Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Just when you though the Storm was over

Patches from Ubuntu, Debian, Mandriva, others Trojan adware hiding in MP3s, McAfee says Misbehaving software mistaken for data breach, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 05/08/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Mozilla: Firefox plugin shipped with malicious code
Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plugin that has been downloaded thousands of times over the past three months. Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said.

Mozilla Security Blog: Compromised file in Vietnamese Language Pack for Firefox 2
**********

Getting to Know You: Managing Identity and Network Security : View now

Adobe breaks silence on February's PDF bugs
Three months after acknowledging multiple vulnerabilities in its popular Reader software and then patching the program, Adobe Systems Inc. yesterday finally provided some details about the bugs.

Read Adobe's advisory
**********

Related Content

Half dozen new patches from Ubuntu:

LTSP (information disclosure)

OpenOffice.org (multiple flaws)

KDE (denial of service, code execution)

Emacs (multiple flaws)

CUPS (denial of service, code execution)

Thunderbird (multiple flaws)
**********

Four new updates from Debian:

kazehakase (multiple flaws)

cacti (SQL injection)

b2evolution (input checking, cross-scripting attack)

blender (buffer overflow, code execution)
**********

Four new fixes from Mandriva:

openssh (security bypass)

kdelibs (denial of service, code execution)

emacs (non-secure temp files, file overwrite)

OpenOffice.org (multiple flaws)
**********

Four new patches from Gentoo:

X11 terminals (privilege escalation)

phpMyAdmin (information disclosure)

Horde Application Framework (multiple flaws)

kdelibs (denial of service, code execution)
**********

Today's malware news:

Storm Worm - Still Evolving
No sooner had various agencies commented on the reduction of the size of the Storm network than we started seeing signs of another wave of malware in the offing. Symantec Security Response blog, 05/05/08.

Trojan adware hiding in MP3s, McAfee says
Adware pushers have found a new way to trick you into downloading their annoying products: fake MP3 files. On Tuesday, security vendor McAfee reported that it's seen a huge spike in fake MP3 files spreading on peer-to-peer networks. IDG News Service, 05/06/2008.

Web attack worm on a rampage
The Internet Storm Center, which tracks online threats, warned Wednesday that a worm is infecting vulnerable Web sites with a database attack. Though relatively small by Web attack standards with about 4,000 reported infected sites, the assault adds invisible code to a site that can force. Computerworld, 05/07/2008.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed