Feeds/Security

From S23Wiki

Feeds / Security

 This page auto-includes content from external RSS newsfeeds. Therefore the content changes without wiki source being edited here.

Contents

[edit] Security Focus / Bugtraq

Vuln: MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
MySQL MyISAM Table Privileges Secuity Bypass Vulnerability [?]
Vuln: Oracle July 2008 Critical Patch Update Multiple Vulnerabilities
Oracle July 2008 Critical Patch Update Multiple Vulnerabilities [?]
Vuln: Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability
Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability [?]
Vuln: Aprox CMS Engine 'index.php' SQL Injection Vulnerability
Aprox CMS Engine 'index.php' SQL Injection Vulnerability [?]
Bugtraq: Oracle Database Local Untrusted Library Path Vulnerability
Oracle Database Local Untrusted Library Path Vulnerability [?]
Bugtraq: rPSA-2008-0231-1 bind bind-utils
rPSA-2008-0231-1 bind bind-utils [?]
Bugtraq: [security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
[security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning [?]
Bugtraq: RE: Windows Vista Power Management & Local Security Policy
RE: Windows Vista Power Management & Local Security Policy [?]
More rss feeds from SecurityFocus
News, Infocus, Columns, Vulnerabilities, Bugtraq ... [?]
78358530501915358946525

[edit] Security Focus / Security Basics

[edit] Full Disclosure


[edit] RUS-CERT

[edit] Computer Associates Security Advisor

Microsoft Windows DNS Server RPC interface remote code execution vulnerability
Microsoft Windows contains a vulnerability that can allow a remote attacker to execute arbitrary code. [?]
Microsoft Windows MsgBox remote code execution vulnerability
Microsoft Windows contains a vulnerability that can allow an attacker to execute arbitrary code and possibly take complete control of the affected system. [?]
Microsoft Windows Animated Cursor remote code execution vulnerability
Microsoft Windows contains a vulnerability that can allow an attacker to execute remote code. [?]
Microsoft UPnP HTTP Request arbitrary code execution vulnerability
Microsoft UPnP contains a vulnerability that can allow a remote attacker to execute arbitrary code. [?]
Microsoft Agent URL Parsing remote code execution vulnerability
Microsoft Agent contains a vulnerability that can allow a remote attacker to execute arbitrary code. [?]


[edit] Hack in the Box

Say goodbye to the computer mouse
It's nearly 40 years old but one leading research company says the days of the computer mouse are numbered. A Gartner analyst predicts the demise of the computer mouse in the next three to five years. Taking over will be so called gestural computer mechanisms like touch screens and facial recognition devices. "The mouse works fine in the desktop environment but for home entertainment or working on a notebook it's over," declared analyst Steve Prentice. He told BBC News that his prediction is driven by the efforts of consumer electronics firm which are making products with new interactive interfaces inspired by the world of gaming. [?]
Microsoft in talks over AOL merger
Microsoft is in discussions with Time Warner over how to combine Microsoft and AOL's online groups, The Wall Street Journal has claimed. A Thursday article in the newspaper in the US claimed there had been a meeting between the two companies in Seattle on Wednesday in the US. According to the newspaper's sources, Microsoft and Time Warner have been in "casual talks" for several months. The talks were linked to Microsoft's abortive attempts to buy Yahoo's search business, according to the newspaper. The article noted Microsoft's need to expand its reach on the Web, which is being stymied by the lack of large Web companies that are available to buy. [?]
Russia: Get computer-savvy or get out, Medvedev tells staff
The Russian president has warned that government officials who cannot use a computer could soon be out of a job. "They either should learn or, as they say, goodbye," Dmitry Medvedev said yesterday in a meeting with officials in Petrozavodsk, north-west Russia. "We don't hire people who can't read and write. Computer literacy today is the same." Since taking office in May, the 42-year-old has made it his mission to modernise Russia and fight pervasive corruption. He said yesterday that if the government carried out more of its work online, it would increase transparency and make corruption more difficult to hide. [?]
Trovalds: OpenBSD developers are a bunch of masturbating monkeys
Linux creator Linus Torvalds has labeled makers of the OpenBSD operating system a "bunch of masturbating monkeys," as part of a wider critique of what he said was self-centered behavior in the IT security industry. In an e-mail to the Linux kernel developer mailing list, Torvalds said a section of the security industry was dedicated to finding bugs in software only to publicize their findings and gain notoriety. The row erupted in the Gmane mailing list after a developer for the PaX Team, which patches the Linux kernel, accused Torvalds and other top Linux kernel developers of "covering up (the) security impact of bugs" by not clearly labeling them as security flaws. Torvalds wrote that disclosing the bug itself was enough, without having to label each individual security flaw. He added that taking the bugs to the "security circus" level only glorified the wrong kind of behavior. "It makes heroes out of security people, as if the people who...fix normal bugs aren't as important," wrote Torvalds. What was left behind for the developers were all the "boring" bugs, which Torvalds considered more important due to their volume. [?]
Sony Cuts Price on PlayStation 3, Axes Backwards Compatibility Too
Sony Computer Entertainment America has announced that starting from Fall ‘08 it would offer PlayStation 3 model with 80GB hard drive for the price of $399. Unfortunately for PlayStation fans, the new model may not be backwards compatible with games released for previous-generation platforms. Starting in September 2008, the newly announced PlayStation 3 80GB model will become the mainstay of the company’s hardware line-up. The 80GB model will retail for $399, and will offer all of the features and functionality of the 40GB model with double the storage to accommodate more movies, graphics, music, photos and other entertainment content. Unfortunately, this also means that the 80GB model will not be compatible with games for Sony PlayStation and PlayStation 2 video game consoles. It is unclear whether Sony plans to offer backwards compatible PlayStation 3 model going forward in the USA at $499 price-point. In fact, there is no backwards compatible PlayStation 3 models in Japan already. [?]
AMD’s Chief Executive Officer Hector Ruiz Steps Down
Advanced Micro Devices, the world’s second largest maker of x86 central processing units, on Thursday announced that its chief executive officer Hector Ruiz has stepped down from his top executive position and that the board of directors elected president and chief operating officer Derrick Meyer to become the next CEO of AMD. Mr. Ruiz will continue to serve as the executive chairman of the board. As executive chairman, Mr. Ruiz will ensure a smooth executive leadership transition, focus on driving the company’s asset smart strategy to completion, and assist with high-level government and strategic partner relations. [?]
Google 2Q letdown raises economic worries
Google Inc.'s earnings growth bogged down more than investors anticipated during the second quarter, raising worries that the ailing U.S. economy is starting to sap the Internet search leader. Although Google's management maintains the company will thrive even if the economy weakens further, the results released Thursday caused Google shares to plunge more than 7 percent. Investors were largely reacting to indications that Google is fretting about the economic climate for the first time since it went public nearly four years ago. The red flags included a dramatic slowdown in the company's hiring pace and Google Chairman Eric Schmidt's description of the economy as "challenging." Google's chief economist, Hal Varian, even participated in the company's conference call for the first time to discuss business conditions. [?]
Fraudulent calls leave library with $15,000 phone bill
Prior to the town switching over to a new phone service provider, fraudulent calls in excess of $15,000 were made internationally from the phone system at the Duxbury Free Library. Department of public works office manager Chris Smythe has been investigating the fraudulent calls for three months. The calls, which occurred from Feb. 7 to 19 and again on March 19, placed calls to India, the Philippines and Jordan, including a 37-hour call to the Philippines racking up more than $7,000. The fraudulent activity was discovered when library patrons attempted to reach the circulation desk at the library and were redirected to India. When the calls were reported, Library Director Elaine Winquist contacted CranCom, the library’s phone service provider at the time, who came out and checked all the phones and changed all the main phone system passwords, Smythe said. [?]
Mozilla Fixes Firefox Flaw, But Needs New Security Practices
As we reported on WebWorkerDaily yesterday, Mozilla has issued critical security advisories that affect several of its products, including versions of Firefox, Thunderbird, and SeaMonkey. Late yesterday, Mozilla released a new version 3.0.1 of Firefox that patches security flaws, and you can download it now. You can also get the new version, if you have Firefox 3 running, by clicking on the Check for Updates option on the browser's Help menu. What's still due from Mozilla, in terms of fixes, and what's missing from the security practices the company followed here? As of Thursday morning, Mozilla's Thunderbird e-mail application is still downloadable only in version 2.0.0.14. As Mozilla's security advisory states, a new version 2.0.0.16 fixes security flaws, but it is not available yet, and Mozilla has not posted anything about when it will be available. Mozilla suggests disabling JavaScript as a workaround in the meantime (JavaScript is not typically enabled in mail). [?]
Listen to the 2600 hacker conference
The Last HOPE, a hacker conference organized by 2600, starts tomorrow, Friday July 18th in New York City. If you can't be there, you can listen online. Radio station W2H (according to Bernie S., those are real, albeit temporary, call letters) will be broadcasting from radio.hope.net. Also known as Radio Statler, (the hotel hosting the conference used to be called the Statler) the station will be live from 10AM ET Friday until the close of the conference at 8PM on Sunday July 20th. There isn't a published schedule, most likely, because there isn't an unpublished one either. Plans are to stream the keynote presentations and other popular seminars, interview some of the speakers, carry reports from roving reporters and talk to some of the attendees. Hackers with their own podcasts are also invited to contribute. With a project manager named "LexIcon" and and a chief engineer who goes by "nikgod", it should be interesting. I'll be there, maybe they'll even have a few minutes to talk to me. [?]
12 ways to visualize network security
Remember the old M&M analogy - security is like an M&M candy, hard shell on the outside, soft on the inside. In other words, put up firewalls, built a strong perimeter and you're good to go. Of course, nobody believes that M&M-type security is sufficient in today's world of insider threats, data leakage, mobile workers, thumb drives and sophisticated malware. So, what's the new metaphor? We asked around and came up with a number of interesting and useful ways to think about enterprise security. [?]
Facebook privacy breach exposed users' hidden dates of birth
Sophos, a world leader in IT security and control, has warned computer users that Facebook accidentally publicly revealed personal information about its members, which could be useful to identity thieves. Earlier this week, the full dates of birth of many of Facebook's 80 million active users were visible to others, even if the individual member had requested that the information remained confidential. According to Graham Cluley, senior technology consultant at Sophos, a security slip-up by the website during the process of a public beta test of its new design for members' profiles left birth date information exposed. "I was shocked to see people's full date of birth revealed, even though I knew they had their privacy set up correctly to supposedly hide the information," said Cluley. "It's essential that users of social networks should have confidence that their privacy will be protected - and it's especially important with information like your date of birth, which can be a golden nugget for a committed identity thief." [?]
Engineer accused of network tampering
A city computer engineer accused of tampering with San Francisco's new computer network to give himself exclusive access was ordered held on $5 million bail. City officials accused Department of Technology employee Terry Childs of taking over the new FiberWAN (Wide Area Network) by creating a secret password for his own use. The multi-million-dollar computer network stores records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail bookings. Childs, 43, was scheduled to be arraigned Thursday. He was arrested Sunday and held on suspicion of four counts of computer tampering. He did not enter a plea at a court appearance Tuesday. [?]
Barclays claims zero online fraud
Barclays Bank has claimed zero fraud among its online customers thanks to the use of two-factor authentication technology. The bank has equipped one million customers with the PINsentry card readers, which provide automatically generated one-time passcodes, to use in conjunction with the password that users already know. Deployment of the devices began in July 2007 and the bank said that not one online customer using the Gemalto-provided system has suffered fraud since. Barclays also said that customer uptake of the devices was higher than expected and exceeds 30 per cent. [?]
eBay Gets Revenue Boost from Paypal, Skype
Internet giant eBay on Wednesday announced its second-quarter revenue rose 22 percent on increases in auctioned listings at the site and the growth of Paypal and Skype. Paypal, the online payment unit of eBay, increased its revenue by 33 percent while total payments grew 35 percent. Skype, the eBay-owned voice-over-IP company, showed a 51 percent increase in its revenues thanks to 29 million new registered users during the quarter, for a grand total of 338 million users. “This was a strong quarter and we are very pleased with the performance of the portfolio, particularly with the growth generated by PayPal,” eBay CEO John Donahoe said in the company’s press release. [?]
GMail flaw reveals people's real names
Another high-profile security concern in the news today, Google has been caught with its pants down regarding people who have registered accounts with them. Due to a bug (or perhaps “feature”?) inside Gmail, it is possible to retrieve someone's name that is attached to their Gmail account, whether or not you are befriended to them or sharing any content with them on the Google network. So, if your account name is something random or an alias of any sort, someone could still use a simple exploit to see what your “real name” is, or at least the name you supplied to Google. How to do it: - Go to the ’share this calendar’ tab - Enter the email address in the ‘person’ box - Click ‘add person’ and ’save’ - When you return to this screen you will see the first and last name along with the gmail address [?]
Oracle issues security fixes
Oracle has released a new security update consisting of 45 patches. The July security release includes fixes for 23 Oracle products and addresses issues which include remote code execution flaws. The company is recommending that administrators install the update as soon as possible. Among the applications which have received fixes for remote code flaws are Oracle's Times Ten server and client as well as its HTTP server offerings. The company also issued fixes for remote attack vulnerabilities in Internet Directory, Portal and Hyperion Bl plus. One of Oracle's latest acquisitions, BEA, was the recipient of seven of the security fixes. The company's WebLogic software received fixes for seven vulnerabilities, four of which could be remotely launched. [?]
Apple passes Acer to become third largest U.S. PC vendor
Macs garnered an 8.5 percent share of the U.S. PC market during the second quarter of the year, pushing Apple past Acer in the national rankings and into third place overall, according to preliminary data released Wednesday by market research firm Gartner. The Cupertino-based company saw Mac sales rise more than 38 percent to nearly 1.4 million units in the US during the three-month period ending June, making it the country's third largest PC manufacturer behind Dell and HP, who saw sales rise 11.9 percent and 5.6 percent to 5.25 million and 4.167 million units, respectively. Overall, Apple's share of the US PC market was up more than 2 percent compared to the same period last year. Total US PC shipments reached 16.5 million units in the second quarter of 2008, a 4.2 percent increase from the same period last year. [?]
Mozilla patches Firefox side of Safari 'carpet bomb' threat
Mozilla Corp. has patched a pair of critical vulnerabilities in Firefox, taking the unusual step of updating the older Version 2.0 on Tuesday but delaying the fixes for the newer Version 3.0 until Wednesday. Both updates, labeled Firefox 2.0.0.16 and Firefox 3.0.1, plug two holes rated "critical" by Mozilla, which uses a four-step threat ranking system. Firefox 2.0.0.16 was posted to Mozilla's servers Tuesday afternoon. Firefox 3.0.1, the first update since the open-source browser was upgraded almost a month ago, won't reach users until Wednesday at the earliest, according to notes from a Mozilla status meeting published online. [?]
The man who transformed internet security
Security researcher Dan Kaminsky still won't comment on the specific nature of a flaw within the Domain Name System, for fear criminal hackers might exploit it before the worldwide network of name servers worldwide and client systems that contact them can be updated. However, he did go public with some details on 8 July, 2008, backed by simultaneous patch releases from Microsoft, Cisco and others. There have been other multiparty patch releases, but never has there been one on such a massive scale. It took someone with the gravitas and reputation of Kaminsky to pull together the affected parties. What he and others he took into his confidence did over the past few months was not only responsible but extraordinary. The flaw Kaminsky discovered could allow criminal hackers to guess the transaction ID of any request to a DNS server for a particular domain, such as one used for a bank or an e-commerce site, and then re-direct that request to another site, a phishing site. It would do so silently, evading most anti-phishing technology because the change would be made, not at the desktop level, but at the DNS server itself. [?]
Beware critical BES security flaw
Research in Motion is warning corporate IT administrators that a serious security flaw in the BlackBerry Enterprise Server's (BES) BlackBerry Attachment Service could allow hackers to execute malicious code and hijack infrastructure. The vulnerability is ranked by RIM as a 9.0 on a scale of 0 to 10, with 10 representing the most critical flaws. IT departments using BES software version 4.1 Service Pack (SP) 3 through BES v4.1 SP5 are at risk, as are users of BlackBerry Unite! version 1.0 SP1 bundle 36 or earlier, according to RIM. BlackBerry Unite! is a service that lets users access shared files via BlackBerry. "A security vulnerability in the PDF distiller of the BlackBerry Attachment Service could enable a malicious individual to use a specially crafted PDF file attachment in an email message to cause arbitrary code to execute on the computer that the BlackBerry Attachment Service runs on. If a BlackBerry smartphone user on BlackBerry Unite! opens and views the specially crafted PDF file attachment on the BlackBerry smartphone; the arbitrary code execution could compromise the computer." [?]
Cybercrime gets busy getting organized
Cyber criminals are increasingly using sound business principles to increase profits from compromised machines, a Web security firm reported on Tuesday. After contacting a variety of illicit online operations dealing in financial data, researchers at security firm Finjan found that cybercriminals are organizing in hierarchies similar to mafia groups, which took their organizing principles from corporations. Each group has a boss that acts as an entrepreneur and an underboss that manages the command-and-control centers of the botnets and provides technical tools such as the Trojan horses. The people who actually commit the crimes -- the associates -- are arranged in several groups, or campaigns, under campaign managers, the company found. "Individual hackers operating independently or groups of hackers with common goals have been replaced by hierarchical cybercrime organizations where each cybercriminal has his own well-defined role and reward system," Finjan said in its Web Security Trends Report. [?]
Schneier, Team Hack 'Invisibility Cloak' for Files
It may not be possible after all to conceal the existence of a sensitive file on a machine. BT security expert Bruce Schneier and a group of researchers have hacked an ultra-paranoid feature in the TrueCrypt open-source disk encryption tool that lets users hide secret files from detection by attackers or others. This “deniability” feature is a sort of extreme file-protection function that first encrypts the file and then hides it within an encrypted area on the disk drive like an invisibility cloak. But Schneier, chief security technology officer with British Telecom and researchers from the University of Washington found that Microsoft Vista, Word, and Google Desktop each can blow the cover of files using this so-called “deniable file system” (DFS) feature. The researchers were able to get around DFS in versions 5.0 and below of TrueCrypt’s encryption-on-the-fly tool, and will present their findings on the hack at the Usenix HotSec ’08 summit next week in San Jose, Calif. [?]
Nigella Lawson hit by malware attack
Self-styled ‘domestic goddess’ Nigella Lawson may have exposed visitors to her web site to malware, after it was discovered that it had been compromised by hackers. The site was hit by a Structured Query Language (SQL) attack and malware, including a Trojan, was installed. The attack was made on July 14 and any visitors to her nigella.com domain may have picked up an infection if their browsers aren’t fully patched. Eldar Tuvey, chief executive of ScanSafe, which detected the attack, said “SQL injection attacks have become the most common form of website compromise, outpacing all other types of compromise by 212 per cent.” [?]
The next perfect IT storm
Cloud computing and SaaS are gaining real market traction, especially with the likes of Google and Amazon pouring so much resource into on-demand or utility computing. But what does this mean for the humble datacentre? IBRS analyst Dr Colin Boswell predicts heavy weather ahead. A perfect IT storm is looming, driven by merging category four storms such as Utility (or cloud) computing and the Red Shift growth in massive computing. The force of the storm will be exacerbated by rising energy costs and their impact on the datacentre energy budget. As a consequence, in a few years many mid to large organisations have at least all their non-differentiating applications running on remote shared SaaS-like sites. This will have a significant impact on the IT department and it’s CIO. The first use of the term ‘the perfect IT storm” was in the nineties when Y2K, ERP, the euro transition and the internet hype unleashed almost unconstrained energy in the IT world. We are now entering a phase where at least two major developments could create a new era of turbulence in IT. [?]

[edit] K-OTik Exploits

[edit] K-OTik Advisories

vulnerabilites
vulnerabilites [?]
Securite informatique
Securite informatique [?]

[edit] 2600

Off The Hook show for July 16, 2008
Off The Wall show for July 15, 2008
SUMMER ISSUE OF 2600 RELEASED
The Summer 2008 issue of 2600 is now out and is slowly infiltrating its way into subscriber mailboxes and bookstores around the world. If this fact fills you with frustration because you have yet to subscribe, you can solve that little problem very easily just by clicking here. [?]
SOME 2600 MEETINGS AFFECTED BY HOLIDAY THIS FRIDAY
This Friday is the day when most 2600 meetings will occur around the world. However, some may be postponed one week because of the July 4th holiday. If in doubt, check to see if your meeting has an official website where this might be mentioned. You can also contact the establishment where the meeting is held to see if they'll be closed. If not - or if you're unsure - it can't hurt to show up both this Friday and next Friday. A complete listing of meetings appears on our website. Meetings in countries other than the United States are completely unaffected by this. [?]
FINAL SCHEDULE FOR THE LAST HOPE RELEASED
We now have the entire schedule for The Last HOPE conference posted in a variety of formats. The talks span three full days using three tracks. In addition, there will be a special fourth track for unscheduled talks that people can sign up for at the conference. The rooms are labeled Hopper, Turing, Engressia, and Zuse. [?]
HOPE PREREGISTRATION ENDING FOR OVERSEAS ATTENDEES
June 30 is the last day for preregistration for The Last HOPE conference for all overseas attendees. As we can't guarantee that the price at the door will be the same as the price being offered now, we suggest people who are coming from overseas preregister for the conference ASAP so your tickets don't arrive after you've already left. [?]
FULL LIST OF TALKS FOR THE LAST HOPE RELEASED
The list of talks we've just come out with for this year's HOPE conference is unprecedented. There will be 100 talks in the three main tracks, more in the unscheduled track and various other locations throughout the huge conference space. The Last HOPE will take place from July 18 to 20, 2008 at the Hotel Pennsylvania in New York City. Full details on registration and participation can be found at http://www.hope.net. [?]
'THE BEST OF 2600' NOW AVAILABLE FOR PREORDER
As announced on "Off The Hook" on May 28, a long-awaited book ("The Best of 2600: A Hacker Odyssey") detailing the history of 2600 and including over 900 pages of material will be released this summer, just in time for the HOPE conference. [?]
SPECIAL "HOPE" RATE AT HOTEL PENN SOLD OUT - PLAN FOR ALTERNATIVES
The special HOPE discount rate for rooms at the Hotel Pennsylvania is now sold out -- if you want a room there, you'll have to book it at the normal rate, currently around $250 per night. You can do so either online or by calling +1 (212) 736-5000. You may (or may not) also be able to find better rates by dealing with travel agents, online hotel consolidators, and the like. [?]
ADDITIONAL SPEAKERS ANNOUNCED FOR LAST HOPE CONFERENCE
We are in full swing in the speaker selection and scheduling part of The Last HOPE. What follows is the next installment of our list of confirmed speakers and the presentations they will be giving at the conference. We have accepted many more and will be listing some of those in the next week. Since we've added a new track this year, we've been able to keep the submission process open rather late. But this will soon be coming to an end. June 15th is the absolute cutoff for speaker submissions. If you want to give a scheduled talk at The Last HOPE, you must submit it to speakers@hope.net by that date.

[edit] Microsoft Security

MS08-040 ? Important: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Bulletin Severity Rating:Important - This security update resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of an affected system. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights. [?]
MS08-039 ? Important: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client?s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client?s OWA session. [?]
MS08-038 ? Important: Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
Bulletin Severity Rating:Important - This security update resolves a publicly reported vulnerability in Windows Explorer that could allow remote code execution when a specially crafted saved-search file is opened and saved. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-037 ? Important: Vulnerabilities in DNS Could Allow Spoofing (953230)
Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker?s own systems. [?]
MS08-036 ? Important: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user?s system to become non-responsive and to require a restart to restore functionality. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests. [?]
MS08-035 ? Important: Vulnerability in Active Directory Could Allow Denial of Service (953235)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008. The vulnerability could be exploited to allow an attacker to cause a denial of service condition. On Windows XP Professional, Windows Server 2003, and Windows Server 2008, an attacker must have valid logon credentials to exploit this vulnerability. An attacker who successfully exploited this vulnerability could cause the system to stop responding or automatically restart. [?]
MS08-034 ? Important: Vulnerability in WINS Could Allow Elevation of Privilege (948745)
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in the Windows Internet Name Service (WINS) that could allow elevation of privilege. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. [?]
MS08-033 ? Critical: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-032 - Moderate: Cumulative Security Update of ActiveX Kill Bits (950760)
Bulletin Severity Rating:Moderate - This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer and has the Speech Recognition feature in Windows enabled. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This update also includes a kill bit for software produced by BackWeb. [?]
MS08-031 - Critical: Cumulative Security Update for Internet Explorer (950759)
Bulletin Severity Rating:Critical - This security update resolves one privately reported and one publicly disclosed vulnerability. The privately reported vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The publicly disclosed vulnerability could allow information disclosure if a user viewed a specially crafted Web page using Internet Explorer. [?]
MS08-030 ? Critical: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in the Bluetooth stack in Windows that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. [?]
MS08-029 ? Moderate: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
Bulletin Severity Rating:Moderate - This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker could exploit either of the vulnerabilities by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited this vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart. [?]
MS08-028 ? Important: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)
Bulletin Severity Rating:Critical - This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-027 ? Critical: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-026 ? Critical: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
Bulletin Severity Rating:Critical - This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-025 ? Important: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
Bulletin Severity Rating:Important - This important security update resolves a privately reported vulnerability in the Windows kernel. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. [?]
MS08-024 - Critical: Cumulative Security Update for Internet Explorer (947864)
Bulletin Severity Rating:Critical - This critical security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-023 - Critical: Security Update of ActiveX Kill Bits (948881)
Bulletin Severity Rating:Critical - This critical security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-022 ? Critical: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
Bulletin Severity Rating:Critical - This critical security update resolves a privately reported vulnerability in the VBScript and JScript scripting engines in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. [?]
MS08-021 ? Critical: Vulnerability in GDI Could Allow Remote Code Execution (948590)
Bulletin Severity Rating:Critical - This critical security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. [?]
MS08-020 ? Important: Vulnerability in DNS Client Could Allow Spoofing (945553)
Bulletin Severity Rating:Important - This important security update resolves a privately reported vulnerability. This spoofing vulnerability exists in Windows DNS clients and could allow an attacker to send specially crafted responses to DNS requests, thereby spoofing or redirecting Internet traffic from legitimate locations. [?]
MS08-019 ? Important: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)
Bulletin Severity Rating:Important - This security update resolves privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-018 ? Critical: Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Project that could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-017 - Critical: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
Bulletin Severity Rating:Critical - This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]
MS08-016 ? Critical: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)
Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. [?]

[edit] Security Tracker

[edit] IT Observer

[edit] TAO Security

Retrieved from "http://s23.org/wiki/Feeds/Security"
Personal tools