Page 8 of 9 FirstFirst ... 6789 LastLast
Results 71 to 80 of 86

Thread: Last Security News

  1. #71

    Default Vulnerability in Macromedia Flash Player

    Madrid, November 7, 2005 - Macromedia has reported a critical securityflaw in Flash Player version 7.0.19.0 and earlier, which could allow arbitrary code to be run. Users are therefore, recommended to install the update that resolves this vulnerability.

    The problem lies in Flash.ocx, module that processes SWF files. An attacker can design a web page containing a specially-crafted SWF file,which could run arbitrary code on the computers of users that viewed thepage with a vulnerable Flash Player.

    Macromedia recommend users of Flash Player to install version 8, which is available at:
    http://www.macromedia.com/go/getflash
    Users of Windows 95, Windows NT or Macintosh -for which Flash Player 8 is not available-,can install version 7r61 available at:
    http://www.macromedia.com/cfusion/kn...fm?id=d9c2fe33

    More information about this vulnerability and the security updates areavailable in the bulletin published by Macromedia at
    http://www.macromedia.com/devnet/sec...mpsb05-07.html

  2. #72

    Default Vulnerabilities in the Windows graphics rendering engine

    November 10, 2005 - Microsoft has published a security bulletin MS05-053, which reports three security problems in the graphic file rendering engine in Windows systems, and announces the availability of the updates that fix these flaws.

    The vulnerabilities are classified as critical and exist in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats. A remote attacker could exploit these vulnerabilities to run arbitrary code on affected systems.

    Any application that presents WMF or EMF images in Windows 2000, Windows XP and Windows Server 2003 are affected by these security flaws.
    Microsoft has released the updates that fix these vulnerabilities for affected operating systems. It is recommendable to refer to the bulletin published by Microsoft -at
    http://www.microsoft.com/technet/sec.../MS05-053.mspx
    - tofind out the download address of the different updates, or use WindowsUpdate to update systems.
    _________________
    since Oct 2003(up to 20%/month return)More Info

    FREE $50 (strictly by invitation)More Info

  3. #73

    Default Vulnerability in Mambo

    November 11 2005 - A security problem has been detected in the Mambo content manager which -under certain conditions- could allow access to confidential data, according to ProCheckUp.
    An attacker could exploit this vulnerability when Mambo is installed on a PHP Server with inadequate security settings, specifically, with the option "magic_quotes_gpc" disabled. This option is however, normally disabled in PHP distributions, mitigating the possible impact of this security problem.
    The vulnerability has been confirmed in Mambo version 4.5 (1.0.3) in Windows 2000 and Linux with PHP 4.3.10. Mambo developers have published a security patch for users of version 4.5 (1.0.x). Another option to avoid the problem is to install the latest version -4.5.2.3-, available at http://www.mamboserver.com/

  4. #74

    Default Sober: 350 different faces for five worms

    Sober: 350 different faces for five worms
    new Sober worms (AF and AG), in addition to the AC, AD and AE variants identified over the last few days. However, the authors of these five mass-mailing worms are not stopping at distributing them in the usual way; but using hundreds of different compression formats -350 according to PandaLabs- and sending them manually as spam messages. Even though none of these malicious codes have caused a significant number of incidents, the fact that so many infected files exist is in itself a cause for concern, as the probability of receiving one of them isincreased.

    According to Luis Corrons, director of PandaLabs: "the new Sober worms cannot be considered particularly dangerous for any specific characteristic. The worrying thing is that they are being sent out in many different formats. Although these worms are the same, traditional antivirus programs need a vaccine for each compression format.
    Obviously, this makes the work of security companies more difficult, as they have to spend time obtaining a sample of all the variants in circulation and generating the corresponding updates, which they must then include in the antivirus signature file of each client."

    The aim of the authors of these worms is not yet clear: "Although we have detected hundreds of compressed files carrying one of the new Sober worms, it is true that they do not seem to be spreading widely. It seems more like a test that aims to find out which one is most difficult for security solutions to detect. However, at the moment there is an
    incredible number of infected email messages in circulation, and therefore, users must be careful with the messages they receive from unknown senders," adds Luis Corrons.

    The proactive TruPreventTM Technologies are effectively detecting the new variants of Sober. Luis Corrons confirms that "our proactive technologies not only block attacks from unknown threats, but also allow us to shorten the vulnerability window. This is because whenever TruPreventTM Technologies detect a new malicious code, they immediately send it to PandaLabs to identify it."

    The five new Sober worms are very similar to their predecessors. When the user runs an infected file, they send themselves out to all the email addresses they find in a large number of files stored on the computer. These messages have very variable characteristics, although their most outstanding feature is that they change the language of the
    message depending on the suffix of the address to which they are sent.
    A
    message will be sent in German to address with the suffix '.de', '.li','.ch' or '.at' . If addresses end in a different suffix, the message will be sent in English.
    _________________
    change your life with $5

  5. #75
    Join Date
    Nov 2005
    Posts
    4

    Default

    thanks for these usefull news...

  6. #76

    Default Microsoft publishes update for WMF files vulnerability

    January , 2006 - Microsoft has published an update to solve the problem with some graphic files management. This vulnerability could allow, thanks to specially forged files, to compromise the non updated user's computers.

    The affected systems, now with update available, are the Microsoft Windows versions 2000 Service Pack 4, XP Service Pack 1 and 2, XP Professional x64 Edition, Server 2003 and Server 2003 Service Pack 1(including Itanium and x64), 98, 98 Second Edition and Millennium Edition (ME).

    All the information about the update and the downloads is available at
    http://www.microsoft.com/technet/sec.../ms06-001.mspx.

  7. #77

    Default

    focuses on three threats:
    WMFMaker, Gaobot.LTL and Mytob.MF.

    WMFMaker is a program for creating WMF (Windows MetaFile) images that exploit a critical vulnerability in Graphics Rendering Engine. This
    vulnerability lies in how Windows 2003/XP/2000/Me/98 handles WMF(Windows Meta File), and therefore, all applications that handles this
    type of file are affected, such as Internet Explorer and Microsoft Outlook. WMFMaker can be used to create images that run any type of
    malicious code -Trojans, worms or any other type of malware- in the computer affected by this security flaw.

    WMFMaker is designed to be used from the commandline, by including the full path of the tool and of the executable file that will be included
    in the WMF and run if the vulnerability is exploited. By doing this, a file with a .wmf extension is generated under a name that varies
    between "evil.wmf" and the name of the executable file included inside it.

    Malicious WMF images created by WMFMaker can be distributed through different means, such as housing it in a web page and persuading users
    to visit it. If the victim uses Internet Explorer, when accessing the malicious web page arbitrary code can be run automatically. However, if
    a different browser is used, the user will be warned that the file will be downloaded.

    Until Microsoft releases the patch to fix this vulnerability, as well as ensuring that anti-malware solutions capable of blocking code that
    exploits this flaw are installed, users are advised to adopt a series of other security measures including the following:

    - Read email messages in Plain Text.

    - Don't click on links received via email or instant messaging from
    unknown senders.

    - If you have Windows XP installed, enable DEP (Data Execution Prevention).

    The second threat in this week's report is Gaobot.LTL, a worm that spreads through the following means: email; Internet, by exploiting the
    LSASS, RPC DCOM, WebDAV and UPnP vulnerabilities; computer networks;using peer-to-peer (P2P) file sharing programs; AOL Instant Messenger
    (AIM) and IRC.

    Gaobot.LTL connects to several IRC servers to receive remote control commands (such as stealing passwords from the computer, launching
    Denial
    of Service attacks, scanning IP addresses, etc.). It also prevents users
    from accessing the websites of IT security companies and as a result,antivirus programs might not be able to update, leaving the computer
    vulnerable to other malware.

    This week's report closes with Mytob.MF, a mass-mailing worm that reaches computers in a message with variable characteristics containing
    an attached file called Abuse_Seport.zip. This worm uses social engineering techniques to spread to as many computers as possible. To
    be more specific, the message carrying this worm passes itself off as a message from a complaints department and accuses recipients of carrying
    out illegal activity from their computers.

    When the Abuse_Seport.zip file it is decompressed and run, it is installed on the computer and carries out various actions, such as
    looking for email addresses in certain files on the computer to which it sends a copy of itself. It also ends the processes belonging to
    different security programs running in memory and prevents the user from accessing web pages belonging to antivirus companies, among others.
    source:panda
    _________________
    change your life with $5

  8. #78

    Default

    January 28, 2006 - weekly report

    - Attachment spoofing in Mozilla Thunderbird (01/23/06).
    SecuriTeam has reported a vulnerability that lies in the way that the mail reader Mozilla Thunderbird displays attachments, which allows an attacker to spoof them. Users of Mozilla Thunderbird are recommended to update by installing version 1.5, which is not affected by this security problem.

    - Cyber-crime generates a significant amount in damages in the United States (01/24/06).
    Last year, cyber-crime caused 67 billion in damages in the US alone, as revealed in a report carried out by the FBI, which is reported in several publications including Vnunet.com and Government Technology. Nearly 90 percent of the organizations surveyed by the FBI confirmed that they had experienced a security incident in the last twelve months and 20 percent of them have suffered 20 attacks or more. The list of most common attacks is headed by viruses (83.7%), followed by spyware (79.5%).

    - Security warnings for BEA (01/25/06).
    BEA, a leader in business infrastructure software -providing
    standards-based platforms to accelerate information and services flow- has published 14 bulletins reporting different security problems affecting mainly WebLogic Server, WebLogic Express and WebLogic Portal. Users affected by the problems mentioned in these products are advised to consult the BEA bulletins and take the corresponding security measures.

    - Vulnerability in Sun Directory Server and Red Hat (01/26/06).
    SecurityTracker has reported a security problem in the Help system in
    Sun Directory Server (Netscape Directory Server), Red Hat Directory Server and Red Hat Certificate System, that could allow arbitrary code to
    be run on affected systems. In Red Hat Directory Server the vulnerability has been resolved in Service Pack 1, which can be downloaded from Red Hat Network. Users of affected systems are advised to install this service pack.

    - Bots consolidate their position as one of the main Internet threats
    (01/27/06).
    According to data from PandaLabs, Panda Software's antivirus laboratories, in 2005, more than 10,000 examples of bots were detected,
    representing an increase of more than 175 percent with respect to the previous year. Bots (an abbreviation of 'robot') are programs that can reach computers in a number of ways and then go resident, awaiting commands from their creators, normally via IRC.
    source:pandasoftware
    _________________
    change your life with $5
    Last HYIP NEWS

  9. #79
    Join Date
    Jan 2006
    Location
    Mera Bharat Mahan
    Posts
    1,961

    Default

    Nice topic
    Gud way to update
    I don hav to search the net
    Keep updatin often

  10. #80

    Default Microsoft has released ISA Server 2004 Service Pack 2

    Madrid, February 3 2005. Microsoft has released ISA Server 2004 Service Pack 2, aimed at offering, among other advantages, three new features including BITS (Background Intelligent Transfer Service), HTTP compression and traffic prioritization.

    ISA Server 2004 SP2 can cache content downloaded with Background Intelligent Transfer Service (BITS)- which can be helpful to download updates and service packs. For example, when a network does not employ Microsoft Windows Server Update Services (WSUS) or Microsoft Systems Management Server (SMS), the BITS caching feature can help reduce global network traffic when users try to download the updates directly from Windows Update.

    HTTP compression, on the other hand, is a typical method for reducing bandwidth consumption as it allows ISA Server to request compressed content, and serve compressed content from its Web cache to clients. This enables faster serving of Web pages.

    The last new feature incorporated is traffic prioritization, a new global setting that can apply to all browser traffic that passes through ISA Server. ISA Server 2004 SP2 supports setting the DiffServ field in Internet Protocol (IP) packets based on URLs

    As with all Service Packs from Microsoft, ISA Server 2004 SP2 also includes a number of updates and improvements aimed at improving performance and improving user experience with ISA Server 2004. Changes include:

    - Support for Windows Server 2003 R2 and other related R2 versions, such as Microsoft SQL Server 2005
    - Improvements to the Cache Array Routing Protocol system
    - New certified warnings
    - Service Quality Monitoring (SQM) support and all Hotfixes and updates published since 11/1/2005.

    Full information about this service pack and its availability at:
    http://secure-cyber.blogspot.com/200...vice-pack.html

Page 8 of 9 FirstFirst ... 6789 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •