Microsoft plugs remote execution, spoofing holes in Windows
Updated 11:15 a.m. PST with more information, security expert comments.
Microsoft on Tuesday issued patches for critical holes in all supported versions of Windows that could allow an attacker to take over a system by executing code remotely if the user viewed a maliciously crafted image file.
"An attacker can send you an e-mail with an infected image in it or you can go to a Web site with an infected image or get it elsewhere, from a thumbdrive," said Wolfgang Kandek, chief technology officer of Qualys, which helps companies with security risk and compliance.
Attackers can also disguise .WMF and .EMF files as other image file types, such as .JPG, in order to sneak them past cautious users, said Alfred Huger, vice president of development at Symantec Security Response.
Also patched on Patch Tuesday were two holes rated "important" that affected the same systems and which could be used by an attacker to masquerade as someone else in a spoofing attack.
One of the important patches, which affects Windows 2000, Server 2003, and Server 2008, resolves two privately reported vulnerabilities and two publicly disclosed vulnerabilities in Windows DNS server and Windows WINS (Windows Internet Name Server). The holes could allow an attacker to redirect network traffic intended for systems on the Internet to a malicious site, according to the advisory.
The second important patch, which affects all supported versions of Windows, (MS09-007) resolves a vulnerability in the Secure Channel security package in Windows. It could allow an attacker to gain access to the certificate used by the end user for authentication. Customers are affected only when the public key component of the certificate used has been accessed by some other means, Microsoft said.
Kandek of Qualys said the risk is minimized by the fact that not many corporations seem to use the technology involved much.
Microsoft has yet to provide a fix for a security vulnerability in Excel from last month, for which there have been zero-day exploits or a zero-day Word-Pad vulnerability from December.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
CVE-ID: CVE-2009-0009: Impact: Opening a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
CVE-ID: CVE-2009-0020: Impact: Opening a file with a maliciously crafted resource fork may lead to an unexpected application termination or arbitrary code execution
CVE-ID: CVE-2008-5050, CVE-2008-5314: Description: Multiple vulnerabilities exist in ClamAV 0.94, the most serious of which may lead to arbitrary code execution
CVE-ID: CVE-2009-0137: (Safari RSS) Impact: Accessing a maliciously crafted feed: URL may lead to arbitrary code execution
CVE-ID: CVE-2009-0138: Impact: Remote attackers may be able to access Server Manager without valid credentials. Description: An issue in Server Manager's validation of authentication credentials could allow a remote attacker to alter the system configuration
CVE-ID: CVE-2009-0139: Impact: Connecting to a maliciously crafted SMB file system may lead to an unexpected system shutdown or arbitrary code execution with system privileges
(this is not complete list)
Thank you :)
It's a possibility that it's a very clever act. But then there's also the very real chance he is exactly what he appears to be.
"Users still facing software issues while running the most current version of Mac OS X Leopard may take kindly to word that Mac OS X 10.5.7 is moving swiftly through its development cycle.
As was reported at the time, that build arrived with nearly six dozen code corrections, a barebones weight of 440 megabytes, and requests that developers focus their testing efforts on over 20 core components, including AirPort, Mail, graphics drivers, and Time Machine."
Source: www.appleinsider.com/articles/09/03/06/apple_ready_with_second_beta_of_mac_os_x_juno.html
Think about that 72 patches after patching this one OS with 6 previous point updates already. This one update alone weighs 440 MBs, I am truly sorry for those who haven't patched since 10.5.1, then again, maybe those Macs have already been dumped and replaced by productive Windows based systems.
Personally, I'm glad M$ patched what they did in their swiss-cheese OS family but am disappointed they have so far ignored the publicly exploited ex-hell vuln (disappointed, not surprised). Of course, in their "defense" that one is pretty recent - hopefully they don't take much longer!
;-)
Can I pass off a small hint? Everything people build has flaws because people are flawed creatures. This includes Unix as well as every other OS and every other piece of software ever designed. The question is how easy it is to exploit a system and the answer is out there in the number of viruses and worms exploiting people's machines. Continue to deny that fact at your own peril.
Quote:
"$200 iTunes Gift Certificates are selling for less than $3 in China now that a group of local hackers has circumvented Apple's algorithm for creating the digital vouchers and built their own gift certificate generators.
According to Outdustry, which describes itself as a music industry consultancy specializing in the Chinese music business, sellers on China's largest consumer-to-consumer online shopping site are marketing these illegitimate vouchers directly to customers."
Source: www.appleinsider.com/articles/09/03/10/hackers_crack_apples_itunes_gift_card_algorithm.html
Everyone is an expert nowadays, what makes it that if you work for a brand name company that you get quoted?
- by ballmerisanape March 10, 2009 5:51 PM PDT
- http://en.wikipedia.org/wiki/Stockholm_Syndrome
- Like this Reply to this comment
-
(23 Comments)