Rambler's Top100
Все новости

Microsoft plans to release two security bulletins

15 марта 2006
Microsoft plans to release two security bulletins as part of its monthly patching cycle. The bulletins will carry fixes for flaws in Office and Windows. The alert for Office is rated "Critical", Microsoft's highest risk rating, while that for Windows is one notch down at "Important". Critical flaws are those that a malicious Internet worm could exploit to spread without any user interaction.

A trio of updates for the Windows Media Player including a recent security patch, can cause the software to malfunction. The updates can cause problems when trying to seek, fast rewind or fast forward in Windows Media Player 10. Playback might freeze, even though the status bar shows it is still playing. Also, the playback position slider could jump back to the start of the media file for no apparent reason.

Among the fixes that can cause these problems is a security update for critical flaw in the media player. Other fixes that have caused problems are the Update Rollup 2 for Windows XP Media Center Edition 2005 and a fix to enable DirectX acceleration for Windows Media Player. Both these fixes were released last year. According to Microsoft, the issues only occur when playing content from servers that use a feature called Advanced Fast Start used to play content instantly without any buffering time.

Security companies have reported what may be the first virus to target InfoPath, Microsoft product for sharing information in forms using XML. The virus poses as an executable file. When it runs, it looks for the .xsn file-type used by InfoPath and extracts the file's contents using ActiveX into a temporary directory. When the affected file is accessed, the malicious code generates one of several messages in a pop-up window. The virus has been dubbed Icabdi.A and is a proof-of-concept virus. Proof-of-concept viruses are usually released to demonstrate the existence of a vulnerability and are often followed closely by more malicious variants.

A hacker, identified only as Gwerdna needed only half and hour to gain root access to a Mac OS X server as part of a challenge to take over the machine. Challengers were given local client access to the system and the challenge was to gain root access to the machine. The winner claimed he used one of many unpublished security holes in Mac OS X to break through the system's defenses. In recent weeks, Mac OS X has been in the security spotlight with two viruses and one zero-day exploit among other flaws that have been fixed by Apple. A number of researcher including the contest winner believe that Mac OS X is safe compared to a number of other operating systems only because it has a small market share.

Symantec has posted alerts for two new IM worms named "Hotmatom" and "Maniccum". Both worms are ranked as a level "2" threat on Symantec's scale of 1 to 5. Hotmatom is a Spanish-language worm transmitted over Microsoft's MSN instant messaging network. The worm sends a malicious link to the infected user's buddly list. While the link claims to download a free patch it actually installs the worm on the machine. The worm then deletes all files at the root level of drives A: and C: and also attaches malicious links to all Hotmail messages sent from the system. Maniccum, spreads over both AIM and MSN, installs a backdoor component on the infected system, and also tries to disable security software including antivirus and firewalls.

The emergence of a Trojan that jumps from Windows desktops to Windows Mobile handhelds has triggered a stand-off in the antivirus community. The Trojan, dubbed Crossover, was received by the Mobile Antivirus Researchers Association (MARA), last week. Since then, MARA researchers said that some antivirus companies had tried to bully the code out of them, while many antivirus companies say they aren't prepared to accept the conditions that MARA wants to impose on them before they get access to the code for Crossover. The result is that major antivirus vendors like McAfee and Sophos have not been able to gain access to the code, and are unable to provide detection signatures for their customers. It is normal practice for antivirus companies and researchers to collaborate by sharing code with competitors. Sophos and McAfee are unhappy because, among other stipulations, they have been told that before they can get the code they must first join MARA, which would force them to share code with all MARA members at 24 hours notice.

Source: Haval Daar Security Newswire


Заметили неточность или опечатку в тексте? Выделите её мышкой и нажмите: Ctrl + Enter. Спасибо!

Оставить свой комментарий:

Для комментирования необходимо авторизоваться!

Комментарии по материалу

Данный материал еще не комментировался.