Symantec has released a new virus definitions update for Norton AntiVirus.
MooSoft has posted a new trojan definitions update for The Cleaner
MooSoft has posted another trojan definitions update for The Cleaner
MooSoft has posted a new trojan definitions update for The Cleaner
MooSoft has posted a new trojan definitions update for The Cleaner
MooSoft has posted a new trojan definitions update for The Cleaner.
Because HTML e-mails are simply web pages, IE can render them and
open binary attachments in a way that is appropriate to their MIME types. However, a flaw exists in the type of processing that is specified for certain unusual MIME types. If an attacker created an HTML e-mail containing an executable attachment, then modified the MIME header information to specify that the attachment was one of the unusual MIME types that IE handles incorrectly, IE would launch the attachment automatically when it rendered the e-mail.
An attacker could use this vulnerability in either of two scenarios. She could host an affected HTML e-mail on a web site and try to persuade another user to visit it, at which point script on a web
page could open the mail and initiate the executable. Alternatively, she could send the HTML mail directly to the user. In either case, the executable attachment, if it ran, would be limited only by user´s
permissions on the system.
Read more
open binary attachments in a way that is appropriate to their MIME types. However, a flaw exists in the type of processing that is specified for certain unusual MIME types. If an attacker created an HTML e-mail containing an executable attachment, then modified the MIME header information to specify that the attachment was one of the unusual MIME types that IE handles incorrectly, IE would launch the attachment automatically when it rendered the e-mail.
An attacker could use this vulnerability in either of two scenarios. She could host an affected HTML e-mail on a web site and try to persuade another user to visit it, at which point script on a web
page could open the mail and initiate the executable. Alternatively, she could send the HTML mail directly to the user. In either case, the executable attachment, if it ran, would be limited only by user´s
permissions on the system.
Read more
The Security Bulletin Search Page at
http://www.microsoft.com/technet/security/current.asp now includes a
search function that will let you view all of the security patches
available for a particular product according to the service packs
you´ve installed on your system.
Read more
http://www.microsoft.com/technet/security/current.asp now includes a
search function that will let you view all of the security patches
available for a particular product according to the service packs
you´ve installed on your system.
Read more
In mid-March 2001, VeriSign, Inc., advised Microsoft that on January 29 and 30, 2001, it issued two VeriSign Class 3 code-signing digital certificates to an individual who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation". The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run.
The certificates could be used to sign programs, ActiveX controls, Office macros, and other executable content. Of these, signed ActiveX controls and Office macros would pose the greatest risk, because the attack scenarios involving them would be the most straightforward. Both ActiveX controls and Word documents can be delivered via either web pages or HTML mails. ActiveX controls can be automatically invoked via script, and Word documents can be automatically opened via script unless the user has applied the Office Document Open Confirmation Tool.
Read more
The certificates could be used to sign programs, ActiveX controls, Office macros, and other executable content. Of these, signed ActiveX controls and Office macros would pose the greatest risk, because the attack scenarios involving them would be the most straightforward. Both ActiveX controls and Word documents can be delivered via either web pages or HTML mails. ActiveX controls can be automatically invoked via script, and Word documents can be automatically opened via script unless the user has applied the Office Document Open Confirmation Tool.
Read more
A computer virus that can infect PCs running either the ubiquitous Windows operating system or the increasingly popular Linux operating system emerged Tuesday, which its discoverers say is a world first.
The virus, dubbed "W32.Winux" by the company that first reported it, anti-virus firm Central Command, is not destructive and does not appear to have infected any computers yet.
Read more
The virus, dubbed "W32.Winux" by the company that first reported it, anti-virus firm Central Command, is not destructive and does not appear to have infected any computers yet.
Read more
The VB-TSQL debugger object that ships with Visual Studio 6.0 Enterprise Edition has an unchecked buffer in the code that processes parameters for one of the object´s methods. The object can, by design, be programmatically accessed remotely. If the object were to be referenced by a program that contained specially malformed data within the parameter, eitherof two outcomes would result. In the less serious case, the attacker could cause the object to fail on the hosting machine. In the more serious case, the attacker could exploit the buffer overrun to run code of the attacker´s choice on the hosting machine.
The debugger object (vbsdicli.exe) is installed by default with Visual Studio 6.0 Enterprise Edition and runs in the context of the interactively logged-on user. The attacker could only execute a successful attack if he knew that a user had the component installed and that the user was logged in at the time of the attack.
Read more
The debugger object (vbsdicli.exe) is installed by default with Visual Studio 6.0 Enterprise Edition and runs in the context of the interactively logged-on user. The attacker could only execute a successful attack if he knew that a user had the component installed and that the user was logged in at the time of the attack.
Read more
MooSoft has posted a new trojan definitions update for The Cleaner.
Issue:
======
VeriSign, Inc., recently advised Microsoft that on January 30 and 31,
2001, it issued two VeriSign Class 3 code-signing digital certificates to an individual who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation". The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run.
The certificates could be used to sign programs, ActiveX controls, Office macros, and other executable content. Of these, signed ActiveX controls and Office macros would pose the greatest risk, because the attack scenarios involving them would be the most straightforward. Both ActiveX controls and Word documents can be delivered via either web pages or HTML mails. ActiveX controls can be automatically invoked via script, and Word documents can be automatically opened via script unless the user has applied the Office Document Open Confirmation Tool.
Affected Software:
==================
Microsoft Windows
95
Microsoft Windows 98
Microsoft Windows Me
Microsoft Windows NT 4.0
Microsoft Windows 2000
Read more
======
VeriSign, Inc., recently advised Microsoft that on January 30 and 31,
2001, it issued two VeriSign Class 3 code-signing digital certificates to an individual who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation". The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run.
The certificates could be used to sign programs, ActiveX controls, Office macros, and other executable content. Of these, signed ActiveX controls and Office macros would pose the greatest risk, because the attack scenarios involving them would be the most straightforward. Both ActiveX controls and Word documents can be delivered via either web pages or HTML mails. ActiveX controls can be automatically invoked via script, and Word documents can be automatically opened via script unless the user has applied the Office Document Open Confirmation Tool.
Affected Software:
==================
Microsoft Windows
95Microsoft Windows 98
Microsoft Windows Me
Microsoft Windows NT
4.0Microsoft Windows 2000
Read more
MooSoft has posted a new trojan definitions update for The Cleaner
The original version of this bulletin provided a workaround
(discussed in Knowledge Base article Q241520) that would protect
affected systems by disabling WebDAV services. However, a security
patch is now available that eliminates the vulnerability, and
Microsoft recommends using the patch rather than the workaround.
Download
(discussed in Knowledge Base article Q241520) that would protect
affected systems by disabling WebDAV services. However, a security
patch is now available that eliminates the vulnerability, and
Microsoft recommends using the patch rather than the workaround.
Download
MooSoft has posted a new trojan definitions update for The Cleaner
MooSoft has posted a new trojan definitions update for The Cleaner
Issue:
======
WebDAV is an extension to the HTTP protocol that allows remote authoring and management of web content. In the Windows 2000 implementation of the protocol, IIS 5.0 performs initial processing of all WebDAV requests, then forwards the appropriate commands to the WebDAV process. However, a flaw exists in the way WebDAV handles a particular type of malformed request. If a stream of such requests were directed at an affected server, it would consume all CPU availability on the server.
Because the discoverer of this vulnerability has chosen to publish code to exploit this vulnerability before a patch could be developed, Microsoft has developed a workaround that can be used to defend against attack. Knowledge Base article Q241520 provides step-by-step instructions for changing the permissions on the .DLL that provides WebDAV services in order to effectively disable it on the machine. When a patch is available, we will re-release this bulletin and provide updated information.
Read more
======
WebDAV is an extension to the HTTP protocol that allows remote authoring and management of web content. In the Windows 2000 implementation of the protocol, IIS 5.0 performs initial processing of all WebDAV requests, then forwards the appropriate commands to the WebDAV process. However, a flaw exists in the way WebDAV handles a particular type of malformed request. If a stream of such requests were directed at an affected server, it would consume all CPU availability on the server.
Because the discoverer of this vulnerability has chosen to publish code to exploit this vulnerability before a patch could be developed, Microsoft has developed a workaround that can be used to defend against attack. Knowledge Base article Q241520 provides step-by-step instructions for changing the permissions on the .DLL that provides WebDAV services in order to effectively disable it on the machine. When a patch is available, we will re-release this bulletin and provide updated information.
Read more
