View and vote on the article here: Web Security Review for June
Web Security Review for June| Category | | | Summary | | Looking back at June 2005, it was a pretty slow month for security vulnerabilities. |
| | Body | Two major bugs have been found in Microsoft's Internet Explorer: the first one can compromise a system via a specially designed web page. Internet Explorer can't process some javascipts correctly, which can lead to memory corruption or the execution of arbitrary code. This vulnerability affects Internet Explorer 5.0 and 6.0. All users are advised to download security patches from: Microsoft's Security Bulletin MS05-025. The second bug refers to Internet Explorer's handling of PNG images. An attacker could exploit this vulnerability by creating malicious types of PNG images that lead to the execution of remote code which can give the attacker complete control of a system. This vulnerability is of interest to users with administrative privileges on a system, and all users using Internet Explorer 5.5 and 6.0 are advised to download the security patches immediately. SOURCE : http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx
Webmasters using phpBB as a forum system are advised that a major bug has been found in phpBB's highlighting code which can be used to inject PHP code into the script and run system commands. This problem affects all phpBB versions below 2.0.16. Webmasters are advised to upgrade.
Source : www.phpbb.com
Sun reports that two vulnerabilities have been found in Java Web Start and Sun Java Runtime Environment (JRE). The first one is an unknown bug that affects Java Web Start, and can cause arbitrary code to be run on an user's machine. This bug affects versions J2SE 5.0 and 5.0 Update 1 for Windows, Solaris, and Linux. To solve this issue, Sun released an upgrade that all users should download and install. The second vulnerability was found in Java 2 Platform, Standard Edition(J2SE) 5.0 and 5.0 Update 1, and J2SE 1.4.2_07 and earlier 1.4.2 releases running on Windows, Solaris and Linux. This bug also may lead to the execution of arbitrary code by an attacker. Users are urged to download and install the security updates.
Source : www.sun.com
June was pretty much dominated by the MYTOB worm and all its variants. Over 40% of threat reports submitted to the Shopos security firm were generated by this worm. I will give a short detailed description of MYTOB, to show why it's spreading so fast. First off, it spreads by email (like most worms). The worm then installs some files in the C:\\Windows\\System folder and changes some registry values, including disabling the Windows Firewall. Once it has infected a system, MYTOB sends copies of itself using an embedded SMTP component. The interesting thing about this worm is that it installs a backdoor (an IRCBot) that allows the sender to take control of your computer. Like most worms, MYTOB alters the hosts file by blocking access to major antivirus sites, and furthermore disables the infected machine's antivirus, spyware and firewall applications. This worm affects Windows 98, ME, NT, 2000, and XP. If you find yourself infected, edit the hosts file, remove all the blocked sites, and download a Quick Fix. If that doesn't work , make a bootable Antivirus (make sure it has the most recent updates) CD from an uninfected computer and scan your computer from the command line.
Source : http://www.trendmicro.com/
In closing, always try to keep your software up to date to avoid any unwanted problems, and make periodic antivirus and spyware scans on your computer. |
|
This article was imported from zZine. (original author: DeadGuy)
There are no replies to this post yet.
|