Apple has its own Patch Tuesday

* Patches from Apple, Mandriva, rPath, others * All Your (Data)base Are Belong to Trojan.Eskiuel * Top list of celebrity names most abused by malware writers, and other interesting reading

Apple Patch Tuesday came out of the blue this week with a new Mac OS X 10.5.5 update the fixes flaws in numerous systems, including a well-known DNS vulnerability. The company also released an update for Remote Desktop to fix a privilege flaw. Plus, there's a new Trojan on the march trying to infiltrate SQL Server systems.

Mac OS X v10.5.5 update fixes numerous flaws

The new Mac OS X v10.5.5 update fixes flaws in a number of subsystems: ATS, Bind, ClamAV, Directory Services, Finder, ImageIO, Kernel, libresolv, Login Window, mDNSResponder, OpenSSH, QuickDraw Manager, Ruby, SearchKit, System Configuration, System Preferences, Time Machine, VideoConference and Wiki Server. The most serious of the vulnerabilities could be exploited to run malicious code.


Apple update finally fixes important DNS bug

US-CERT: Apple Updates for Multiple Vulnerabilities

Apple releases security update for Remote Desktop

A design issue exists in the Open Scripting Architecture libraries when determining whether to load scripting addition plugins into applications running with elevated privileges. Users should upgrade to version 3.2.2 to fix the vulnerability.


Six new patches from Mandriva:

R-base (symlink, file overwrite)

koffice (denial of service, code execution)

mplayer (memory overwrite, code execution)

Apache (multiple flaws)

Apache2 (cross scripting, script injection)

Kolab Server (password retrieval)**********

Two new fixes from rPath:

wireshark (denial of service)

mercurial (permissions error)**********

Two new patches from Debian:

OpenSSH (denial of service)

git-core (buffer overflow, code execution)**********

Today's malware news:

All Your (Data)base Are Belong to Trojan.EskiuelModern SQL databases are flexible, efficient, and can run commands at an OS level easily-a perfect target from a malicious code perspective! Our honeypot servers are full of plenty of worms that spread by email, IM, file-sharing, or network vulnerabilities, so finding a Trojan that targets SQL databases is always an unusual surprise for a virus researcher. Symantec Security Response, 09/17/2008.Recent Microsoft Vulnerability Exploited in the WildNot surprisingly, attackers are again targeting vulnerabilities from the latest set of Microsoft Security Bulletins. This time around, it is the Microsoft Media Encoder ActiveX overflow patched in MS08-053. This attack chronology is another example of the rapid adoption of public exploits into widely deployed exploit toolkits. Symantec Security Response, 09/15/2008.JavaScript Injection AttackJavaScript injection attacks seem to be the in thing these days. Malware writers are increasingly utilizing such attacks as a better means to spread their work. F-Secure, 09/18/2008.BusinessWeek turned into malware playgroundThe Web site of BusinessWeek magazine has suffered a major SQL injection attack in recent days that left it hosting malware from hundreds of its pages, Sophos has reported. TechWorld, 09/15/2008.


From the interesting reading department:

Brad Pitt, Beyonce and Justin Timberlake top list of celebrity names most abused by malware writers

Brad Pitt, Mariah Carey and George Clooney are among the stars whose names are being most exploited across the Web to lure unwary fans into downloading wallpaper and screensaver software that's really malware in disguise. Network World, 09/17/2008.

At Adobe's request, hackers nix 'clickjacking' talkAfter Adobe Systems asked them to keep quiet about their findings, two security researchers have pulled out of a technical talk where they were going to demonstrate how they could seize control of a victim's browser using an online attack called 'clickjacking.' IDG News Service, 09/16/2008.Microsoft releases internal security tools, methodsMicrosoft will soon release tools and methods it has used over the last few years to reduce the number of security problems in its software. IDG News Service, 09/16/2008.Keyloggers beaten by new crypto utilityA German company has come up with a program it claims can protect against the biggest weak spot of most encryption systems - keyloggers that record passphrases as they are entered. TechWorld, 09/15/2008.Forever 21: Nearly 99,000 cards compromised in data theftsNearly 99,000 payment cards used by customers at several Forever 21 Inc. retail stores may have been compromised in a series of data thefts dating back to August 2004. Computerworld, 09/16/2008.New fraud report: Information theft is Asia's biggest fearA major survey of global executives has found that physical theft (41%) is the most common problem for companies in Asia, followed by information theft (31%) and regulatory or compliance breaches (28%). CIO Asia, 09/16/2008.Spammers react to Large Hadron ColliderSouth West Sydney is choking on a thick radiation cloud after the Lucas Heights reactor exploded, according to spammers. Computerworld, 09/16/2008.Palin's Yahoo mail reportedly published on WikileaksHackers say they have gained access to U.S. vice presidential candidate Sarah Palin's Yahoo account and published some of its contents on the Wikileaks Web site. IDG News Service, 09/17/2008. Screen shots of Palin's hacked inbox

Also check out the

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2008 IDG Communications, Inc.

IT Salary Survey: The results are in