NETWORK WORLD NEWSLETTER: JASON MESERVE'S VIRUS AND BUG PATCH ALERT 08/23/04 Today's focus: Microsoft fixes XP SP2 patching flaw
Dear [EMAIL PROTECTED], In this issue: * Patches from Microsoft, Mandrake Linux, SuSE, others * Beware new worm that uses IM to lure victims * Is security ripe for outsourcing?, and other interesting ��reading * Links related to Virus and Bug Patch Alert * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Alterpoint Read the latest analyst report on Network Change and Configuration Management (NCCM) written by EMA's Dennis Drogseth. This report discusses the latest developments in the NCCM market, including an in-depth look at DeviceAuthority Suite, a comprehensive solution for configuring, changing, and controlling today's complex, multi-vendor IT network infrastructures. Download the report today to learn how you can leverage NCCM to reduce the cost and complexity of managing network change. http://www.fattail.com/redir/redirect.asp?CID=73306 _______________________________________________________________ CONTEMPLATING A CAREER MOVE? For many of us, it is time to contemplate a change. You're great at managing networks, but what about your career? Get information and advice for managing and developing your career and guiding your staff's career choices at NW Fusion's Career Research Center. Click here: http://www.fattail.com/redir/redirect.asp?CID=73230 _______________________________________________________________ Today's focus: Microsoft fixes XP SP2 patching flaw By Jason Meserve Today's bug patches and security alerts: Microsoft fixes XP SP2 patching flaw Microsoft Thursday released a fix for the Windows XP Service Pack 2 installation package it provided to corporate users of its free patch deployment server to correct a flaw that would not allow IT to stealthily install the service pack without end-user intervention. Network World Fusion, 08/19/04. <http://www.nwfusion.com/news/2004/0819mspatch.html?nl> ********** Mandrake Linux, SuSE patch qt3 A flaw in the QT-library BMP image handler could be exploited by a remote user to run their code of choice on the affected machine with the privileges of the user viewing the image. For more, go to: Mandrake Linux: <http://www.nwfusion.com/go2/0823bug1a.html> SuSE: <http://www.suse.com/de/security/2004_27_qt3.html> ********** Mandrake Linux patches SpamAssassin A denial-of-service vulnerability has been found and fixed in Mandrake Linux's implementation of SpamAssassin. For more, go to: <http://www.nwfusion.com/go2/0823bug1b.html> Mandrake Linux issues kdelibs update A new kdelibs update fixes a number of vulnerabilities in previous releases of the software. The problems are in DCOPServer and the Konqueror Web browser. For more, go to: <http://www.nwfusion.com/go2/0823bug1c.html> ********** NetBSD patches ftpd A group of flaws in the NetBSD FTP Daemon could be exploited to gain root access within an FTP session. For more, go to: <http://www.nwfusion.com/go2/0823bug1d.html> ********** Debian patches Ruby Temporary files used by Ruby, an object-oriented scripting language, are created in an insecure manner, making the affected system vulnerable to an attack where a hacker could take over a user session. For more, go to: <http://www.debian.org/security/2004/dsa-537> Debian releases MySQL update MySQL is also vulnerable to insecure temporary files. In this case, the mysqlhotcopy function does not properly secure the files it uses. For more, go to: <http://www.debian.org/security/2004/dsa-540> ********** New HP-UX patch available According to an alert from HP, some forms of network traffic can cause certain applications for fail. The only application they give as an example is diagmond. A fix is available by logging into the HP IT Resource Center: <http://itrc.hp.com/> ********** Today's roundup of virus alerts: New worm uses IM to lure victims A new version of the worm that spread from infected Microsoft Internet Information Services Web servers in June has been identified and is using instant messages and infected Web sites in Russia, Uruguay and the U.S. to spread itself, according to one security company. IDG News Service, 08/19/04 <http://www.nwfusion.com/news/2004/0819newworm.html?nl> W32/Wort-A - Another one of those worms that tries to exploit the LSASS vulnerability in Microsoft Windows. If you've patched your system, you should be fine. (Sophos) W32/Agobot-ME - Yet another run of the mill Agobot variants that spreads via network shares, providing backdoor access via IRC and disabling security-related applications. This variant infects "mssvc32.exe" in the Windows System folder. (Sophos) W32/Dumaru-Q - This backdoor virus infects three different files on a Windows machine and can also be used as a keylogger. It listens on ports 2283 and 10000 for commands from a remote attacker. (Sophos) W32/Tzet-B - A multi-purpose worm that seems to drop a number of backdoor applications on the infected machine. Tzet itself uses the file "iglmtray.exe" when Windows starts. It spreads via weakly protected network shares. (Sophos) Troj/Banker-K - A Trojan horse that tries to steal login information for Brazilian banking sites. (Sophos) W32/Rbot-GO - This Rbot variant tries a number of exploits to gain access to a target system. Once in, it copies itself to "MSNMSG.EXE" in the Windows System folder and can allow backdoor access via IRC. It also tries to terminate a number of system processes. (Sophos) ********** >From the interesting reading department: Is security ripe for outsourcing? Security demands for online applications such as e-commerce and Web services are prompting more corporate customers to hand off security functions - such as intrusion detection and firewalls - to outside service providers. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304outsecure.html?nl> Colleges cram for test of new security plans Bushwhacked last fall by computer worms, network managers at U.S. colleges have taken steps to make sure it won't happen again next month when the new academic year begins. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304campusnets.html?nl> Review: Sourcefire's RNA provides instant visibility into your network Sourcefire's Real-time Network Awareness Sensor 2000 is like a magic eye that watches everything happening on your network. Network World, 08/23/04. <http://www.nwfusion.com/reviews/2004/0823revrna.html?nl> Microsoft's NAP partners eye first steps While there is much ballyhoo about the Microsoft initiative to protect networks from infected machines, customers looking to take advantage of the company's Network Access Protection architecture will have to wait for its partners to step up before it becomes a broad security tool. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304nappy.html?nl> Proofpoint uses anti-spam product to find inside leaks Anti-spam vendor Proofpoint wants to take what it knows about keeping spam out of an organization and apply it to helping companies keep trade secrets, intellectual property and other sensitive information inside the corporate network. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304proofpoint.html?nl> Anti-virus vendors adding spyware to target list Businesses that use anti-virus software to protect employee desktops now say they also want to eradicate spyware, a demand that's prompting anti-virus vendors to plunge into spyware's murky waters. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304spyware.html?nl> XP SP2 deployment is smooth - so far As Microsoft smooths out the ripples after last week's big splash with Windows XP Service Pack 2, users say they found fewer problems than they expected, but some complain that late code changes and lingering compatibility issues will serve to refuel testing efforts and further delay full-scale deployments. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304xp.html?nl> Symantec offers patching help Symantec last week announced a patch management product that it says will let users more effectively stay on top of software vulnerabilities. Network World, 08/23/04. <http://www.nwfusion.com/news/2004/082304symantec.html?nl> Oracle moves to monthly patching schedule Weeks after coming under criticism for sitting on patches for multiple holes in its database software, Oracle has announced that it is moving to a monthly patch release schedule. IDG News Service, 08/20/04. <http://www.nwfusion.com/news/2004/0820oraclmoves.html?nl> Opinion: Microsoft: Cripple IE to protect your PC Microsoft is doing something unprecedented: It wants you to break one of Internet Explorer's key features. Why? Because only by limiting the browser's functionality can you be sure of stopping a sneaky - and dangerous - new breed of Internet virus. PC World, 08/18/04. <http://www.nwfusion.com/news/2004/0818microcripp.html?nl> Airespace partnership targets WLAN security Airespace has partnered with several companies to introduce two features aimed at simplifying wireless LAN security. Network World Fusion, 08/20/04. <http://www.nwfusion.com/news/2004/0820airespace.html?nl> _______________________________________________________________ To contact: Jason Meserve Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at <mailto:[EMAIL PROTECTED]>. Check out his Multimedia Exchange weblog at: <http://www.nwfusion.com/weblogs/multimedia/> _______________________________________________________________ This newsletter is sponsored by Alterpoint Read the latest analyst report on Network Change and Configuration Management (NCCM) written by EMA's Dennis Drogseth. This report discusses the latest developments in the NCCM market, including an in-depth look at DeviceAuthority Suite, a comprehensive solution for configuring, changing, and controlling today's complex, multi-vendor IT network infrastructures. Download the report today to learn how you can leverage NCCM to reduce the cost and complexity of managing network change. http://www.fattail.com/redir/redirect.asp?CID=73305 _______________________________________________________________ ARCHIVE LINKS Virus and Bug Patch Alert archive: http://www.nwfusion.com/newsletters/bug/index.html Breaking security news, updated daily http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE WONDERING IF YOUR PAY IS UP TO SNUFF? Check out Network World's 2004 Salary Calculator to see if you're getting paid what you're worth. Using data collected in the 2004 Network World Salary Survey, we've programmed this calculator with several categories that could affect your pay. Answer the questions and find out what the average salary is for your job category. Click here: <http://www.nwfusion.com/salary/2004/calculator.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
