Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Phishers getting smarter

Patches from Microsoft, Nokia, Mandriva, others Phish Page Steals Your Details, Then Logs You In Red Hat says its servers, Fedora Project's systems, breached, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 08/25/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Today's malware news:

Phish Page Steals Your Details, Then Logs You In
A Phish for the popular Habbo Hotel caught my eye today because it does just that - seamlessly logging you into Habbo Hotel once your details have been stolen. The SpywareGuide Greynets Blog, 08/22/2008.
**********

This Month in the Threatscape Video: View now

Today's bug patches and security alerts:

Microsoft admits posting flawed update
Microsoft re-released one of its Aug. 11 security updates yesterday, explaining that it had posted an incomplete version to its own download center last week. The admission was the third time in the last two months that Microsoft has had to re-issue a security-related update. Users who manually downloaded MS08-051 since Aug. 12 to patch Office 2003 should obtain the second version as soon as possible, Microsoft said. People who obtained the update via Windows Update or through their company's Windows Server Update Services (WSUS) server, or who updated other versions of Office, do not need to reinstall MS08-051. Computerworld, 08/22/2008.
**********

Related Content

Nokia admits security flaws in Series 40 OS
Nokia confirmed Thursday its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications. IDG News Service, 08/21/2008.
**********

Six new patches from Mandriva:

libxml2 (denial of service)

metisse (integer overflow, code execution)

xine-lib for Mandriva 2008.0 (multiple flaws)

xine-lib for Mandriva 2008.1 (mulitple flaws)

mtr (stack overflow, code execution)

yelp (format string, code execution)
**********

Two new updates from rPath:

postfix (privilege escalation)

freetype (multiple flaws)
**********

Two new fixes from Ubuntu:

Postfix (root file access)

xine-lib (multiple flaws)
**********

Two new patches from Debian:

libxml2 (denial of service)

linux-2.6 (denial of service, information leak)
**********

From the interesting reading department:

Red Hat says its servers, Fedora Project's systems, breached
Red Hat confirmed Friday that hackers compromised infrastructure servers belonging to the company and the Fedora Project, including systems used to sign Fedora packages. In the Fedora breach, company officials said they had "high confidence" the hackers did not get the "passphrase used to secure the Fedora package signing key." Regardless, the company has converted to new Fedora signing keys. Network World, 08/22/2008.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed