Symantec has released a new virus definitions update for Norton Antivirus.
Microsoft has released a new security patch for Internet Explorer
This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and IE 6. In addition, it eliminates the following two newly discovered vulnerabilities:
- A vulnerability in the zone determination function that could allow a script embedded in a cookie to be run in the Local Computer zone. While HTML scripts can be stored in cookies, they should be handled in the same zone as the hosting site associated with them, in most cases the Internet zone. An attacker could place script in a cookie that would be saved to the user's hard disk. When the cookie was opened by the site the script would then run in the Local Computer zone, allowing it to run with fewer restrictions than it would otherwise have.
- A vulnerability in the handling of object tags that could allow an attacker to invoke an executable already present on the user's machine. A malicious user could create HTML web page that includes this object tag and cause a local program to run on the victim's machine.
Read more
This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and IE 6. In addition, it eliminates the following two newly discovered vulnerabilities:
- A vulnerability in the zone determination function that could allow a script embedded in a cookie to be run in the Local Computer zone. While HTML scripts can be stored in cookies, they should be handled in the same zone as the hosting site associated with them, in most cases the Internet zone. An attacker could place script in a cookie that would be saved to the user's hard disk. When the cookie was opened by the site the script would then run in the Local Computer zone, allowing it to run with fewer restrictions than it would otherwise have.
- A vulnerability in the handling of object tags that could allow an attacker to invoke an executable already present on the user's machine. A malicious user could create HTML web page that includes this object tag and cause a local program to run on the victim's machine.
Read more
Symantec has released a new virus definitions update for Norton Antivirus.
McAfee Virus definitions has been updated to version 4194
DebPloitFix is a hotfix that closes the security hole (DebPloit exploit) discovered by Radim EliCZ Picha.
DebPloitFix is implemented as a kernel mode driver that can be run dinamically (no need to restart your system). DebPloitFix assigns the new security descriptor to the DbgSsApiPort LPC port so only the local system (SYSTEM user) will be able to access this port.
Download
More informations
About DebPloit: DebPloit is an exploit that shows weakness of the Windows NT/2000 security. It uses the security hole in the NT/2000 debugging subsystem and allows to any user (even Guest) execute processes in the security context of an administrator or a local system. Thus any person who have a local access to the computer running Windows NT or Windows 2000 can became an administrator and do everything he/she wants.
DebPloitFix is implemented as a kernel mode driver that can be run dinamically (no need to restart your system). DebPloitFix assigns the new security descriptor to the DbgSsApiPort LPC port so only the local system (SYSTEM user) will be able to access this port.
Download
More informations
About DebPloit: DebPloit is an exploit that shows weakness of the Windows NT/2000 security. It uses the security hole in the NT/2000 debugging subsystem and allows to any user (even Guest) execute processes in the security context of an administrator or a local system. Thus any person who have a local access to the computer running Windows NT or Windows 2000 can became an administrator and do everything he/she wants.
Internet privacy researcher Richard Smith released on Thursday a list of four issues that continue to undermine the security of Microsoft's Outlook 2002 and could leave the major mail program open to attack by virus writers.
Read more
Read more
McAfee Virus definitions has been updated to version 4192
ZDNet has posted a report about spam
Symantec has released a new virus definitions update for Norton Antivirus.
Microsoft has released security scripts for Windows 2000 Server
Microsoft has updated their security bulletin for the Cumulative VM Update
Thanks to Ryan for sending me this security alert from WatchGuard:
In a post to NTBugtraq on March 14, Radim EliCZ Picha described a design flaw in the Windows NT and 2000 debugging subsystem that could result in elevated privileges. Picha also included exploit code. Experts at WatchGuard have confirmed that a hacker can use this exploit to elevate any local user, even Guest, to local Administrator. There is no direct impact on WatchGuard products. Administrators using Windows NT and 2000, servers and workstations, should recognize this vulnerability and know how to defend against it. A patch is not yet available.
In a post to NTBugtraq on March 14, Radim EliCZ Picha described a design flaw in the Windows NT and 2000 debugging subsystem that could result in elevated privileges. Picha also included exploit code. Experts at WatchGuard have confirmed that a hacker can use this exploit to elevate any local user, even Guest, to local Administrator. There is no direct impact on WatchGuard products. Administrators using Windows NT and 2000, servers and workstations, should recognize this vulnerability and know how to defend against it. A patch is not yet available.
MooSoft has posted a new trojan definitions update for The Cleaner
VN Roundup has posted a Windows XP security guide
Symantec has released a new virus definitions update for Norton Antivirus.
A security flaw in open-source software used by Linux and Unix systems for compression may affect some Microsoft products that also use the code.
As reported earlier this week by CNET News.com, a flaw in the zlib software-compression library could leave much of the systems based on the open-source operating system Linux open to attack.
Read more
As reported earlier this week by CNET News.com, a flaw in the zlib software-compression library could leave much of the systems based on the open-source operating system Linux open to attack.
Read more
McAfee Virus definitions has been updated to version 4191
Microsoft has updated the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security bulletin
Symantec has released a new virus definitions update for Norton Antivirus.