Today's bug patches and security alerts:

Apple releases security update for QuickTime

A flaw in the way Quartz Composer objects are handled by QuickTime 7.0 could be exploited to gather local data and send it to a remote Web site. QuickTime Version 7.0.1 fixes the issue:
http://docs.info.apple.com/article.html?artnum=301714
**********

Debian, Gentoo patch Mailutils

Multiple flaws have been found in the Debian and Gentoo implementation of Mailutils, a collection mail utility applications. The most serious of the vulnerabilities could be exploited to run malicious code on the affected machine. For more, go to:

Debian:
http://www.debian.org/security/2005/dsa-732

Gentoo:
http://security.gentoo.org/glsa/glsa-200505-20.xml
**********

Debian releases fix for bzip2

A race condition in bzip2, a file compressor and decompressor, could be exploited by an attacker to change permissions of a file being decompressed. For more, go to:
http://www.debian.org/security/2005/dsa-730

Debian patches krb4

A couple of buffer overflows have been found in the telnet client that comes with the krb4 package for Debian. A remote attacker may exploit these flaws to run malicious applications on the affected machine. For more, go to:
http://www.debian.org/security/2005/dsa-731
**********

HP patches OpenView Radia Management Applications

According to an alert from HP, "A potential security vulnerability has been identified with HP OpenView Radia Management Applications - Radia Notify Daemon versions 2.x, 3.x, and 4.x where the potential vulnerability could be exploited to allow a remote user to execute unauthorized programs on managed client systems leading to unauthorized access to data and denial of service." For more, go to:
http://www.securityfocus.com/archive/1/401417/30/0/threaded

Related advisory from Grok:
http://www.grok.org.uk/advisories/radexecd.html
**********

Fedora releases update for kernel

A number of vulnerabilities in the Fedora Legacy kernel have been fixed, which impacts Red Hat Linux 7.3, Red Hat Linux 9 and Fedora Core 1. The most serious of the flaws could be exploited to run malicious code on the affected machine. For more, go to:
http://www.securityfocus.com/archive/1/401520/30/0/threaded
**********

Patch available for Drupal

A flaw in the Drupal content management system could be exploited by an attacker to gain administration privileges on the affected machine. For more, go to:
http://drupal.org/drupal-4.6.1
**********

Today's roundup of virus alerts:

CA details sophisticated Web attack

A new "sophisticated" attack that uses three pieces of malware to turn PCs into zombies that can be sold to criminal groups has appeared on the Internet this week, security vendor Computer Associates  said Thursday. IDG News Service, 06/02/05.
http://www.networkworld.com/news/2005/060205-ca-worm.html?nl

W32/Agobot-SV - A backdoor worm that exploits a number of known Windows vulnerabilities as it tries to enter through a network share. It drops "wmmndir.exe" on the infected machine and can disable security-related applications. (Sophos)

W32/Sdbot-YW - This IRC backdoor worm can be used in denial-of-service attacks and to download/execute code from a remote site. It spreads through network shares, dropping "hmusvc32.exe" on the infected machine. (Sophos)

W32/Sdbot-ZE - Another Sdbot variant. This one drops "hdsys.exe" on the infected machine and can disable security applications. (Sophos)

W32/Rbot-AEF - Another backdoor bot that allows access to the infected machine via IRC. This Rbot variant drops "WINSYS.exe" in the Windows System folder. (Sophos)

W32/Rbot-AEJ - This Rbot variant installs itself as "system.exe" and can be used for a number of malicious applications, including launching a denial-of-service attack, acting as a proxy server and logging keystrokes. (Sophos)

W32/Mytob-M - A mass-mailing worm variant that spreads through a message looking like an account warning of some type. The attachment could be a zip file with a double extension to confuse users. It disables access to security Web sites by modifying the Windows HOSTS file. (Sophos)

Troj/CashGrab-C - A Trojan that attempts to steal information entered into banking Web sites. One file it installs on the infected machine is "msupdate.dll". (Sophos)

Troj/FakeAle-D - A virus that displays a fake blue screen error message in the background of the infected Windows machine. It also can be change the setting for Internet Explorer. It drops "wp.exe" on the infected machine. (Sophos)
**********

From the interesting reading department:

Mytob writers could be creating a super bug

Virus writers responsible for the recent rash of Mytob worm variants could be working on creating a super worm, a security researcher warned Friday. The "HellBot" group behind the Mytob worms write programming instructions in their code that mirror the way developers work, said Sophos Security Consultant Carole Theriault. IDG News Service, 06/03/05.
http://www.networkworld.com/news/2005/060305-mytob-worm.html?nl

Jason Meserve is multimedia editor at Network World.