Firefox update fixes 12 security bugs

* Patches from Mozilla, SuSE, Mandriva, others * Beware downloader Trojans * Vista Beta 2: Microsoft bites the security bullet, and other interesting reading

Today's bug patches and security alerts:

Firefox update fixes 12 security bugs

Mozilla has released updates to its Firefox browser and Thunderbird e-mail client that fix a number of critical security flaws in the open-source products. The Firefox update, which was in the process of being automatically delivered to Firefox 1.5 users Friday, addresses 12 security flaws. The release also includes some fixes designed to make the browser more stable, Mozilla said on its Web site. IDG News Service, 06/02/06.

More from Mozilla

Related US-CERT advisory


Microsoft flaw affects XP, Server 2003

A new flaw found in Microsoft's software could be exploited to cause a denial-of-service attack on certain applications, although the bug isn't viewed as being severe. IDG News Service, 06/02/06.

Secunia advisory


SuSE patches rug

According to a SuSE advisory, "RedCarpet allows the remote administration of systems by running the rc daemon (rcd) on the server side to accept SSL encrypted commands from the client. The tool rug is such a client application that can be run from command-line. The client does not verify the SSL certificates received from the server and is therefore vulnerable to a man-in-the-middle attack which allows an attacker to read traffic and to insert commands." An update is available.


Mandriva releases patch for evolution

A flaw in evolution could cause it to crash when specially crafted images are loaded. A fix is available.


Four new updates for Drupal

There are four new updates for the Drupal open source content management system:

Drupal 4.6.8 / 4.7.2 fixes XSS issue

Drupal 4.6.8 / 4.7.2 fixes arbitrary file execution issue

Drupal 4.6.7 / 4.7.1 fixes arbitrary file execution issue

Drupal 4.6.7 / 4.7.1 fixes SQL injection issue


New updates from Debian:

lynx-cur (multiple flaws)

xmcd (denial of service)

PostgreSQL (multiple flaws)

centericq (buffer overflow, code execution)

freeradius (multiple flaws)


Today's roundup of virus alerts:

Troj/Dloadr-WY -- A downloader Trojan that communicates with remotes sites via HTTP. It installs "msnwisterd.exe" in the Windows System folder. (Sophos)

Troj/Dloadr-WZ -- The second downloader Trojan of the day installs itself as "4da92ad5.exe" in the System directory. (Sophos)

Troj/Dloadr-AHY -- The third Dloadr variant installs itself as an eight character .exe in the Windows System folder. (Sophos)

W32/Tigs-B and C -- This virus modifies the Windows HOSTS file to prevent access to security-related Web sites. It initially installs "taskmgr.exe" to the Windows folder, "file.sys" to the System folder and "hilder.exe" to the Current folder. (Sophos)

W32/Sdbot-BUK -- An IRC backdoor worm that spreads through network shares by exploiting known Windows flaws. It copies itself to the Windows System folder using one a variety of .exe names, including "algs.exe", "csrs.exe", "explorer.exe", "firewall.exe" or "iexplore.exe". (Sophos)

Troj/Bckdr-E -- A backdoor worm for Windows that installs "Server2.0.exe" in the Windows directory and registers itself as "Server2.0". (Sophos)

W32/Torvil-B -- A worm that spreads through an e-mail message with an attached PIF or ZIP attachment. When run, it asks the user to click ok to "patch" a problem on the target host. (Sophos)

W32/Rbot-DYL -- An Rbot variant that allows backdoor access through IRC and can be used as a SOCKS4/Web proxy and to record keystrokes and webcam images. It spreads through network shares by exploiting known Windows flaws and installs itself as "updsys.exe" in the System folder. (Sophos)

Troj/Agent-BUC -- A Trojan designed to steal e-mail account information from the infected host. It drops "ldanw32.exe" in Windows folder. (Sophos)


From the interesting reading department:

Vista Beta 2: Microsoft bites the security bullet

Testing of Vista Beta 2 shows deployment pain will yield security gain. Network World, 06/05/06.

Laptop theft compromises customer data is warning nearly a quarter of a million customers that they may have had their credit card numbers stolen, following the theft of an unencrypted laptop belonging to the travel Web site's auditor, Ernst & Young Global. IDG News Service, 06/02/06.

Phishing scam aimed at

A "phishing" site that harvested the login and credentials of users was removed as of Friday from a California server, a security vendor reported. IDG News Service, 06/02/06.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2006 IDG Communications, Inc.

IT Salary Survey 2021: The results are in