* Patches from SuSE, FreeBSD, Red Hat, others * Beware the latest Trojan's * No back doors for CIA in our code: Microsoft, and other interesting reading It looks as if the Blaster outbreak is now well under control if not completely contained. But I did get a few tips from readers that had infected non-patched Windows machines that could be useful for future viruses.Reader Craig Cox writes:“I bought time for downloading patches by making a very small download of Zone Alarm. This will shut off the affected ports, permitting larger downloads such as the Symantec removal tool or the Windows Update to take place unmolested.”And reader John Everson used this method when fixing a relative’s machine: “The first thing I did was change the way errors were handled for the RPC service. Basically you change it from “Restart the computer,” and that fixes the rebooting problem (and saves some stress, etc.). Here are the steps (if you’re interested):* Go into the services applet/application/console. * Right-click the “Remote Procedure Call (RPC)” service.* Select Properties.* Go to the “Recovery” Tab.* Change each of the failure options to “Take No Action.”Naturally once you’re done cleaning up, you might want to change these options back to “Restart the Computer.”Thanks to both for their tips. For more on the Blaster aftermath: Blaster worm attack a bustA scheduled denial-of-service attack against Microsoft’s main software update Web site did not materialize Saturday, as computers infected with the W32.Blaster worm failed to find their target. IDG News Service, 08/18/03.https://www.nwfusion.com/news/2003/0817blastworm.htmlMicrosoft aims to outsmart denial-of-service attack Microsoft on Friday took steps to defend its patch download site from a denial-of-service attack expected to be launched this weekend by machines infected by the now notorious Blaster worm. Network World Fusion, 08/15/03.https://www.nwfusion.com/news/2003/0815mssmart.htmlMicrosoft, under attack, releases Blaster security adviceWith a new version of the W32.Blaster worm on the loose and set to spawn a massive denial-of-service attack on a Microsoft Web site Saturday, the software maker Friday released a set of security guidelines for users in an effort to minimize the damage. IDG News Service, 08/15/03.https://www.nwfusion.com/news/2003/0815msunder.htmlToday’s bug patches and security alerts:SuSE releases kernel patchA new update of the SuSE Linux kernel fixes a number of bugs and vulnerabilities that were discovered over the past couple weeks in previous versions of the code. For more, go to:https://www.suse.com/de/security/2003_034_kernel.html**********FreeBSD patches ibcs2FreeBSD is warning of a flaw in ibcs2, a kernel option that “provides system call translation for running Intel Binary Compatibility Specification 2”. The flaw could be exploited by an attacker to view kernel memory. For more, go to:https://www.nwfusion.com/go2/0818bug1a.htmlDoS vulnerability in FreeBSD’s signalFreeBSD’s signal code, which handles asynchronous events, contains a buffer overflow that could be exploited by a local user in a denial-of-service attack. For more, go to:https://www.nwfusion.com/go2/0818bug1b.html**********Red Hat issues new ddskk packagesA flaw has been found in the way ddskk, a simple Kana to Kanji conversion program, uses temporary files. This flaw could be exploited to overwrite arbitrary files on the affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-241.htmlRed Hat patches network configuration packageA number of bugs have been found in the network configuration utility for Red Hat Linux 9.0. A new version is available that fixes the flaws. For more, go to:https://rhn.redhat.com/errata/RHBA-2003-183.htmlRed Hat fixes cdrtools bugA bug has been found in the CD-burning software cdrtools for Red Hat Linux 9.0. It’s more of an annoyance than a security issues. A fix is available. For more, go to:https://rhn.redhat.com/errata/RHBA-2003-252.htmlRed Hat patches KDEA vulnerability in KDE’s Konqueror, in which authentication credentials may be sent to unintended third parties in clear text. An unauthorized user may be able to gain access to a password-protected site by exploiting this flaw. A new kdelibs package from Red Hat fixes these issues. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-235.html**********SGI warns of DoS flaw in IRIXA flaw in the way SGI IRIX’s nfsd code could lead to XDR decoding errors, which can trigger a system panic. A remote user could exploit this to cause a denial of service. For more, go to:https://www.nwfusion.com/go2/0818bug1c.htmlSGI issues warning on Checkpoint/Restart flawA flaw in SGI IRIX’s Checkpoint/Restart (cpr) application could be exploited by an attacker to overwrite certain files. A fix is available. For more, go to:https://www.nwfusion.com/go2/0818bug1d.html**********Apple patches realpathA flaw in Apple’s realpath function could be exploited by sending a path name that is 1,024 characters long through the function. Any application that calls the function could be susceptible to a denial-of-service attack, or an attacker could run arbitrary code. For more, go to:https://www.info.apple.com/kbnum/n120238**********Conectiva releases patch for lynxA CRLF (Carriage Return, Line Feed) injection vulnerability has been found in Conectiva’a implementation of lynx, a text-only Web browser. A fix is available. For more, go to:https://www.nwfusion.com/go2/0818bug1e.html**********Today’s roundup of virus alerts:W32/Donk-C – A virus that attempts to spread via network shares and installs a Trojan horse backdoor on the infected machine. (Sophos)Troj/Graybird-A – Another virus that drops a Trojan horse on the infected machine. This virus spreads via e-mail with a subject line of “updated” and an attachment named “03-26updated.exe”. (Sophos)**********From the interesting reading department:Review: AppShield edges InterDo in battle of Port 80 filtersA new class of products – often-dubbed Web application firewalls – attempt to thwart Port 80 focused attacks by using blacklist- and whitelist-style input filtering. See how six products rated in our tests. Network World, 08/18/03.https://www.nwfusion.com/reviews/2003/0818rev2.htmlNo back doors for CIA in our code: MicrosoftCreating back doors for the CIA would be a “stupid decision” as the feature would certainly be discovered, says Microsoft’s chief security strategist Scott Charney. The Age, 08/15/03.https://www.theage.com.au/articles/2003/08/15/1060871752574.html Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Network Management Software Network Management Software news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Certifications Certifications news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe