Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: 2006 Alerts - Q3

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Problems with Intel wireless drivers

    FYI...

    Problems with Intel wireless drivers
    - http://isc.sans.org/diary.php?storyid=1633
    Last Updated: 2006-08-24 07:10:38 UTC
    "...Intel initially issued a big file (100MB) that you had to download, but at least it upgraded everything on your machine, if it needed upgrades. After rebooting in the next few days I noticed that my machine is a bit slower then it was. A look at Task manager output, or excellent Process Explorer from Sysinternals showed that a process called S24EvMON.exe is using quite a bit of CPU... Dell... released their own version of drivers... Dell's drivers have the same problem... It looks that everyone with (at least) 2915ABG/2200BG wireless cards is affected. F-secure posted this in their weblog as well* ...
    UPDATE:
    The easiest way to start and stop these services (so you actually run them only when you really need them) is to create a batch file that will do this job for you (so you don't have to click manually on all 4 of them). You can use the sc start <service name> and sc stop <service name> commands to perform this for you...
    UPDATE 2:
    ..You can use the built-in Windows Wireless Zero Config service, in which case you only need to patch the driver for your wireless card, so you are not vulnerable. As the problem with CPU/memory leaks are in the management service, this is an effective workaround at least until the management service is fixed..."

    Working with the Intel Wi-Fi Drivers Again
    * http://www.f-secure.com/weblog/archi....html#00000954
    August 21, 2006
    "...We noticed that software (S24EvMON.exe) installed with the driver seems to be leaky. It's eating tons of file handles and tons of memory - and it continues to grow!... Intel's tech support has replied. They are aware of the issue and are currently at work on it. No official release date yet. We'll let you know."

    (Screenshots available at -both- URL's above.)


    =========================================

    - http://isc.sans.org/diary.php?storyid=1643
    Last Updated: 2006-08-26 18:16:44 UTC
    "Release Notes for the Intel(R) PRO/Wireless 3945ABG Network Connection update have been posted at Intel. The release notes* describe a number of bug fixes including Memory Utilization Increase issues... The download location for Intel® PROSet/Wireless Software version 10.5.0.1 is here**..."

    * http://downloadmirror.intel.com/df-s...G/relnotes.htm
    > "...Issues resolved in this release
    o Potential Memory Utilization Increase
    o Profiles Not Migrated When Upgrading from Previous Software Version
    o Potential Auto-Suspend Failure when using Microsoft Windows* 2000
    o Intermittent Authentication Failure with Cisco Access Point in Heavy Traffic Environment
    o Intermittent Failure to Load or Save a Roaming Profile..."

    ** http://support.intel.com/support/wir.../CS-010623.htm

    Last edited by AplusWebMaster; 2006-08-26 at 21:51. Reason: Fix released...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Java JRE "Unpatched JRE's installed..."

    FYI...

    - http://isc.sans.org/diary.php?storyid=1640
    Last Updated: 2006-08-26 02:21:06 UTC
    "...SUN says prior to version 5.0 Update 6, an application or an applet could specify the version of the JRE on which it would run. "This issue can occur in the following releases (for Solaris, Linux and Windows platforms):
    Java Plug-in included with J2SE 5.0 Update 5 and earlier, 1.4.x, 1.3.1, and 1.3.0_02 and later
    Java Web Start included with J2SE 5.0 Update 5 and earlier, and 1.4.2
    Java Web Start 1.2, 1.0.2, 1.0.1, and 1.0".
    * http://sunsolve.sun.com/search/print...=1-26-102557-1
    Date Released: 21-Aug-2006
    "Impact
    ...versions of Java Web Start and the Java Plug-in... may allow applets or applications to run with a specified version of the JRE that does not have the latest security fixes...
    Relief/Workaround
    ...use the latest JRE releases available from Sun and remove all symbolic links of earlier versions of Java Plug-in from the browser "plugins" directory...
    Note: Prior to 5.0 Update 6, an application could specify the version of the JRE on which it would run. With 5.0 Update 6 and later installed, unsigned Java Web Start applications that specify a version other than the latest installed will trigger a warning, requiring explicit user permission before the application will run. Signed Java Web Start applications are not affected..."
    Download at the following link:
    * http://java.sun.com/j2se/1.5.0/download.jsp

    (Latest is JRE 1_5_0_08. It is "Highly Recommended" that older versions be uninstalled)

    :(
    Last edited by AplusWebMaster; 2006-08-27 at 18:30.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy Non-McAfee anti-spyware blocked by McAfee

    How long before SpyBot S&D is "blocked" ?

    - http://www.spywareinfo.com/newslette...g29.php#mcafee
    August 29, 2006

    :(
    =========================
    - http://forums.mcafeehelp.com/viewtopic.php?t=89522
    Posted: Wed Aug 30, 2006 6:06 pm
    "Here are the version numbers for the core components:
    Security Center: 7.0.329
    Firewall: 8.0.203
    Privacy Service: 9.0.382
    Spam Killer: 8.0.239
    VirusScan: 11.0.213
    The patch will be delivered to everyone who has the new software installed as an automatic update. You can trigger the update by right-clicking on the McAfee icon and selecting "Updates" (or by hitting the Update button in the Security Center)...

    Issues addressed in the patch:
    ...- Several products that were previously marked as incompatible will no longer be flagged ..."

    (Includes the "other" anti-spyware product in question)

    Last edited by AplusWebMaster; 2006-09-01 at 05:05. Reason: Updated McAfee released...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #14
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Angry zCodec promises video, delivers adware

    FYI...

    - http://www.techworld.com/security/ne...fm?newsID=6781
    04 September 2006
    "Users looking for the latest and greatest video software may not just be in danger from media lawyers. Security firm Panda Software last week warned that zCodec, which claims to offer "up to 40 percent better (video) quality", is in fact an adware program that can install Trojans, rootkits and other malicious software... Panda's advisory* last week revealed that the 100KB file is in fact adware, which "downloads and runs files, changes the DNS configuration and monitors accesses to several adult websites". zCodec, formally known as Adware/ZCodec or Adware/EMediacodec, affects most versions of Windows and was first detected last week, Panda said. When run, the program alters the system's DNS configuration in order to divert traffic to DNS servers of its choice, a technique sometimes used as part of a phishing scam or to rack up clicks for advertising schemes..."

    * http://www.pandasoftware.com/virus_i...=128208&sind=0

    :(
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #15
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation QuickTime v7.1.3 released

    FYI...

    - http://isc.sans.org/diary.php?storyid=1694
    Last Updated: 2006-09-13 00:00:39 UTC
    "Apple released today Quicktime 7.1.3. It fixes 7 vulnerabilities, all leading to arbitrary code execution..."
    - http://docs.info.apple.com/article.html?artnum=304357

    QuickTime 7.1.3 for Windows 2000/XP
    - http://www.apple.com/quicktime/download/win.html

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #16
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Firefox and Thunderbird 1.5.0.7 released

    FYI...

    Firefox download:
    - http://www.mozilla.com/firefox/

    Fixed in Firefox 1.5.0.7:
    - http://www.mozilla.org/projects/secu...firefox1.5.0.7

    Known issues:
    - http://www.mozilla.com/firefox/relea....7.html#issues
    "This list covers some of the known problems with Firefox 1.5.0.7. Please read this before reporting any new bugs."

    -----------------------------------------

    Thunderbird download:
    - http://www.mozilla.com/thunderbird/

    Fixed in Thunderbird 1.5.0.7:
    - http://www.mozilla.org/projects/secu...derbird1.5.0.7
    ================================

    - http://secunia.com/advisories/21906/
    Release Date: 2006-09-15
    Critical: Highly critical
    Impact: Security Bypass, Cross Site Scripting, Spoofing, DoS, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Mozilla Firefox 0.x, Mozilla Firefox 1.x...
    Solution: Update to version 1.5.0.7.
    http://www.mozilla.com/firefox/ ..."

    - http://secunia.com/advisories/21939/
    Release Date: 2006-09-15
    Critical: Highly critical
    Impact: Security Bypass, DoS, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Mozilla Thunderbird 0.x, Mozilla Thunderbird 1.0.x, Mozilla Thunderbird 1.5.x...
    Solution: Update to version 1.5.0.7.
    http://www.mozilla.com/thunderbird/ ..."

    Last edited by AplusWebMaster; 2006-09-15 at 13:38. Reason: Added Secunia advisories...
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #17
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Internet Security Threat Report - first half 2006

    FYI...

    - http://www.symantec.com/about/news/r...id=20060925_02
    Sept. 25, 2006
    "...Symantec’s Internet Security Threat Report notes that home users are the most targeted attack sector, accounting for 86 percent of all targeted attacks, followed by financial services businesses. Symantec has identified increased attacks aimed at client-side applications, increased use of evasive tactics to avoid detection, and that large, widespread Internet worms have given way to smaller, more targeted attacks focusing on fraud, data theft, and criminal activity... The tenth volume of the semiannual Symantec Internet Security Threat Report covers the six-month period from Jan. 1, 2006, through June 30, 2006..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #18
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malicious Code on Storage and Caching Servers

    FYI...

    - http://www.theregister.com/2006/10/1..._malware_risk/
    12 October 2006
    "...Finjan has published obfuscated examples* of malware found on storage and caching servers to support its claims... Finjan's point is that users visiting a cached copy of such (potentially mainstream) sites would be infected even if the main site pulled the malware. Search engines are not doing enough to flush their caches, it warns..."
    - http://www.finjan.com/Pressrelease.a...sLan=293&lan=3
    October 11, 2006
    "...Finjan has provided the search engines and service providers with full technical details of the discovery, and is conducting a dialogue with these companies in order to assist them in resolving the issue. Some examples of malicious code found on storage and caching servers are presented here*... Another newly discovered web security threat centers on the use of Web 2.0 and AJAX ( Asynchronous JavaScript and XML) technologies for malicious activities. While Web 2.0 and AJAX offer an enriched and improved user experience for Internet users, the technology also flings open the door to new malware propagation methods..."
    * http://www.finjan.com/Content.aspx?id=1117

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •