Skip Links

Network World

  • Social Web 
  • Email 
  • Close

DNS patches continue to pour in

Patches from Gentoo, rPath, Mandriva, others Malware Install Hides Behind Fake Blue Screen Of Death Internet bug fix spawns backlash from hackers, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 07/10/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Comment
  • Print

DNS hole prompts synchronized patching effort by IT vendors
In a rare synchronized security move, Microsoft Corp., Cisco Systems Inc. and other IT vendors today released software patches aimed at addressing a fundamental design flaw in the Domain Name System (DNS) protocol used to direct traffic on the Internet. Computerworld, 07/08/2008.

A list of all vunlnerable systems can be found in this US-CERT advisory.

Read the latest WhitePaper - Network Seismology: How Metcalfe's Law Is Driving the Demand for a New Breed of Network Monitoring Probes

More DNS updates:

Cisco

Related Content

Ubuntu

Debian (BIND)

Debian (BIND9)

Mandriva
**********

Microsoft confirms active Word attacks
Only hours after it fixed nine vulnerabilities in several of its programs, Microsoft Corp. late Tuesday confirmed that attackers are exploiting an unpatched bug in Word. Now, some versions of Word and Access are vulnerable with no patch in sight. Computerworld, 07/08/2008.

Microsoft advisory
**********

Two new updates from Gentoo:

Poppler (user-assisted code execution)

PCRE (buffer overflow, code execution)
**********

Three new patches from rPath:

Ruby (buffer overflow, code execution)

vsftpd (denial of service)

Firefox (multiple flaws)
**********

Three new fixes from Mandriva:

Firefox (multiple flaws)

OpenOffice.org for Mandriva 2008.1 (integer overflow, code execution)

OpenOffice.org for older version of Mandriva (integer overflow, code execution)
**********

Today's malware news:

Malware Install Hides Behind Fake Blue Screen Of Death
Get a file called "ieupdater.exe"? If the file is allowed to execute on the PC, you may well see the dreaded Blue Screen Of Death (or BSOD to its friends). However, all is not what it seems. While the end-user is faced with the horrors of the BSOD, behind the scenes Malware is installing by the bucketload. The SpywareGuide Greynets Blog, 07/09/2008.

Microsoft Access Snapshot Viewer Exploited in Neosploit Wrapper
I have not managed to confirm that this is a completely new version of Neosploit, but in effect the attack consists of an encrypted block that is similar to some of the Mpack variants. Symantec Security Response blog, 07/09/2008.
**********

From the interesting reading department:

Internet bug fix spawns backlash from hackers
Hackers are a skeptical bunch, but that doesn't bother Dan Kaminsky, who got a lot of flack from his colleagues in the security research community after claiming to have discovered a critical bug in the Internet's infrastructure. IDG News Service, 07/10/2008.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed

Whitepapers

Windows Vista: Necessity and Opportunity

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...

Vulnerability Management For Dummies

Download this concise book "Vulnerability Management for Dummies," to learn about the simple steps...

Security Considerations When Deploying Remote Access Solutions

Effective network security is most successful when you use a layered approach, with multiple...

View more SECURITY whitepapers

Webcasts

Migrating to Windows Vista: Necessity and Opportunity

The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...

Turning information into a Competitive Advantage

Companies today are realizing that competitive advantage is harder to sustain when based solely on...

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

View more SECURITY webcasts

Special Reports

Unified Threat Management from CheckPoint

Discover why Unified Threat Management Firewalls are ready for the enterprise today. High...

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...

View more SECURITY special reports
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.