Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Microsoft fixes Print Spooler, Plug and Play flaws

Patches from Microsoft, Sun, Gentoo, others Beware new Mytob variant spreads through an e-mail message titles "Abuse Report" Microsoft to reissue Windows 2000 SP4 update, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 08/11/2005
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Today's bug patches and security alerts:

Microsoft fixes Print Spooler, Plug and Play flaws

Internet Trust Marks: Building Confidence and Profit Online: Download now

Microsoft  has released patches for six flaws in Windows and Internet Explorer, some of which could allow an attacker to gain control of a computer system. The patches, which include a fix for a newly discovered flaw in Microsoft's Plug-and-Play software, were released Tuesday and comprise Microsoft's regular patch releases for August. IDG News Service, 08/09/05.
http://www.networkworld.com/news/2005/080905-microsoft-patch.html

Microsoft advisories:

Related Content

MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx

MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing:
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx

MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service:
http://www.microsoft.com/technet/security/Bulletin/MS05-041.mspx

MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/Bulletin/MS05-040.mspx

MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege:
http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx

MS05-038: Cumulative Security Update for Internet Explorer:
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx


Other related advisories:

CERT:
http://www.us-cert.gov/cas/techalerts/TA05-221A.html

ISS - Multiple Microsoft Vulnerabilities:
http://xforce.iss.net/xforce/alerts/id/203

ISS - Windows Plug and Play Remote Compromise:
http://xforce.iss.net/xforce/alerts/id/202
**********


Sun releases patch for XView

XView applications running under root privileges could be exploited to change system files, according to a Sun advisory. A fix is available:
http://www.networkworld.com/go2/0808bug2a.html
**********


Gentoo patches heartbeat

Heartbeat, a sub-system for High-Availability Linux, does not create temporary files in a secure fashion. An attacker could exploit this using a symlink attack. For more, go to:
http://security.gentoo.org/glsa/glsa-200508-05.xml
**********


iDefense warns of bug in EMC Navisphere Manager

A directory traversal vulnerability in EMC's Navisphere Manager storage management tool could be exploited by an attacker to access arbitrary file on the affected system. For more, go to:
http://www.networkworld.com/go2/0808bug2b.html
**********


Ubuntu updates ekg, Gadu code libraries

Flaws in the ekg and Gadu code libraries could be exploited to run malicious applications on an affected system. For more, go to:
https://www.ubuntulinux.org/support/documentation/usn/usn-162-1


Ubuntu releases fix for xpdf

A flaw in the way certain tables and fonts are handled by the xpdf viewer application could create a large temporary file that would eat all available disk space, rendering the application and system unresponsive. For more, go to:
https://www.ubuntulinux.org/support/documentation/usn/usn-163-1

Related advisory from KDE:
http://www.kde.org/info/security/advisory-20050809-1.txt
**********


Mandriva patches netpbm

According to an alert from Mandriva, "Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file.  This could result in the execution of arbitrary commands with the privileges of the user running pstopnm if they could be convinced to try to convert a malicious PostScript file." For more, go to:
http://www.mandriva.com/security/advisories?name=MDKSA-2005:133
**********

 

Today's roundup of virus alerts:

Troj/Whistler-F -- A virus that attempts to delete files on the infected machine. It installs itself as "whismng.exe" in the System directory and displays the message "You did a piracy, you deserve it." (Sophos)

Troj/BMDrop-A -- A file dropper that installs "index.exe" in the Windows System folder. No other word on what type of damage it may cause. (Sophos)

Troj/HideProc-H -- A Trojan that can be used to hide processes from the system task manager. It could be be used to cover up other malicious applications. (Sophos)

Troj/BagleDl-R -- This Trojan injects its malicious payload into the explorer.exe file. It can be used to limit access to security related sites by modifying the HOSTS file and to disable security-related applications. (Sophos)

W32/Sdbot-ABV -- A new Sdbot variant that spreads through network shares and drops "windir32.exe" in the system folder. It can be used for a number of malicious purposes including participating in denial-of-service attacks and stealing local data. (Sophos)

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed