[ISN] Security UPDATE, February 12, 2003

From: InfoSec News (isnat_private)
Date: Thu Feb 13 2003 - 01:28:13 PST

  • Next message: InfoSec News: "[ISN] CodeCon Registration Deadline Approaching"

    ********************
    Windows & .NET Magazine Security UPDATE--brought to you by Security
    Administrator, a print newsletter bringing you practical, how-to
    articles about securing your Windows Server 2003, Windows 2000, and
    Windows NT systems.
       http://www.secadministrator.com
    ********************
    
    ~~~~ THIS ISSUE SPONSORED BY ~~~~
    
    Experience How Real Time Monitoring Will Benefit YOU
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw07mN0Az
    
    Windows & .NET Magazine Network Web Seminars
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw02lB0Ah
       (below IN FOCUS)
    
    ~~~~~~~~~~~~~~~~~~~~
    
    ~~~~ SPONSOR: EXPERIENCE HOW REAL TIME MONITORING WILL BENEFIT YOU ~~~~
       A proactive Security Administrator installed TNT Software's ELM
    Enterprise Manager 3.0 on his critical servers to assess the benefits
    of real time monitoring. During the first week, EEM 3.0 paged him as a
    disgruntled employee attempted to access confidential files, alerted
    him when the QoS of his Exchange Server began to drop, and
    automatically restarted a failed anti-virus service. As a result, ELM
    Enterprise Manager was purchased and fully deployed during the second
    week. Download your FREE 30 day full feature evaluation copy today and
    experience how real time monitoring will benefit YOU.
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw07mN0Az
    ~~~~~~~~~~~~~~~~~~~~
    
    February 12, 2003--In this issue:
    
    1. IN FOCUS
         - Junk Mail and Spyware
    
    2. SECURITY RISKS
         - Multiple Vulnerabilities in Microsoft IE
         - Unchecked Buffer in Windows XP Redirector
    
    3. ANNOUNCEMENTS
         - Catch the Microsoft Mobility Tour--Time Is Running Out!
         - Black Hat Briefings & Training: Windows Security
    
    4. SECURITY ROUNDUP
         - News: In-Stat/MDR Expects Broadband Security Market to Soar
         - News: IDC Says Security Market to Reach $45 Billion by 2006
    
    5. SECURITY TOOLKIT
         - Virus Center
         - FAQ: How Can I Use Group Policy to Configure the Shutdown Event
           Tracker?
    
    6. NEW AND IMPROVED
         - Ensure Logon Security Through Signature Authentication
         - Protect Lotus Notes/Domino Databases
         - Submit Top Product Ideas
    
    7. HOT THREAD
         - Windows & .NET Magazine Online Forums
             - Featured Thread: Clear History When a User Exits Windows
    
    8. CONTACT US
       See this section for a list of ways to contact us.
    
    ~~~~~~~~~~~~~~~~~~~~
    
    1. ==== IN FOCUS ====
       (contributed by Mark Joseph Edwards, News Editor,
    markat_private)
    
    * JUNK MAIL AND SPYWARE
    
    Unsolicited (aka junk) email is a big problem. I've written about such
    email in a previous edition of Security UPDATE (see "Tired of Unwanted
    Email? Try This Simple Solution" at the URL below). Solicitors can
    find your email addresses many ways, some of which involve mining data
    from public news groups and Web-based message forums.
       http://www.secadministrator.com/articles/index.cfm?articleid=27495
    
    Other methods of obtaining your email address involve intrusive
    software packages that include various types of data mining, such as
    copying your contact list or address book contents. Such software is
    typically referred to as "spyware." For one example of how others
    gather data about you and those you know, read the Security UPDATE
    commentary "Protect Your Contact List: Read the EULA!" at the URL
    below.
       http://www.secadministrator.com/articles/index.cfm?articleid=27122
    
    To help protect yourselves from some kinds of spyware, you need to
    take several actions. First, don't let Java-based or ActiveX-based
    code run on your systems through your Web browser and email client
    software unless you're certain you can trust the content provider not
    to spy on your system. Second, you need to scan your systems from time
    to time to determine whether any known spyware might have slipped onto
    your system.
    
    One great tool to help scan your systems for spyware is Lavasoft's
    Ad-Aware. Lavasoft recently released Ad-Aware 6.0. Although other
    available tools perform similar tasks, the basic version of Ad-Aware
    6.0 does a great job and is free.
       http://www.lavasoft.de/software/adaware/
    
    Ad-Aware scans your system's registry and file systems looking for
    keys and files that match known spyware programs. When Ad-Aware finds
    such an item, you can have the software remove it from your system.
    One useful feature of Ad-Aware is its ability to check for new spyware
    signature update files. For example, as of February 10, Ad-Aware scans
    for 4375 known spyware programs.
    
