eWeek: From Melissa to Zotob
…the latest Zotob attacks prove, the time to exploit an unpatched flaw has narrowed significantly since the launch of Windows 95 10 years ago.
(via MacSurfer)
FrSIRT Advisories: Microsoft Internet Explorer “Msdds.dll” Remote Code Execution / Exploit
A critical vulnerability was identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands. This issue is due to a memory corruption error when instantiating the “Msdds.dll” (Microsoft Design Tools Diagram Surface) object as an ActiveX control, which could be exploited by an attacker to take complete control of an affected system via a specially crafted Web page.
This vulnerability has been confirmed on Windows XP SP2 with Microsoft Internet Explorer 6 SP2 and Microsoft Office 2002 (fully patched).
Note : The “Msdds.dll” library is installed with Microsoft Office and Microsoft Visual Studio.
Update: 18 Aug:
Apparently only DLL Version 7.0.9064.9112 is vulnerable, in Office 2002 and Visual Studio 2002. Heise reports that a kill-bit needs to be set in the registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\
The key {EC444CB6-3E7E-4865-B1C3-0DE72EF39B3F} needs to be set to: “Compatibility Flags”=dword:00000400
See Jan Berend Wever’s COM objects and MSIE vulnerabilities recap + additional fix
And then there’s ZOTOB and The battle of Plug&Play worms!
(via Heise Online)
TechWeb says RSS To Carry Spyware Before Year’s Out
By the end of the year, spyware programs will have tripled in number, put Firefox in their sights, and have turned to RSS to distribute its key loggers and ad spawners, a security expert said Friday.
(via digg/security)
Winn Schwartau of Network World, Security Research Center:
This is my first column written on a Mac - ever. Maybe I should have done it a long time ago, but I never said I was smart, just obstinate. I was a PC bigot.
But now, I’ve had it. I’m mad as hell and I’m not going to take it anymore.
In the coming weeks I’m going to keep a diary of an experiment my company began at 6 p.m. April 29, 2005 - an experiment predicated on the hypothesis that the WinTel platform represents the greatest violation of the basic tenets of information security and has become a national economic security risk. I do not say this lightly, and I have never been a Microsoft basher, either. I never criticize a company without a fair bit of explanation, justification and supportive evidence.
(via MacSurfer)
Mark Burnett of SecurityFocus: Security for the Paranoid
Are extreme security measures acting on false threats that don’t really exist?… I call it meticulous precaution
(via Slashdot)
The OSI News Weblog: Apple is Depending on Open Source for Security
Apple has stated that they are depending on Open Source to spare OS X the security woes plagued by Microsoft.
Bertrand Serlet, senior vice president of software at Apple, said Wednesday that having a greater number of people keeping an eye on source code leads to better software security.
an overview of recent Unix and open source security advisories. In this column, we look at problems in the Linux kernel, Telnet, sharutils, Ethereal, Midnight Commander, mpg321, OpenMosixView, cdrecord, ImageMagick, and grip.
(via digg/security)
Heads-Up: A few days ago MacInTouch reported on the SecurityFocus BugTraq advisory: OSX Root Compromise, wherein a number measures were detailed involving changes to the sudoers file, redirecting sudo’s logging and altering the sudo password grace period.
Now, in a follow-up post it would appear that there’s significant doubt about the wisdom of the proposed fix.
[Paul MLambert]… the bugtraq posting are incorrect and wrong. Following the instructions for changing the sudoers file will cause sudo entries to overwrite other log entries in /var/log/secure.log. This could easily be used by an attacker to mask actual intrusion attempts. Clearly the author of the report is not familiar with basic security principles, and publishing such reports without careful review is dangerous.
Heads-Up:
Secunia - Advisories: Moderately critical. Critical Level 3 of 5
(Hat tip to Scoble’s Link Blog)
Heads-up
The German tech magazine c’t has an important article in this regard:
How ATA security functions jeopardize your data
What if an unauthorized party were to lock a hard disk with a password? And what if that party was a virus? Then a set of simple tools won’t suffice to give you access to your data. The options would be to throw the disk away - or place it in the hands of someone who specializes in retrieving data.
(…)
In light of the current state of affairs the ATA Security Feature Set is not much of a security boon, more like a security hole with a fairly large loop that needs to be closed through BIOS updates as soon as possible.
Dozens of blogs hosted by Google Inc.’s Blogger service can install programs that are widely considered to be spyware and adware onto visitors’ computers, warn users and spyware researchers. In many cases, users are discovering the offending sites as they browse among blogs through Blogger’s navigation bar.
Ben Edelman has documented the problem.
Now what was that about not doing evil again?
(via Comments (1) Filed under: Weblogs, Net Stuff, Security
Heads Up: NetSec Security Operations Center has the low-down:
Remote users may be able to view arbitrary file data, including the source code of server side documents, such as PHP JSP documents. This data may contain sensitive information such as database usernames and passwords and/or disclose vulnerabilities to an attacker which can then be leveraged to further attack the respective web application.
(via MacSurfer)
More a privacy issue, I guess, but nonetheless:
Heads Up: RedTeam advisory
Images created by digital cameras and later cropped or otherwise modified by applications like Adobe Photoshop often contain an unmodified Version of the Image in the embedded thumbnail image. This can result in information disclosure.
(via Heise online)
Heads Up: Guninski Advisory Fun with the linux kernel (2.6)
there is heap overflow in /proc in at least 2.6.10 and 2.6.11rc1-bk6 (
have not tested 2.4) on i386.
(via Heise online)
Heads Up: PGP Corporation advisory
Today, cryptographers Serge Mister and Robert Zuccherato from Entrust released a paper outlining an attack on the way OpenPGP does symmetric cryptography.
(via Heise online)
Update: 16 Feb. 05: SHA-1 broken
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Sep | ||||||
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
Latest Spurls
Latest Jots
Latest Diggs
Tasty Links
This weblog is licensed under a