Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: 2006 Alerts - Q1

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Macromedia Flash Player vuln - "Critical" update

    FYI...

    APSB06-03 Flash Player Update to Address Security Vulnerabilities
    - http://www.macromedia.com/devnet/sec...apsb06-03.html
    Originally posted: March 14, 2006
    "Summary:
    Critical vulnerabilities have been identified in Flash Player that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.
    Solution:
    Adobe recommends all Flash Player 8.0.22.0 and earlier users upgrade to the new version 8.0.24.0, which can be downloaded from the Player Download Center*..."

    * http://www.macromedia.com/shockwave/...ShockwaveFlash
    Version: 8,0,24,0...
    Date Posted: 3/14/2006...

    Affected Software Versions
    Flash Player versions 8.0.22.0 and earlier...
    To verify the Flash Player version number, access the About Flash Player page, or right-click on Flash content and select About Macromedia Flash Player from the menu. If you use multiple browsers, perform the check, and the installation for each browser.

    Shockwave Player version 10.1.0.11 and earlier
    http://www.macromedia.com/shockwave/welcome/
    ("You must have 'Administrator priviliges' to install...")

    Severity Rating
    Adobe categorizes this as a critical update and recommends affected users update to Flash Player 8.0.24.0..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Apple Updates the Update - Apple 2006-002 v1.1

    FYI...

    Apple Updates the Update
    - http://isc.sans.org/diary.php?storyid=1196
    Last Updated: 2006-03-17 05:03:56 UTC
    "Today, Apple release Version 1.1 of its 2006-002 patch which was released on Monday.
    Read more about it here: Apple 2006-002 v1.1*
    This time, Apple only lists the patched components (php, CoreTypes, LaunchServices, Mail, rsync, Safari).
    The update includes all the fixes released in the initial Apple 2006-002 an -001 patch...
    'Would be nice to have a few more details from Apple. For home users: Apply the patch as soon as you can. At this point, Apple does not appear to offer the patches in distinct packages, which will make testing in larger environments tricky..."

    Security Update 2006-002 v1.1 Mac OS X 10.4.5 (PPC)
    * http://www.apple.com/support/downloa...sx1045ppc.html

    :(
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Norton update kicks AOL users offline

    FYI...

    - http://news.com.com/2102-1002_3-6050...=st.util.print
    Mar 16, 2006
    "An incorrect update to Symantec's Norton security software on Wednesday blocked Internet access for some America Online users. The issue affected AOL customers using recent editions of Norton AntiVirus and Norton Internet Security, Symantec said in a statement sent via e-mail on Thursday. The culprit was an update to intrusion prevention software that is part of the security software, the company said. "This update incorrectly detected traffic patterns used as part of the AOL connection as a potential risk," Symantec said in the statement. AOL has about 20 million Internet service subscribers. As a result of the incorrect update, AOL dial-up customers lost their connection and AOL broadband users were unable to access AOL servers, Symantec said. The erroneous update was removed from Symantec's servers about seven hours after it was released, and a corrected version was posted, the company said... Norton users who are experiencing problems can contact Symantec customer service at 1-800-927-3991 at no cost or read more on the issue at the company's Web site*. Symantec advises users who are unable to go online because of the issue to disable their Norton software, connect to the Internet and immediately download updated definition files."

    * http://service1.symantec.com/SUPPORT...13?Open&src=_w
    Document ID:2006031520164313
    Last Modified:03/17/2006

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation From Russia with Rootkit

    FYI...

    - http://www.f-secure.com/weblog/archi....html#00000838
    March 22, 2006
    "Yesterday we received an interesting email-worm sample, detected as Gurong.a, that uses rootkit techniques to hide its file, process and launch point in the registry. It is based on the infamous Mydoom code and it is in the wild but currently spreading very slowly... Gurong.a modifies the operating system kernel, specifically the system service table and process object structures, so it is a kernel-mode rootkit. What makes it different from other kernel-mode rootkits we have seen is the way it installs the rootkit payload into kernel... F-Secure BlackLight* is able to find and disable Gurong.a..."

    * http://www.f-secure.com/blacklight/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation RealPlayer Multiple Vulns - updates available

    FYI...

    - http://isc.sans.org/diary.php?storyid=1211
    Last Updated: 2006-03-23 13:14:13 UTC
    "There are three vulnerabilities in RealPlayer and associated products that allow from remote code execution and patches have been released to remediate the problems. The vulnerabilities are with boundary errors caused by certain SWF, MBC or specially crafted webpages that can lead to buffer overflows. The latest version of RealPlayer is not affected and users should upgrade immediately. The advisory can be read here*... The matrix of vulnerable products can be seen here**..."

    * http://secunia.com/advisories/19358/
    Release Date: 2006-03-23
    Critical: Highly critical

    ** http://service.real.com/realplayer/s...006_player/en/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Question Browser certificate "compatibility"

    FYI...

    How a 'Catch-22' Turns into a 'Shame on You'
    - http://isc.sans.org/diary.php?storyid=1230
    Last Updated: 2006-03-31 16:27:44 UTC
    "We received a submission yesterday from a user who was complaining about a Catch-22 that Microsoft had set up. Microsoft Security Advisory (917077) addresses a vulnerability in Internet Explorer and how it handles HTML objects. The workaround is to change the security setting for ActiveScripting, to either disable it completely or to set it to prompt the user before running each script. On the advisory's web page, there is a link to this feedback page. The potential issue here is that the feedback page is using ActiveScripting. Oops ;-)
    Now its not actually that bad for two reasons. First, if you have changed your ActiveScripting setting to "Prompt", you can enable the scripts for this page. Second, even if you have disabled ActiveScripting or choose to not allow it for this page, you will see the error message about needing JavaScript for this page and a link to a page with a non-JavaScript form and you will be redirected to the non-JavaScript page. So while this may be a little annoying, its not a total show stopper...
    So why is this bad? Microsoft is using an internal CA to issue the SSL certificate for their web site. Only folks using Internet Explorer to view the page will not get complaints about the certificate. Anyone using any other browser will get an alert. Now since this page deals with security (specifically web browser) security, it is counterproductive to the mindset we are trying to train people to have to use an SSL certificate that they can't verify. If folks just think to them self "Hey this came from Microsoft's security folks, it should be ok" it sets up reinforcement of ignoring SSL certificate errors. The solution is for Microsoft to either use a certificate from a publicly trusted CA or to have their CA certificates included in other browsers. Since there are so many alternative browsers, using a publicly trusted CA is probably the best option. You can export the Microsoft CA certificates from Internet Explorer and import them into Firefox (or another browser) and then you will not see the popup about the server's SSL certificate not being verified."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •