• United States

AOL IM flaw patched

Oct 20, 20034 mins

* Patches from Microsoft, Conectiva, Mandrake Linux, others * Beware virus arriving disguised as a DivX video trailer of the movie "Kill Bill" * Network Associates outlines security product strategy, and other interesting reading

Today’s bug patches and security alerts:

AOL Instant Messenger flaw patched

A buffer overflow can be exploited in the way the popular AOL Instant Messenger client handles long “aim://” URLs. An attacker could use this to cause the client to crash or potentially take control of the affected machine. AIM 5.5.3415 Beta is said to fix the problem:


Microsoft releases über patch for XP

Making good on a promise made last week from CEO Steve Ballmer to simplify security-patch deployment for companies, Microsoft this week released a consolidated Windows XP update that brings together 22 critical updates into one downloadable package. IDG News Service, 10/17/03.


SCO updates Xsco

Two unrelated security vulnerabilities were found in SCO’s Xsco X11 server module. It is possible for one buffer overflow to be exploited to run arbitrary code on the affected machine. The second flaw could be used to gain root privileges. For more, go to:


Conectiva, Mandrake Linux patch gdm

According to an alert from Mandrake Linux, “Two vulnerabilities were discovered in gdm by Jarno Gassenbauer that would allow a local attacker to cause gdm to crash or freeze.” For more, go to:


Mandrake Linux:


Conectiva patches ircd

A buffer overflow in ircd, an IRC chat daemon for Conectiva, could be exploited to crash the affected machine. For more, go to:


Mandrake Linux releases fetchmail update

A buffer overflow flaw in the popular fetchmail program could be exploited to cause the application to crash. A fix is available. For more, go to:


Today’s roundup of virus alerts:

Win32.Manda.A – This virus comes disguised as a DivX video trailer of the movie “Kill Bill”. It spreads via its own SMTP engine and also attempts to steal password information off the infected machine. (BitDefender)

W32/Donk-E – A Trojan horse designed to let an attacker carry out a variety of tasks on the infected machine via an IRC connection. (Sophos)

W32/Randex-Q – Another Trojan horse that uses an IRC connection to allow an attacker to take control of the infected machine. (Sophos)


From the interesting reading department:

Security audit

Professional auditor Shawn Bernard of Networks Unlimited exposes risks overlooked by IT staff of a New England medical center. Network World, 10/20/03.

Network Associates outlines security product strategy

Network Associates next week plans to outline a broad strategy to meld the anti-virus scanning and desktop firewall it currently sells with the application-based intrusion-prevention technology it acquired when it purchased Entercept into a single desktop software product. The company projects that this product will be developed within the next 12 to 18 months. Network World Fusion, 10/17/03.

MSN Premium to add McAfee anti-virus, firewall tools

Saying that online safety is now its customers’ primary concern, Microsoft will offer McAfee virus scan and firewall products to U.S. customers of its upcoming MSN Premium broadband Internet subscription service. IDG News Service, 10/17/03.

Verizon offers security service

Verizon this week unveiled a security service for small and midsized businesses. Verizon Business Internet Security Services monitors customers’ networks seven days a week, 24 hours a day. Customer support and automatic updates on security threats are also provided. The Edge, 10/16/03.

Odd mishaps cause computer grief

A man so angry with his laptop that he shot it has topped an annual league table of the oddest computer mishaps. BBC News, 10/16/03.