Week in review: Doing the security dance

The Sober worm e-mails ran rampant this week amid a race between software makers plugging flaws and hackers writing attack code.

Malicious messages that purported to be from the FBI, CIA or Paris Hilton generated the vast majority of virus-laden e-mail traffic in November, according to security companies.

The e-mails carried a new variant of the Sober worm in an attachment which, when opened, infected the recipient's computer. The worm then attempted to disable antivirus programs and send copies of itself to any e-mail addresses found on the hard drive.

The Sober worm still accounts for close to 43 percent of all viruses being reported to British antivirus firm Sophos. At its peak, the worm accounted for one out of every 13 e-mails relayed over the Internet, the group said Wednesday.

While e-mail users struggled to keep their in-boxes virus-free, security managers scrambled to patch users' systems to avoid potentially serious security problems.

Apple released "highly critical" security updates to address more than a dozen vulnerabilities in the Mac OS X operating system. Thirteen security flaws were found in areas related to the Apache 2 Web server, curl technology and the Safari browser. The vulnerabilities ranged from potentially letting an attacker launch a denial-of-service attack to enabling one to control a person's system remotely.

"I'm not going to stand here and defend one OS over another. I really don't care. I use WinXP, Panther, Ubuntu, and Fedora. They all have their issues."
--Rob Stevens

People running Windows faced a more pressing challenge when two new pieces of computer code that could be used in cyberattacks were posted on the Web on Wednesday and Thursday.

The exploit posted Thursday is another that could allow a remote attacker to gain complete control over a vulnerable computer. The code takes advantage of a flaw in a Windows component for transaction processing, called the Microsoft Distributed Transaction Coordinator. Microsoft addressed the flaw in security bulletin MS05-051 in October.

The attack code published Wednesday is another that exploits a flaw in the way Windows handles certain graphics files and could cause a vulnerable system to crash. Microsoft provided a patch for the flaw in November with security bulletin MS05-053 and warned that the vulnerability could create an opening for spyware and Trojan horse attacks.

Including these last two, a total of four exploits have been released for the same two Windows flaws since Sunday, according to the French Security Incident Response Team, a security research company.

Shot in the arm for open source
Change was in the wind for some prominent open-source software, with a reworking of the license covering Linux and a makeover for the Firefox browser.

The rules governing the use of most free software programs will be revised for the first time in 15 years, in an open process that began Wednesday.

The revisions will be closely watched for how the new General Public License will take account of software patents, which have exploded among proprietary software developers since 1991, the last time the license was revised.

The process could involve comments from thousands of corporations and individuals, but the Free Software Foundation will make the final judgments. The final draft is expected to be complete by fall of 2006.

Open source continues to elbow its way into corporate infrastructures. Sun Microsystems said Wednesday that it will offer free access to its Java server suite and N1 management software and bundle them with its Solaris operating system. The move will create a single package called the Solaris Enterprise System, and the company hopes the strategy will help it transform to a services-based software business.

On the browser side, Mozilla unveiled the newest version of its Web browser to eager fans. Firefox 1.5 is the first