First patch for Windows Server 2003

Today’s bug patches and security alerts:

Microsoft issues first patch for Windows Server 2003

For Microsoft, this is the equivalent of a child taking its first steps: Two serious security flaws that could allow an attacker to take over a user’s system exist in all current versions of Microsoft’s Internet Explorer Web browser, including the one that ships with Windows Server 2003, Microsoft said Wednesday. IDG News Service, 06/04/03.

Story:

https://www.nwfusion.com/news/2003/0604microissue.html

Microsoft bulletin:

https://www.microsoft.com/technet/security/bulletin/MS03-020.asp

**********

More Apache updates available

SGI and Mandrake Linux have released updates for their implementations of the Apache Web server. As we reported last week, another security hole was found in the Apache code. Version 2.0.46 is the latest update to patch all known vulnerabilities. For more, go to:

SGI:

https://www.networkworld.com/ftp://patches.sgi.com/support/free/security/advisories/20021105-02-I

Mandrake Linux:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:063-1

**********

Red Hat releases kernel 2.4 update

A new update for Version 2.4 of Red Hat’s kernel is now available. This update fixes a number of security vulnerabilities as well as bugs in a number of drivers. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-187.html

Red Hat issues updated kon2 package

A buffer overflow in kon2, a Kanji emulator for the console, could be exploited by a malicious user to gain root access on the affected system. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-047.html

**********

OpenPKG patches ghostscript

A flaw in ghostscript, an interpreter for the PostScript language, could be exploited to run arbitrary commands on the affected machine. For more, go to:

https://www.openpkg.org/security/OpenPKG-SA-2003.030-ghostscript.html

**********

New version of PHP available

The folks that bring you the PHP scripting language have released a new update that fixes a number of bugs and security flaws. PHP 4.3.2 is now available for download. For a list of the changes, go to:

https://www.php.net/ChangeLog-4.php

**********

Debian releases new version of gPS

Debian has released an updated version of gPS, a graphical tool for watching system processes. Version 1.1.0 fixes a number of bugs and security flaws found in previous releases. For more, go to:

https://www.debian.org/security/2003/dsa-307

**********

Immunix patches file

A flaw in the file command for Immunix could be exploited by a malicious user to gain root access on the affected machine. An update is available at:

https://download.immunix.org/ImmunixOS/7+/Updates/RPMS/file-3.30-7_imnx_3.41_1.i386.rpm

Imunnix releases patch for wget

A flaw in wget could be exploited by a malicious FTP server operator to overwrite files on the affected machine. For more, go to:

https://download.immunix.org/ImmunixOS/7+/Updates/RPMS/wget-1.8.2-4.70_imnx_3.i386.rpm

**********

Today’s roundup of virus alerts:

W32/Bugbear-B – A new version of Bugbear is now spreading quickly, according to Sophos. Like its predecessor, this virus spreads via infected e-mail attachments, usually .pif or .scr files. Bugbear-B terminates various antivirus and firewall programs on the infected machine and opens port 1080 to listen for remote commands. (Sophos)

Bat/Mumu-A – A virus that spreads by looking for IPC$ and ADMIN$ shares on remote computers which have weak passwords. No word on permanent damage caused by this virus. (Sophos)

Troj/Tunnel-A – This Trojan horse installs itself in the system folder with the name “sys64.exe”. It reports back to a remote Web server when it is active and listens on port 80 (HTTP) for commands. (Sophos)

**********

From the interesting reading department:

Microsoft vows to clean up its patch management mess

Microsoft will whittle down its stable of patch management tools from eight to two by year-end, according to the software giant’s chief security strategist. Network World Fusion, 06/03/03.

https://www.nwfusion.com/news/2003/0603charney.html

Worm variant disguised as e-mail from Gates

A potent variety of the Sobig e-mail virus is spreading on the Internet, according to warnings from a number of leading antivirus companies. IDG News  Service, 06/03/03.

https://www.nwfusion.com/news/2003/0603newworm.html

Experts: Worry more about insiders than cyberterrorism

Enterprises worried about cybersecurity should pay more attention to their own employees than to the as-of-yet unrealized threat of cyberterrorism, two cybersecurity experts warned a group of IT professionals Tuesday. IDG News Service, 06/03/03.

https://www.nwfusion.com/news/2003/0603terrorism.html