Recent
Articles |
IDC: IM Market Growing In Enterprise
The market for enterprise instant messaging applications saw 37 percent growth
from 2004 to 2005, and should more than double by 2009.
Check List for Linux Security
Linux is an amazing operating system considering how it was originally created.
It was a modest program written for one person as a hobby - Linus Torvald of Finland.
It has grown into a full-fledge 32-bit operating system. It is solid, stable and
provides support for an...
Get
Control of Endpoint Security
While you're on a business trip, you use the hotel or conference room wireless
network to check news and request an upgrade. A hacker exploits a new and un-patched
operating system vulnerability to install a rootkit (a virtually undetectable
infection)...
How
Will Your Network Be Compromised?
Every time I attend a "Security Guru's" meeting, I'm amazed by how much
time and effort is spent on discussing the complex hacking and computer compromise
of computer networks and systems."
|
|
 |
|
11.10.05
Microsoft's
November Security Bulletin: Friend Or Foe?
 By
John Stith
Microsoft sent out their new critical patch on Tuesday and it was loaded with
major fixes, 3 to be specific. While this Tuesday patch has become a regular event
with Microsoft, their most recent releases haven't been all that successful. In
some cases, they've done as much damage as they've corrected. Is the November
patch going to be more of the same?
Microsoft released a patch back in August, skipped September and had another one
for October. In both the August and October releases, major problems occurred
and the fixes could wreak havoc on computers if not done absolutely properly because
they involved registry changes or created vulnerabilities in the computer.
Two of the three are rated critical. One is a graphic rendering engine vulnerability
(GRE); the other is a Windows Metafile (WMF) vulnerability. The third, rated as
moderate, is an Enhanced Metafile (EMF) vulnerability.
The GRE problem is a remote code execution issue tied to the WMF and EMF image
formats. An attacker could take control of an effected system. It would occur
if the attacker somehow gained access either through file, like a picture file.
Or it could work from a web page designed to exploit this vulnerability. One workaround
was to view email in plain text format versus something supporting graphics.
The WMF problem is also a remote code execution issue. This is similar to the
graphics rendering issue in that they are both tied to the image format of the
WMF. Any program rendering WMF images is vulnerable to losing control of the affected
system. The work around is the same too.
The third update, while rated moderate, shouldn't be taken too lightly. The EMF
vulnerability could result in a denial of service attack by causing the affected
programs to stop responding. The vulnerability, like the other two, is tied to
an image format. The attacks can be circumvented in much the same manner. Read
your email in plain text format.
While these problems seem fairly easy to avoid, the can cause real damage. The
big question for Microsoft at this point is patch credibility. Is the new patch
going to do real good or real harm? Chances are, the hacker world is already working
their own ways to annoy people. It looks like this may be a no win scenario.
Google
Getting Phished?
By John Stith
Security firm Websense received reports of a nasty little phishing scam using
Google as bait. A spoof web page with Google's logo plastered all over it and
looking remarkably like Google's own site also had a big line saying "You WON
$400!!!"
The instructions requested users input their credit card number and shipping address
and once the information had been collected, users are directed to Google's legitimate
website.
Spammed messages went out with links to the spoof and enticed people into the
trap. VNUNet quoted WebSense manager Ross Paul saying, "It is amazing how stupid
people can be when they think there's free money involved, and the scammers only
have to get lucky a few times."
"I suppose Google makes the possibility
more realistic because people know that the company has a lot of money at the
moment."
WebSense said the site was hosted in the U.S. and was pulled less than a day after
the emails went out.
About
the Author:
John is a staff writer for SecurityProNews covering cyber security.
|
