* Patches from Microsoft, OpenPKG, others * Beware "polymorphic" worm * U.S. agencies get help with security patches, and other interesting reading It’s never a good sign to turn on the weekend edition of NBC’s Today show and see a that a major virus is slowing Internet traffic to a crawl. If you haven’t heard already, the “Slammer” or “Sapphire” virus is affecting Microsoft SQL servers by flooding the systems with tons of traffic. I couldn’t pull up Weather.com late Saturday afternoon, presumably because of the worm. However, there is good news:1. The virus seems to be slowing:https://www.nwfusion.com/news/2003/0127slammworm.html2. It doesn’t cause any permanent damage beyond slowing systems down to a crawl. 3. There is a patch, which has been out since July, for the vulnerability that the worm exploits:https://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-039.asp Today’s bug patches and security alerts:Buffer overflow in Microsoft Locator ServiceA buffer overflow vulnerability in Microsoft’s Locator Service could be exploited to crash or run arbitrary code on the affected machine. For more, go to:Microsoft advisory:https://www.microsoft.com/technet/security/bulletin/ms03-001.aspRelated CERT advisory: https://www.cert.org/advisories/CA-2003-03.htmlMicrosoft releases cumulative patch for Content Management ServerA cross-scripting vulnerability has been found in Microsoft’s Content Management Server. An attacker could exploit this flaw to embed script into pages served by the CMS. This malicious code could then be run on a third-party machine. For more, go to:https://www.microsoft.com/technet/security/bulletin/MS03-002.asp Microsoft patches SMB flawThe Server Message Block protocol used for file-sharing in Windows 2000 and XP contains a flaw that could allow an attacker to lower SMB’s level of security. The attacker could then be able to monitor and change data inside an SMB session. For more, go to:https://www.microsoft.com/technet/security/bulletin/MS02-070.aspMicrosoft: Flaw in Outlook 2002 certificate handlingA flaw in the way Outlook 2002 uses a V1 Exchange Server Security certificate when encrypting a message could leave the message unprotected and sent in clear text. For more, go to:https://www.microsoft.com/technet/security/bulletin/MS03-003.asp**********More news on the CVS flawThe CERT Coordination Center security organization has warned of a critical vulnerability in the widely-used Concurrent Versions System (CVS) software which could enable an unauthenticated remote attacker with read-only access to execute arbitrary code, alter program operation, read sensitive information, or cause a denial of service to servers. IDG News Service, 01/24/03.Story:https://www.nwfusion.com/news/2003/0124cvsflaw.htmlCERT advisory:https://www.cert.org/advisories/CA-2003-02.htmlVendor patches:Slackware:ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/cvs-1.11.5-i386-1.tgzftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/cvs-1.11.5-i386-1.tgzConectiva:https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000561Mandrake Linux:https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:009**********OpenPKG patches pythonA flaw in the way the python scripting language creates filenames could be exploited to run arbitrary code on an affected machine. For more, go to:https://www.openpkg.org/security/OpenPKG-SA-2003.006-python.html**********More DHCP packages availableAs we’ve been reporting, a serious security flaw has been found in the Internet Software Consortium’s Dynamic Host Configuration Protocol that ships with many operating systems. An attacker could exploit this flaw to take control of the affected system. Additional operating systempatches are now available:SuSE:https://www.suse.com/de/security/2003_006_dhcp.htmlSlackware:ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/dhcp-3.0pl2-i386-1.tgzftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcp-3.0pl2-i386-1.tgzConectiva:https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562**********Today’s roundup of virus alerts:Troj/Dloader-BO – A Trojan horse that runs a file from masteraz.hypermart.net within three days of infecting a computer. No word on damage caused by this worm and it’s companion files. (Sophos)Redlof.B – A “polymorphic” worm that spreads via Outlook, HTT and HTML pages. The work disguises itself as Outlook stationary. (Panda Software)Buffy.D – This worm spreads via IRC, displaying messages on the infected machine each time it is restarted. No word on other potential damage caused by this virus. (Panda Software)Oror.Q – An Outlook virus that takes advantage of well-documented (and patches) iFrame vulnerabilities. The virus shuts down and deletes processes and files related to antivirus software. (Panda Software)Pornspa.F – A virus that dials out to a premium dial up service related to porn. (Panda Software)**********From the interesting reading department:Gates celebrates Trustworthy Computing in e-mailMicrosoft has come far to deliver on its “Trustworthy Computing” promise, but more needs to be done, Microsoft Chairman and Chief Software Architect Bill Gates said in an e-mail late Thursday. IDG News Service, 01/24/03.https://www.nwfusion.com/news/2003/0124gatesceleb.htmlSoftware automates video surveillanceCompanies and government agencies now can keep an eye on their facilities without having guards constantly watch monitors, thanks to software from ObjectVideo, the start-up announced Monday. IDG News Service, 01/27/03.https://www.nwfusion.com/news/2003/0127softwautom.htmlU.S. agencies get help with security patchesU.S. government agencies gained a new tool for fighting computer vulnerabilities this week with the launch of a service that helps them find the security patches they need. IDG News Services, 01/24/03.https://www.nwfusion.com/news/2003/0124usagenc.htmlISS reins in security managementInternet Security Systems last week reinforced its security management package to let it manage and correlate information about security events from across its family of intrusion-detection and vulnerability-assessment products. Network World, 01/27/03.https://www.nwfusion.com/news/2003/0127simiss.html**********Archives online:We’ve got archives. Come take a look:https://www.nwfusion.com/newsletters/bug/ Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Network Management Software Network Management Software news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Certifications Certifications news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe