Security 10967 Published by Philipp Esselbach 0

Excel and PowerPoint have a macro security framework that controls the execution of macros and prevents macros from running automatically. Under this framework, any time a user opens a document the document is scanned for the presence of macros. If a document contains macros, the user is notified and asked if he wants to run the macros or the macros are disabled entirely, depending on the security setting. A flaw exists in the way macros are detected that can allow a malicious user to bypass macro checking.

A malicious attacker could attempt to exploit this vulnerability by crafting a specially formed Excel or PowerPoint document with macro code that would run automatically when the user opened it. The attacker could carry out this attack by hosting the malicious file on a web site, a file share, or by sending it through email.

Read more

Security 10967 Published by Philipp Esselbach 0

An e-mail message claiming to come from the SecurityFocus ARIS Analyst Team and TrendMicro is being used to deliver what appears to be a Trojan horse to unsuspecting users.

Do not run this attachment. These messages do not come from TrendMicro or SecurityFocus, as a quick check of the headers will reveal.

Read more

Security 10967 Published by Philipp Esselbach 0

A security vulnerability exists in Exchange 2000 Outlook Web Access, because it will accept and process a request for an item in an authenticated user's mailbox without verifying first that the folder structure is valid. An attacker could mount a denial of service attack by repeatedly levying a request for a non-existent but deeply nested folder in his own mailbox.

Read more

Security 10967 Published by Philipp Esselbach 0

Security experts on Monday warned of a new file-deleting virus masquerading as a program that allows people to vote on whether the United States should go to war.

The Vote Virus is spreading via e-mail to users of Microsoft's Outlook e-mail program, said Simon Perry, vice president of security solutions at Computer Associates International.

Read more

Security 10967 Published by Philipp Esselbach 0

Analysts are advising against using Microsoft's Internet Information Server (IIS) because of its multitude of vulnerabilities that viruses like Nimda and Code Red exploit.

The Gartner Group has advised enterprises that had not yet made web server decisions to weigh security heavily and to evaluate other web server software offerings rather than opting straight out for IIS.

Read more

Security 10967 Published by Philipp Esselbach 0

Authorities around the world have released further warnings about the mass-mailing Nimda worm, saying it could be more dangerous than Code Red.

Over the last few days, the National Infrastructure Protection Centre, CERT and the Home Office have all warned about the swiftly spreading worm.

Read more

Security 10967 Published by Philipp Esselbach 0

W32.Nimda.A@mm is a new mass-mailing worm that utilizes multiple methods to spread itself. The worm sends itself out by email, searches for open network shares, and attempts to copy itself to unpatched Microsoft IIS web servers. The worm does this using the Unicode Web Traversal exploit.

Read more