    You must pay for the two more advanced versions of Ad-Aware: Ad-Aware
    Plus will scan for spyware in realtime and help prevent it from
    entering your system in the first place. Ad-Aware Professional can
    perform scans of remote systems and contains many additional features.
    For complete details about each version check the Web site at the URL
    below and click on the specific product.
       http://www.lavasoft.de
    
    Another useful tool for spyware identification is the SpyChecker.com
    Web site, located at the URL below. The site maintains a database and
    search engine in which you can enter a name to determine whether it's
    listed as a spyware program or vendor.
       http://www.spychecker.com
    
    Eliminating spyware from your systems won't eliminate junk email, but
    it will probably help you keep the amount of unwanted junk mail you
    receive to a minimum. It will also help keep marketing companies from
    snooping on your system to learn your Internet use habits without your
    knowledge and consent.
    
    ~~~~~~~~~~~~~~~~~~~~
    
    ~~~~ SPONSOR: WINDOWS & .NET MAGAZINE NETWORK WEB SEMINARS ~~~~
       DON'T MISS OUR WEB SEMINARS IN MARCH!
       Windows & .NET Magazine has 3 new Web seminars to help you address
    your security and storage concerns. There is no fee to attend "Selling
    the Importance of Security: 5 Ways to Get Your Manager's Attention,"
    "Building an Ultra Secure Extranet on a Shoe String," or "An
    Introduction to Windows Powered NAS," but space is limited, so
    register for all 3 events today!
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw02lB0Ah
    ~~~~~~~~~~~~~~~~~~~~
    
    2. ==== SECURITY RISKS ====
       (contributed by Ken Pfeil, kenat_private)
    
    * MULTIPLE VULNERABILITIES IN MICROSOFT IE
       Andreas Sandblad discovered two new vulnerabilities in Microsoft
    Internet Explorer (IE) that can result in information disclosure or
    the execution of arbitrary code on the vulnerable system. These
    vulnerabilities stem from a flaw in IE's showHelp function that
    results in incomplete security checking, which lets a Web site access
    information in another domain. An attacker can misuse certain dialog
    boxes to run malicious scripts and obtain that data. Microsoft has
    released Security Bulletin MS03-004 (Cumulative Patch for Internet
    Explorer) to address this vulnerability and recommends that affected
    users apply the appropriate patch mentioned in the bulletin. This
    patch addresses all previously discovered IE vulnerabilities.
       http://secadministrator.com/articles/index.cfm?articleid=37973
    
    * UNCHECKED BUFFER IN WINDOWS XP REDIRECTOR
       A new vulnerability in the Microsoft Windows Redirector can result
    in the execution of arbitrary code on the vulnerable system. This
    vulnerability stems from an unchecked buffer that Windows XP uses to
    receive parameter information. By providing malformed data to the
    Windows Redirector, a potential attacker can cause the system to fail
    or run code of the attacker's choice. Microsoft has released Security
    Bulletin MS03-005 (Unchecked Buffer in Windows Redirector Could Allow
    Privilege Elevation) to address this vulnerability and recommends that
    affected users apply the appropriate patch mentioned in the bulletin.
       http://www.secadministrator.com/articles/index.cfm?articleid=37974
    
    3. ==== ANNOUNCEMENTS ====
       (brought to you by Windows & .NET Magazine and its partners)
    
    * CATCH THE MICROSOFT MOBILITY TOUR--TIME IS RUNNING OUT!
       This outstanding seven-city event will help you support your
    growing mobile workforce. Industry guru Paul Thurrott discusses the
    coolest mobility hardware solutions around, demonstrates how to
    increase the productivity of your "road warriors" with the unique
    features of Windows XP and Office XP, and much more. You could also
    win an HP iPAQ Pocket PC. There is no charge for these live events,
    but space is limited, so register today! Sponsored by Microsoft, HP,
    and Toshiba.
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw06Kw0A6
    
    * BLACK HAT BRIEFINGS & TRAINING: WINDOWS SECURITY
       Attend the world's premier technical event for Windows and .NET
    security experts, February 24-27, 2003, in Seattle. You'll find six
    tracks, seven training sessions, and full support from Microsoft. See
    for yourself what the Black Hat buzz is all about. Register today!
       http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw0pHV0AT
    
    4. ==== SECURITY ROUNDUP ====
    
    * NEWS: IN-STAT/MDR EXPECTS BROADBAND SECURITY MARKET TO SOAR
       According to In-Stat/MDR, the market for broadband-based security
    solutions will grow to $829 million by the end of 2004, up from $71
    million in 2000. The company attributes the expected growth rates to
    expanding use of broadband connectivity solutions.
       http://www.secadministrator.com/articles/index.cfm?articleid=37948
    
    * NEWS: IDC SAYS SECURITY MARKET TO REACH $45 BILLION BY 2006
       IDC reports that it expects the IT security market to reach $45
    billion in revenues by 2006. The predicted figures include software,
    hardware, and services. Revenues in 2001 were about $17 billion.
       http://www.secadministrator.com/articles/index.cfm?articleid=37945
    
    5. ==== SECURITY TOOLKIT ====
    
    * VIRUS CENTER
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.secadministrator.com/panda
    
    * FAQ: HOW CAN I USE GROUP POLICY TO CONFIGURE THE SHUTDOWN EVENT
    TRACKER?
       ( contributed by Brett Hill, http://www.iisanswers.com )
    
    A. You can use Group Policy to configure the Shutdown Event Tracker by
    performing the following steps:
       1. Open Group Policy, then load the group policy to which you want
    to apply the change.
       2. Expand Computer Configuration, Administrative Templates, System.
       3. Double-click Display Shutdown Event Tracker.
       4. Select Enabled.
       5. Select the Never option, then click OK.
       6. Click OK to close all dialog boxes.
    
    6. ==== NEW AND IMPROVED ====
       (contributed by Sue Cooper, productsat_private)
    
    * ENSURE LOGON SECURITY THROUGH SIGNATURE AUTHENTICATION
       Security Biometrics released BIOSign, a biometric signature
    authentication solution to replace text-based password and PIN logon
    systems in Windows XP and Windows 2000. BIOSign is powered by Security
    Biometrics' PenFlow technology, which analyzes the way in which a
    signature is signed, not how it looks. To verify your users'
    identities, the software compares the pen's force, speed, and
    directional vectors to profile data. Contact Security Biometrics at
    866-522-3888 and infoat_private
       http://sigbio.xplorex.com
    
    * PROTECT LOTUS NOTES/DOMINO DATABASES
       Symantec announced Symantec AntiVirus/Filtering for Domino, an
    integrated virus protection and filtering solution for Lotus
    Notes/Domino databases. The software now offers rules-based content
    filtering and realtime protection from malicious and spam attacks.
    Supports Lotus/Domino databases running AIX, iSeries, Linux, Solaris,
    Windows 2000 and Windows NT. Contact Symantec on its Web site.
       http://enterprisesecurity.symantec.com.
    
    * SUBMIT TOP PRODUCT IDEAS
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Do you know of a terrific
    product that others should know about? Tell us! We want to write about
    the product in a future What's Hot column. Send your product
    suggestions to whatshotat_private
    
    7. ==== HOT THREAD ====
    
    * WINDOWS & .NET MAGAZINE ONLINE FORUMS
       http://www.winnetmag.com/forums
    
    Featured Thread: Clear History When a User Exits Windows
       (One message in this thread)
    
    A user writes that he wants to be able to clear the Microsoft Internet
    Explorer (IE) history folder and delete all temporary Internet files
    and folders when a user logs off. Lend a hand or read the responses:
       http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=54145
    
    8. ==== CONTACT US ====
       Here's how to reach us with your comments and questions:
    
    * ABOUT IN FOCUS -- markat_private
    
    * ABOUT THE NEWSLETTER IN GENERAL -- lettersat_private (please
    mention the newsletter name in the subject line)
    
    * TECHNICAL QUESTIONS -- http://www.winnetmag.com/forums
    
    * PRODUCT NEWS -- productsat_private
    
    * QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Customer
    Support -- securityupdateat_private
    
    * WANT TO SPONSOR SECURITY UPDATE? emedia_oppsat_private
    
    ********************
    
       This email newsletter is brought to you by Security Administrator,
    the print newsletter with independent, impartial advice for IT
    administrators securing a Windows 2000/Windows NT enterprise.
    Subscribe today!
       http://www.secadministrator.com/sub.cfm?code=saei25xxup
    
       Receive the latest information about the Windows and .NET topics of
    your choice. Subscribe to our other FREE email newsletters.
       http://www.winnetmag.com/email
    
    |-+-|-+-|-+-|-+-|-+-|
    
    Thank you for reading Security UPDATE.
    
    MANAGE YOUR ACCOUNT
       You can manage your entire Windows & .NET Magazine Network email
    newsletter account on our Web site. Simply log on and you can change
    your email address, update your profile information, and subscribe or
    unsubscribe to any of our email newsletters all in one place.
       http://www.winnetmag.com/email
    
    Thank you!
    __________________________________________________________
    Copyright 2003, Penton Media, Inc.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 13 2003 - 04:01:39 PST