Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Beware of new Word attack

Patches from Apple, Mandriva, Gentoo, others Targeted malware attacks against pro-Tibet groups FBI looks at Chinese role in Darfur site hack, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 03/24/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Microsoft warns of new Word attack
Be extra careful when opening documents in Windows, especially if they are Word files. Microsoft on Friday warned that cyber criminals may be taking advantage of an unpatched flaw in the Windows operating system to install malicious software on a victim's PC. IDG News Service, 03/22/08.

Microsoft security advisory
**********

Why Small Companies Should Think Outside Box for Protecting Endpoints: Download now

Open source Asterisk IP PBX needs patches to fix flaws
Businesses using open-source Asterisk-based IP PBXs should check whether to update the software version they are using in order to rid themselves of vulnerabilities that could compromise the systems. Network World, 03/21/08.

Asterisk advisory
**********

Related Content

Apple patches Digital Camera RAW Compatibility
Apple has released Digital Camera RAW Compatibility Update 2.0, which fixes a stack-based buffer overflow that could be exploited to run malicious code on an affected system. The update is for anyone that runs Aperture 2 or iPhoto 7.1.2.
**********

Six new patches from Mandriva:

audacity (denial of service)

perl-Net-DNS (denial of service)

kernel (memory access)

krb5 for Multi Network Firewall 2.0, Corporate Server 3.0 (multiple flaws)

krb5 for Mandriva 2007.0, Corporate 4.0 (multiple flaws)

krb5 for Mandriva 2007.1, 2008.0 (multiple flaws)
**********

Three new fixes from Gentoo:

ssl-cert eclass (SSL key disclosure)

ViewVC (multiple flaws)

OpenLDAP (denial of service)
**********

Three new updates from rPath:

bzip2 (denial of service)

unzip (denial of service)

krb5 (multiple flaws)
**********

Two new fixes from Ubuntu:

unzip (denial of service)

MySQL (multiple flaws)
**********

Two new updates from Debian:

asterisk (multiple flaws)

xwine (multiple flaws)
**********

Today's malware news:

Targeted malware attacks against pro-Tibet groups
Groups supporting freedom of Tibet have been attacked with highly targeted and technically advanced attacks. What do these attacks look like in practice? Lets take an example. F-Secure blog, 03/21/08.
**********

From the interesting reading department:

FBI looks at Chinese role in Darfur site hack
The U.S. Federal Bureau of Investigation is looking into a possible China connection in the hack of a nonprofit group created to draw attention to the ongoing genocide in western Sudan's Darfur region. IDG News Service, 03/21/08.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed