Free Republic

Flaws in SP2 security features Author: Jürgen Schmidt, heise Security Date: August 13,2004 German Advisory: http://www.heise.de/security/artikel/50046 English Version: http://www.heise.de/security/artikel/50051 Overview With Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet. There are two flaws in the implementation of this feature: a cmd issue and the caching of ZoneIDs in Windows Explorer. The Windows command shell cmd ignores zone information and starts executables without warnings. Virus authors could use this to spread viruses despite the new security features of SP2. Windows Explorer does not...

Don't connect that new PC to the Internet before taking security precautions, researchers at the Internet Storm Center warned Tuesday. According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it's compromised by malware, on average. That figure is down from around 40 minutes, the group's estimate in 2003. The Internet Storm Center, which is part of the SANS Institute, calculated the 20-minute "survival time" by listening on vacant Internet Protocol addresses and timing the frequency of reports received there. "If you are assuming that most of these reports are...

Dear SBC Yahoo! Member: If you are using the Windows XP Operating System on any of your computers connected to SBC Yahoo! Dial or SBC Yahoo! DSL, this courtesy message is for you. Users of other operating systems are not affected. In August, Microsoft Corporation will be offering Windows XP users an update called "Service Pack 2". You may hear about the Service Pack 2 update in the news, on the Internet, or by seeing prompts on your computer screen telling you to load a "Critical Upgrade" to Windows. Service Pack 2 provides a series of security enhancements for the...

Researchers spot XP SP2 security weakness IE drag and drop feature could be exploited by hackers Iain Thomson, vnunet.com 20 Aug 2004 Security researchers believe they have discovered a weakness in the new security given to Windows XP by the recently unveiled Service Pack 2 (SP2). Since XP SP2 was released, activists have been searching for weaknesses in the security-focused service pack. Microsoft yesterday dismissed claims by German researchers to already have discovered a flaw. Now a group has claimed that exploit code could bypass the new security procedures in XP by using the 'drag and drop' features of Internet...

The "highly criticial" vulnerability affects Internet Explorer 5.01, 5.5, and 6 on fully patched PCs running either Windows XP SP1 or the newer SP2.By Gregg Keizer, TechWeb News   Another flaw in Internet Explorer has been uncovered by Danish security firm Secunia, which said that the gaffe left all PC users open to attack, even those who had updated Windows XP with the massive Service Pack 2 upgrade. According to the alert that Secunia posted Thursday on its Web site, the vulnerability affects Internet Explorer 5.01, 5.5, and 6 on fully patched PCs running either Windows XP SP1 or...

A security flaw in the way many Microsoft applications process JPEG images could allow an attacker to gain control over a computer running the software, Microsoft warned this week. Any program that processes JPEG images could be vulnerable, Microsoft says in Security Bulletin MS04-028. To take advantage of the flaw, an attacker would have to persuade a user to open a specially crafted image file. The image could be hosted on a Web site, included in an e-mail or Office document, or hosted on a local network, Microsoft says. A wide range of Microsoft software, including various versions of its...

More than 30,000 PCs per day are being recruited into secret networks that spread spam and viruses, a study shows. Six months ago only 2,000 Windows machines per day were being recruited into these so-called bot nets. Experts say the numbers are growing quickly because the remotely controlled networks are so useful to people who profit from hacking and virus writing. The figures came to light in Symantec's biannual Internet Threat Report which traces trends in net security. Hidden harm Nigel Beighton, a member of Symantec's Threat Team, said the number of PCs being enrolled in these networks was...

If you use a Windows personal computer to access the Internet, your personal files, your privacy and your security are all in jeopardy. An international criminal class of virus writers, hackers, digital vandals and sleazy businesspeople wakes up every day planning to attack your PC. And the company that controls the Windows platform, Microsoft, has made this too easy to do by carelessly opening numerous security holes in the operating system and its Web browser. Even if you install the recent Service Pack 2 update to Windows XP, you will still be vulnerable. As I have said before, I believe...

One of the standard security tactics enterprises apply won't work when defending PCs against threats posed by the image processing flaw found last week in Windows and numerous applications, security experts said Tuesday. The JPEG bug in Windows XP and Windows Server 2003, as well as in a host of both Microsoft and non-Microsoft applications, can't be defended by blocking JPEG images at the gateway, said John Pescatore, vice president of Gartner's Internet security group. "You can't simply block against this threat by file extension," said Pescatore, "since hackers could simply rename the file type and Windows would still process...

A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way Microsoft's software processes JPEG graphics, could allow a program to take control of a victim's computer when the user opens a JPEG file. "Within days, you'll likely see...

If you're one of about 200 million people using older versions of Windows and you want the latest security enhancements to Internet Explorer, get your credit card ready. Microsoft this week reiterated that it would keep the new version of Microsoft's IE Web browser available only as part of the recently released Windows XP operating system, Service Pack 2. The upgrade to XP from any previous Windows versions is $99 when ordered from Microsoft. Starting from scratch, the operating system costs $199. What's new: People using older versions of Windows can't get an important security update to the Internet Explorer...

It was only a matter of time before someone unleashed malware that exploits the JPEG GDI+ vulnerability. Over the last two weeks various people have released proof of concept code in stages. The first code base that consisted of a corrupted JPG image file that caused an application to crash. The second code based was a JPG image that spawned a local command shell with no remote access. Within hours of the second code base released another person claimed to have made the command shell bind to a port for remote access.  Now someone has taken matters to a greater extreme by unleashing...

Home | FAQ | Contact | Privacy Policy | Unsubscribe from Alerts Search US-CERT > Advanced Search National Cyber Alert System Cyber Security Alert SA04-286A Multiple Vulnerabilities in Microsoft Windows, Internet Explorer, and Excel Original release date: October 12, 2004 Last revised: -- Source: US-CERT  Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Excel, including Macintosh versions  Overview By taking advantage of one or more vulnerabilities in Microsoft products, an attacker may be able to take control of your computer.  Solution Apply updates Microsoft has released security updates for a number of products, including Windows, Internet Explorer, and Excel....

SEATTLE (AP) - Microsoft Corp. released 10 security fixes for various products Tuesday, including seven that fix flaws the company said pose the highest threat to users. The new patches apply to a variety of products, including some versions of Microsoft's Windows operating system and server software, its Internet Explorer Web browser and Excel spreadsheet program. The seven critical flaws could allow an attacker to take control of a user's computer, while three other fixes deemed "important" - the second-highest rating - pose less of a threat. ' The Redmond software giant also rereleased a patch it put out last...

  Search US-CERT > Advanced Search National Cyber Alert System Technical Cyber Security Alert TA04-293A Multiple Vulnerabilities in Microsoft Internet Explorer Original release date: October 19, 2004 Last revised: -- Source: US-CERT  Systems Affected Microsoft Windows systems running Internet Explorer versions 5.01 and later; previous, unsupported versions of Internet Explorer may also be affected Programs that use the WebBrowser ActiveX control (WebOC) or MSHTML rendering engine  Overview Microsoft Internet Explorer (IE) contains multiple vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE.  I. Description Microsoft...

Report Considering the publicity that has surrounded - and, despite super new security-focused Service Packs, continues to surround - Windows security issues, Microsoft's determination to demonstrate that Linux is less secure than Windows shows a certain chutzpah. The company has however had some support here; Forrester, for example, provides some numbers that can be used to support the contention that Microsoft flaws are less severe, less numerous and fixed faster. And although there's a general readiness among users to believe that Windows is a security disaster area, there's also a reasonable amount of support for the view that Linux would...

Internet users at home are not nearly as safe online as they believe, according to a nationwide inspection by researchers. They found most consumers have no firewall protection, outdated antivirus software and dozens of spyware programs secretly running on their computers. One beleaguered home user in the government-backed study had more than 1,000 spyware programs running on his sluggish computer when researchers examined it. Bill Mines, a personal trainer in South Riding, Va., did not fare much better. His family's 3-year-old Dell computer was found infected with viruses and more than 600 pieces of spyware surreptitiously monitoring his online activities....

IT security experts have warned that a newly intercepted mutant of the infamous mass-mailing Bagle worm, dubbed Bagle.bb, has begun to spread rapidly across the internet.Over one million email infections were reported within a few hours of the virus being discovered in the wild on Friday morning. The peak infection rate was between 8am and 9am, when virus infection rates trebled from the hour previously, according to email security company BlackSpider Technologies.This latest Bagle variant, a mass-mailing worm containing its own SMTP engine, comes packed with PeX with the attachment in the executable of a name, McAfee's Avert antivirus team...

A new spoofing flaw in Microsoft's Internet Explorer browser allows an improperly coded web link to send users to a diffferent URL than the one displayed in the status bar. The flaw, which was posted to the Bugtraq mailing list by Benjamin Franz, is exploited by placing two URLs and a table within a single HTML href tag, producing a link that looks like this: http://www.microsoft.com displaying http://www.microsoft.com in the browser, but sending the user to Google. Franz says the exploit works in fully-patched versions of Internet Explorer and Outlook Express, meaning the HTML code can be used to...

Salinas, Calif. — Though less than a year old, the PC took more than åfive minutes to start up and never shut down without stalling on error messages. Attempts to Web surf generated at least a half-dozen pop-up ads and — frequently — system freezes. Internet Explorer's home page was hijacked. Attempts to reach some sites, including eBay — were redirected to random search engines that only called up more ads. Google search results were altered. And the modem, without permission, tried to dial distant lands in search of porn. Welcome to the nasty world of a PC infected with...