Count ’em: Five Microsoft flaws

Today’s bug patches and security alerts:

Microsoft issues patches for five software flaws

Microsoft Wednesday issued its first monthly security update since announcing the new initiative last week. The update consists of five Windows vulnerabilities, four of which the company deemed “critical.” Three of the flaws affect all recent Microsoft operating systems, including Windows NT, Windows 2000, Windows XP and Windows Server 2003. The fourth critical flaw affects only Windows 2000. Computerworld, 10/15/03.

https://www.nwfusion.com/news/2003/1020mssec.html

Microsoft bulletin:

https://www.microsoft.com/technet/security/winoct03.asp

Related Internet Security Systems alert:

https://xforce.iss.net/xforce/alerts/id/156

**********

Linksys EtherFast Cable/DSL Firewall Router flaw fixed

The way the Web-based administration defaults are set of the Linksys EtherFast Cable/DSL Firewall Router (BEFSX41), it is possible for an attacker to modify the router settings indirectly via a URL sent to an unsuspecting user. Linksys has released a firmware update to protect against this vulnerability:

https://www.linksys.com/download/firmware.asp?fwid=172

Digital Pranksters advisory:

https://www.nwfusion.com/go2/1013bug2a.html

**********

New version of mIRC fixes flaws

A number of vulnerabilities in mIRC have been fixed with Release 6.12 of the IRC chat client. The major flaw could be exploited to crash the client, terminating all chat sessions. To get the new version, go to:

https://www.mirc.com/get.html

**********

Security company warns of Hotmail worm

Security company Finjan Software Tuesday warned of a security vulnerability in Microsoft’s Hotmail Web-based e-mail service, but Microsoft said that the security hole has already been closed. IDG News Service, 10/14/03.

https://www.nwfusion.com/news/2003/1014securcompa.html

Finjan advisory:

https://www.finjan.com/news/press_show.cfm?press_release_id=122

**********

Debian releases updated tomcat4 packages

A denial-of-service vulnerability has been found in the Apache Tomcat 4.0.x server software. By sending several non-HTTP requests, it is possible to cause the server to stop responding to valid HTTP requests until the port has been reset. For more, go to:

https://www.debian.org/security/2003/dsa-395

**********

Conectiva fixes glibc

A buffer overflow in the getgrouplist() function and a bug with Brazilian daylight savings time have been fixed in this latest glibc update from Conectiva. For more, go to:

https://www.nwfusion.com/go2/1013bug2a.html

**********

Today’s roundup of virus alerts:

W32/Agobot-AB – Another variant of the Agobot virus that drops a Trojan horse application on the infected machine. (Sophos)

W32/Donk-D – Like the Agobot family, Donk-D takes advantage of the Windows DCOM RPC vulnerability to drop a Trojan Horse application on the infected machine. The Trojan logs on to an IRC channel to listen for commands from an attacker. (Sophos)

W32/Spybot-R – Another worm with backdoor capabilities as well as some keylogging functionality. This worm spreads via the Kazaa file-sharing network. (Sophos)

**********

From the interesting reading department:

White paper: U.K.’s Internet infrastructure open to prying eyes

Network Penetration conducted a survey at the start of 2003 to check the status of the U.K.’s DNS infrastructure. The second scan of the year has just been completed with the results are much more positive. There are still some serious holes in major areas, but much improvement has been made in the last eight months. The rest of the paper will discuss what was tested, the results, some sample zone transfers and finally some recommendations.

https://www.networkpenetration.com/ukdns.html

Review: IDS in the wild

We test intrusion-detection systems on a live production system. Network World, 10/13/03.

https://www.nwfusion.com/reviews/2003/1013idsrev.html

Terminating a systems administrator

When it’s time for an IT employee to go, eliminate all the ways that person can access your network. Network World, 10/13/03.

https://www.nwfusion.com/careers/2003/1013man.html

IBM execs see changing focus on security with rise of WLANs

IBM executives offered their perspectives on what they say are distinct changes in security focus at corporations and government brought on by events such as the Sept. 11 terrorist attacks and more everyday problems such as poorly protected wireless LANs. Network World, 10/13/03.

https://www.nwfusion.com/news/2003/1013ibmside.html

Gore: Intrusive technology may make us less secure

The relentless drive for more intrusive technology to help improve security may result in a society that is less secure, warned Al Gore, former vice president of the U.S., speaking Tuesday at the Carnahan Conference on Security Technology in Taipei. IDG News Service, 10/14/03.

https://www.nwfusion.com/news/2003/1014goreintru.html

Study: Internet fraud and attacks rise in tandem

Internet use is still growing fast but so is Internet-based fraud, according to security vendor VeriSign, which examined data from its own infrastructure services between August 2002 and August 2003. IDG News Service, 10/14/03.

https://www.nwfusion.com/news/2003/1014studyinter.html

BEA unveils enterprise security architecture

Middleware maker BEA Systems continued to build its security profile Monday with the announcement of a distributed security architecture, WebLogic Enterprise Security, or WLES. IDG News Service, 10/13/03.

https://www.nwfusion.com/news/2003/1013beaunveil.html