Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Microsoft fixes Print Spooler, Plug and Play flaws

Patches from Microsoft, Sun, Gentoo, others Beware new Mytob variant spreads through an e-mail message titles "Abuse Report" Microsoft to reissue Windows 2000 SP4 update, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 08/11/2005
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

Today's bug patches and security alerts:

Microsoft fixes Print Spooler, Plug and Play flaws

Read the latest WhitePaper - How to Offer the Strongest SSL Encryption

Microsoft  has released patches for six flaws in Windows and Internet Explorer, some of which could allow an attacker to gain control of a computer system. The patches, which include a fix for a newly discovered flaw in Microsoft's Plug-and-Play software, were released Tuesday and comprise Microsoft's regular patch releases for August. IDG News Service, 08/09/05.
http://www.networkworld.com/news/2005/080905-microsoft-patch.html

Microsoft advisories:

Related Content

MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx

MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing:
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx

MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service:
http://www.microsoft.com/technet/security/Bulletin/MS05-041.mspx

MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/Bulletin/MS05-040.mspx

MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege:
http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx

MS05-038: Cumulative Security Update for Internet Explorer:
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx


Other related advisories:

CERT:
http://www.us-cert.gov/cas/techalerts/TA05-221A.html

ISS - Multiple Microsoft Vulnerabilities:
http://xforce.iss.net/xforce/alerts/id/203

ISS - Windows Plug and Play Remote Compromise:
http://xforce.iss.net/xforce/alerts/id/202
**********


Sun releases patch for XView

XView applications running under root privileges could be exploited to change system files, according to a Sun advisory. A fix is available:
http://www.networkworld.com/go2/0808bug2a.html
**********


Gentoo patches heartbeat

Heartbeat, a sub-system for High-Availability Linux, does not create temporary files in a secure fashion. An attacker could exploit this using a symlink attack. For more, go to:
http://security.gentoo.org/glsa/glsa-200508-05.xml
**********


iDefense warns of bug in EMC Navisphere Manager

A directory traversal vulnerability in EMC's Navisphere Manager storage management tool could be exploited by an attacker to access arbitrary file on the affected system. For more, go to:
http://www.networkworld.com/go2/0808bug2b.html
**********


Ubuntu updates ekg, Gadu code libraries

Flaws in the ekg and Gadu code libraries could be exploited to run malicious applications on an affected system. For more, go to:
https://www.ubuntulinux.org/support/documentation/usn/usn-162-1


Ubuntu releases fix for xpdf

A flaw in the way certain tables and fonts are handled by the xpdf viewer application could create a large temporary file that would eat all available disk space, rendering the application and system unresponsive. For more, go to:
https://www.ubuntulinux.org/support/documentation/usn/usn-163-1

Related advisory from KDE:
http://www.kde.org/info/security/advisory-20050809-1.txt
**********


Mandriva patches netpbm

According to an alert from Mandriva, "Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file.  This could result in the execution of arbitrary commands with the privileges of the user running pstopnm if they could be convinced to try to convert a malicious PostScript file." For more, go to:
http://www.mandriva.com/security/advisories?name=MDKSA-2005:133
**********

 

Today's roundup of virus alerts:

Troj/Whistler-F -- A virus that attempts to delete files on the infected machine. It installs itself as "whismng.exe" in the System directory and displays the message "You did a piracy, you deserve it." (Sophos)

Troj/BMDrop-A -- A file dropper that installs "index.exe" in the Windows System folder. No other word on what type of damage it may cause. (Sophos)

Troj/HideProc-H -- A Trojan that can be used to hide processes from the system task manager. It could be be used to cover up other malicious applications. (Sophos)

Troj/BagleDl-R -- This Trojan injects its malicious payload into the explorer.exe file. It can be used to limit access to security related sites by modifying the HOSTS file and to disable security-related applications. (Sophos)

W32/Sdbot-ABV -- A new Sdbot variant that spreads through network shares and drops "windir32.exe" in the system folder. It can be used for a number of malicious purposes including participating in denial-of-service attacks and stealing local data. (Sophos)

Jason Meserve is multimedia editor at Network World.

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed

Whitepapers

Magic Quadrant for Application Delivery Controllers

Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...

Vulnerability Management For Dummies

Download this concise book "Vulnerability Management for Dummies," to learn about the simple steps...

The ROI and TCO Benefits of Data Deduplication for Data Protection in the Enterprise

This paper examines and quantifies the costs and benefits of backup with deduplication storage as...

View more SECURITY whitepapers

Webcasts

Transforming the Enterprise WAN Edge: Video from Cisco

Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Harnessing the power of communications to increase workplace performance

Due to the convergence of IT and telecommunications technologies, the business workplace has been...

View more SECURITY webcasts

Special Reports

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...

View more SECURITY special reports
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.