2006 Alerts - Q4

Adobe Download Manager v2.2 released

FYI...

- http://www.adobe.com/support/security/bulletins/apsb06-19.html
December 5, 2006
"...Summary:
A critical vulnerability has been identified in Adobe Download Manager 2.1 and earlier versions that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. It is recommended that users uninstall Adobe Download Manager 2.1 and earlier using the instructions provided*...
Affected software versions: Adobe Download Manager 2.1 and earlier...
Severity rating: Adobe categorizes this as a critical issue and recommends affected users uninstall any affected software..."
* http://www.adobe.com/support/security/bulletins/apsb06-19.html#instructions

:fear:
 
Cyber Extortion via Web Mail

FYI...

- http://www.websense.com/securitylabs/alerts/alert.php?AlertID=714
December 11, 2006
"Websense® Security LabsTM has received reports of a new form of cyber-extortion. Unlike previously documented cases (where end-users were infected with malicious code, certain file types were encoded or encrypted, and a ransom message was left on the machine), this attack compromises users' online web mail accounts. When end-users logged into their web mail accounts (in this case Hotmail), they noticed that all their 'sent' and 'received' emails were deleted along with all their online contacts. The only message that remained was one from the attacker that requested they contact them for payment in order to receive the data back. In this case, the end-users had recently visited an Internet cafe where their credentials may have been compromised..."

(Screenshots available at the URL above.)

Previous Cyber Extortion (AKA Ransomware) alerts:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=194
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=320

:spider: :mad:
 
Yahoo! Messenger ActiveX vuln - update available

FYI...

- http://secunia.com/advisories/23401/
Release Date: 2006-12-15
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Yahoo! Messenger 5.x, 6.x, 7.x, 8.x
...The vulnerability is reported in versions obtained prior to Nov 2, 2006.
Solution: Update to the latest version.
http://messenger.yahoo.com/ ...
Original Advisory: http://messenger.yahoo.com/security_update.php?id=120806
"...If you choose not to update and you have not updated via this page or Chat, the vulnerability will still exist."

:fear:
 
Skype worm...

FYI...

- http://isc.sans.org/diary.php?storyid=1952
Last Updated: 2006-12-18 23:54:28 UTC

> http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-121910-5339-99
Updated: December 19, 2006 10:20:42 AM GMT
[See: "TECHNICAL DETAILS"...]
W32.Chatosky - Risk Level 1: Very Low

> http://www.symantec.com/enterprise/security_response/weblog/2006/12/worm_targets_skype.html
December 18, 2006 09:52 PM

> http://www.websense.com/securitylabs/blog/blog.php?BlogID=101
Dec 18 2006 3:08PM

NOTE: http://en.wikipedia.org/wiki/Skype
"Skype is a proprietary peer-to-peer Voice over IP (VoIP) network founded by the entrepreneurs Niklas Zennström and Janus Friis, also founders of the file sharing application Kazaa..."
-----------------------------------------

Malicious Code: Skype Trojan Horse
- http://www.websense.com/securitylabs/alerts/alert.php?AlertID=716
December 19, 2006
"...After investigation we have discovered that this is -not- a self propagating worm and is actually a Trojan Horse. After discussions with the very helpful Skype security team, the behavior of this Trojan using the Skype API is as per the specifications of the API. The end-user who is running Skype does get notified that a program is attempting to access it and must acknowledge it.
*there is -no- vulnerability in Skype at this time that has been uncovered*
For more details on the Skype API see
https://developer.skype.com/Docs/ApiDoc/Overview_of_the_Skype_API ."
---------------------------------

- http://www.informationweek.com/shared/printableArticle.jhtml?articleID=196700896
Dec 19, 2006 01:43 PM
"..."The code isn't a worm," says Dan Hubbard (Websense)... "A user with Skype will get a message to download a program from a URL included in a chat message," says Hubbard. "If they click on that, a program runs in the background, then injects itself into the Explorer process. It looks like the Trojan is designed to grab forms and passwords from the browser"... The servers the attacker used to download malicious code to infected computers are now down, Hubbard confirmed..."

:fear: :spider:
 
Last edited:
Firefox v2.0.0.1, v1.5.0.9 released

FYI...

- http://www.mozilla.org/security/#Security_Alerts
December 19, 2006
"Security updates have been issued for Firefox and Thunderbird that fix critical security vulnerabilities. All users should install these udpates as soon as possible.
Firefox 2.0.0.1 - http://www.mozilla.com/firefox/
Firefox 1.5.0.9 - http://www.mozilla.com/en-US/firefox/all-older.html
Thunderbird 1.5.0.9 - http://www.mozilla.com/thunderbird/
Users should get an automatic update notification; users who have turned off update notification can use the "Check for Updates..." item on the Help menu..."

Fixed in Firefox 2.0.0.1 & 1.5.0.9
> http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox

Fixed in Thunderbird 1.5.0.9
> http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird

:spider:
 
Last edited:
You must log in or register to reply here.
Back
Top