* Patches from Debian, Mandrake Linux, others * Beware another version of the Agobot virus * Microsoft deflecting MyDoom-B DoS attack, and other interesting reading Our online pooh-bah Adam Gaffin takes a look at Microsoft’s recommendations for avoiding malicious URLs by retyping them manually: http://napps.nwfusion.com/compendium/archive/004024.htmlOur online pooh-bah Adam Gaffin takes a look at Microsoft’s recommendations for avoiding malicious URLs by retyping them manually:https://napps.nwfusion.com/compendium/archive/004024.htmlWith a follow-up here: https://napps.nwfusion.com/compendium/archive/004036.htmlToday’s bug patches and security alerts: ISS warns of holes in Check Point firewall, VPN serverInternet Security System Wednesday issued a warning of critical vulnerabilities in Check Point’s Check Point Firewall-1 and Check Point VPN-1 Server and SecuRemote and SecureClient VPN clients. IDG News Service, 02/05/04.https://www.nwfusion.com/news/2004/0205isswarns.html?nlISS VPN server advisory:https://xforce.iss.net/xforce/alerts/id/163ISS firewall advisory: https://xforce.iss.net/xforce/alerts/id/162**********Software flaw could leave Cisco gear vulnerable to freezes/shutdownsA hardware vulnerability may cause some high-end Cisco switches and routers with specific configurations to crash, but only under very specific circumstances. Network World Fusion, 02/04/04. https://www.nwfusion.com/news/2004/0204cisflaw.html?nlCisco advisory:https://www.nwfusion.com/go2/0202bug2a.html**********Microsoft patches IE flawsMicrosoft Monday released a security patch to fix three known vulnerabilities in its Internet Explorer Web browser that have been exploited to attack Internet users. IDG News Service, 02/02/04.https://www.nwfusion.com/news/2004/0202micropatch.html?nlMicrosoft advisory:https://www.microsoft.com/technet/security/bulletin/MS04-004.aspRelated CERT advisory:https://www.us-cert.gov/cas/techalerts/TA04-033A.html**********Debian patches kernel for mips and mipselA flaw in the Debian Linux kernel for mips and mipsel contains vulnerability that could be exploited to gain local root access on the affected machine. For more, go to:https://www.debian.org/security/2004/dsa-433Debian releases new Perl packageAn information leak in certain Perl implementations could allow an attacker to view information in files they normally would not have access to. For more, go to:https://www.debian.org/security/2004/dsa-431Debian issues crawl fixA buffer overflow has been found in crawl, a dungeon exploration game for Debian. No word on how it could be exploited or what the ramifications of such an exploit would be. For more, go to:https://www.debian.org/security/2004/dsa-432**********Mandrake Linux issues new fix for GaimTwelve vulnerabilities have been found in Gaim, a cross platform, multi-protocol instant messaging application. While some of the flaws are minor a few could be exploited to gain root privileges on the affected machine. For more, go to:https://www.nwfusion.com/go2/0202bug2b.html**********Today’s roundup of virus alerts:W32/Agobot-CS – A Trojan horse that spreads via weakly protected network shares. It attempts to connect to an IRC server to allow an attacker gain access to the infected machine as well as stops various security-related application processes. (Sophos)W32/Agobot-P – Another version of the Agobot virus. This one too exploits weak passwords on network shares as well as the RPC DCOM vulnerability in Windows. Like its predecessors, it terminates security applications and provides backdoor functionality via an IRC connection. (Sophos)W32/SdBot-W – Like the two viruses mentioned above, weak network share passwords and IRC backdoors are the name of the game with this virus. (Sophos)**********From the interesting reading department:Microsoft deflecting MyDoom-B DoS attackMicrosoft Tuesday said it had yet to be affected by a MyDoom-B worm-induced distributed denial-of-service attack, which anti-virus software companies predicted would be fairly easy for the software company to fend off. IDG News Service, 02/03/04.https://www.nwfusion.com/news/2004/0203microdefle.html?nlKDE update availableThe K Desktop Environment (KDE) Project announced Tuesday that the third version of its KDE3 desktop platform, called KDE3.2, is available for Linux and Unix operating systems. IDG News Service, 02/03/04.https://www.nwfusion.com/news/2004/0203kde.html?nl Related content news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Network Security Networking news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center news AWS and Nvidia partner on Project Ceiba, a GPU-powered AI supercomputer The companies are extending their AI partnership, and one key initiative is a supercomputer that will be integrated with AWS services and used by Nvidia’s own R&D teams. By Andy Patrizio Nov 30, 2023 3 mins CPUs and Processors Generative AI Supercomputers news VMware stung by defections and layoffs after Broadcom close Layoffs and executive departures are expected after an acquisition, but there's also concern about VMware customer retention. By Andy Patrizio Nov 30, 2023 3 mins Virtualization Data Center Industry Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe