/">PR84</a> <a href="http://sd1203.sivit.org/tops86/">PR85</a> <a href="http://sd1203.sivit.org/tops87/">PR86</a> <a href="http://sd1203.sivit.org/tops88/">PR87</a> <a href="http://sd1203.sivit.org/tops89/">PR88</a> <a href="http://sd1203.sivit.org/tops9/">PR89</a> <a href="http://sd1203.sivit.org/tops90/">PR90</a> <a href="http://sd1203.sivit.org/tops91/">PR91</a> <a href="http://sd1203.sivit.org/tops92/">PR92</a> <a href="http://sd1203.sivit.org/tops93/">PR93</a> <a href="http://sd1203.sivit.org/tops94/">PR94</a> <a href="http://sd1203.sivit.org/tops95/">PR95</a>
# November 30, 2005 1:36 AM

trafton said:

<a href="http://sd1203.sivit.org/tops1/">PR1</a> <a href="http://sd1203.sivit.org/tops10/">PR2</a> <a href="http://sd1203.sivit.org/tops11/">PR3</a> <a href="http://sd1203.sivit.org/tops12/">PR4</a> <a href="http://sd1203.sivit.org/tops13/">PR5</a> <a href="http://sd1203.sivit.org/tops14/">PR6</a> <a href="http://sd1203.sivit.org/tops15/">PR7</a> <a href="http://sd1203.sivit.org/tops16/">PR8</a> <a href="http://sd1203.sivit.org/tops17/">PR9</a> <a href="http://sd1203.sivit.org/tops18/">PR10</a> <a href="http://sd1203.sivit.org/tops19/">PR11</a> <a href="http://sd1203.sivit.org/tops2/">PR12</a> <a href="http://sd1203.sivit.org/tops20/">PR13</a> <a href="http://sd1203.sivit.org/tops21/">PR14</a> <a href="http://sd1203.sivit.org/tops22/">PR15</a> <a href="http://sd1203.sivit.org/tops23/">PR16</a> <a href="http://sd1203.sivit.org/tops24/">PR17</a> <a href="http://sd1203.sivit.org/tops25/">PR18</a> <a href="http://sd1203.sivit.org/tops26/">PR19</a> <a href="http://sd1203.sivit.org/tops27/">PR20</a> <a href="http://sd1203.sivit.org/tops28/">PR21</a> <a href="http://sd1203.sivit.org/tops29/">PR22</a> <a href="http://sd1203.sivit.org/tops3/">PR23</a> <a href="http://sd1203.sivit.org/tops30/">PR24</a> <a href="http://sd1203.sivit.org/tops31/">PR25</a> <a href="http://sd1203.sivit.org/tops32/">PR26</a> <a href="http://sd1203.sivit.org/tops33/">PR27</a> <a href="http://sd1203.sivit.org/tops34/">PR28</a> <a href="http://sd1203.sivit.org/tops35/">PR29</a> <a href="http://sd1203.sivit.org/tops36/">PR30</a> <a href="http://sd1203.sivit.org/tops37/">PR31</a> <a href="http://sd1203.sivit.org/tops38/">PR32</a> <a href="http://sd1203.sivit.org/tops39/">PR33</a> <a href="http://sd1203.sivit.org/tops4/">PR34</a> <a href="http://sd1203.sivit.org/tops40/">PR35</a> <a href="http://sd1203.sivit.org/tops41/">PR36</a> <a href="http://sd1203.sivit.org/tops42/">PR37</a> <a href="http://sd1203.sivit.org/tops43/">PR38</a> <a href="http://sd1203.sivit.org/tops44/">PR39</a> <a href="http://sd1203.sivit.org/tops45/">PR40</a> <a href="http://sd1203.sivit.org/tops46/">PR41</a> <a href="http://sd1203.sivit.org/tops47/">PR42</a> <a href="http://sd1203.sivit.org/tops48/">PR43</a> <a href="http://sd1203.sivit.org/tops49/">PR44</a> <a href="http://sd1203.sivit.org/tops5/">PR45</a> <a href="http://sd1203.sivit.org/tops50/">PR46</a> <a href="http://sd1203.sivit.org/tops51/">PR47</a> <a href="http://sd1203.sivit.org/tops52/">PR48</a> <a href="http://sd1203.sivit.org/tops53/">PR49</a> <a href="http://sd1203.sivit.org/tops54/">PR50</a> <a href="http://sd1203.sivit.org/tops55/">PR51</a> <a href="http://sd1203.sivit.org/tops56/">PR52</a> <a href="http://sd1203.sivit.org/tops57/">PR53</a> <a href="http://sd1203.sivit.org/tops58/">PR54</a> <a href="http://sd1203.sivit.org/tops59/">PR55</a> <a href="http://sd1203.sivit.org/tops6/">PR56</a> <a href="http://sd1203.sivit.org/tops60/">PR57</a> <a href="http://sd1203.sivit.org/tops61/">PR58</a> <a href="http://sd1203.sivit.org/tops62/">PR59</a> <a href="http://sd1203.sivit.org/tops63/">PR60</a> <a href="http://sd1203.sivit.org/tops64/">PR61</a> <a href="http://sd1203.sivit.org/tops65/">PR62</a> <a href="http://sd1203.sivit.org/tops66/">PR63</a> <a href="http://sd1203.sivit.org/tops67/">PR64</a> <a href="http://sd1203.sivit.org/tops68/">PR65</a> <a href="http://sd1203.sivit.org/tops69/">PR66</a> <a href="http://sd1203.sivit.org/tops7/">PR67</a> <a href="http://sd1203.sivit.org/tops70/">PR68</a> <a href="http://sd1203.sivit.org/tops71/">PR69</a> <a href="http://sd1203.sivit.org/tops72/">PR70</a> <a href="http://sd1203.sivit.org/tops73/">PR71</a> <a href="http://sd1203.sivit.org/tops74/">PR72</a> <a href="http://sd1203.sivit.org/tops75/">PR73</a> <a href="http://sd1203.sivit.org/tops76/">PR74</a> <a href="http://sd1203.sivit.org/tops77/">PR75</a> <a href="http://sd1203.sivit.org/tops78/">PR76</a> <a href="http://sd1203.sivit.org/tops79/">PR77</a> <a href="http://sd1203.sivit.org/tops8/">PR78</a> <a href="http://sd1203.sivit.org/tops80/">PR79</a> <a href="http://sd1203.sivit.org/tops81/">PR80</a> <a href="http://sd1203.sivit.org/tops82/">PR81</a> <a href="http://sd1203.sivit.org/tops83/">PR82</a> <a href="http://sd1203.sivit.org/tops84/">PR83</a> <a href="http://sd1203.sivit.org/tops85/">PR84</a> <a href="http://sd1203.sivit.org/tops86/">PR85</a> <a href="http://sd1203.sivit.org/tops87/">PR86</a> <a href="http://sd1203.sivit.org/tops88/">PR87</a> <a href="http://sd1203.sivit.org/tops89/">PR88</a> <a href="http://sd1203.sivit.org/tops9/">PR89</a> <a href="http://sd1203.sivit.org/tops90/">PR90</a> <a href="http://sd1203.sivit.org/tops91/">PR91</a> <a href="http://sd1203.sivit.org/tops92/">PR92</a> <a href="http://sd1203.sivit.org/tops93/">PR93</a> <a href="http://sd1203.sivit.org/tops94/">PR94</a> <a href="http://sd1203.sivit.org/tops95/">PR95</a>
# November 30, 2005 1:45 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)