CRIME NIPC Daily Report 13 June 02

From: George Heuston (GeorgeH@private)
Date: Thu Jun 13 2002 - 06:44:53 PDT

  • Next message: George Heuston: "RE: CRIME RE: Retirement-Reassignment"

    Microsoft discloses serious flaw in Web site software. Microsoft Corp.
    acknowledged a serious flaw Wednesday in its Internet server software
    that could allow sophisticated hackers to seize control of Web sites,
    steal information and use vulnerable computers to attack others.
    Microsoft made available a free patch for customers using versions of
    Internet Information Server software with Windows NT or Windows 2000
    operating systems.  The server software included in Microsoft's Windows
    XP operating system was not affected by the security flaw.  A researcher
    with eEye Digital Security Inc., Riley Hassell, found the Web server
    flaw in mid-April during testing of eEye's own hacker-defense software,
    but the discovery was kept closely guarded under an agreement with
    Microsoft until Wednesday.  Microsoft described the risk to Web servers
    as "moderate", but top experts have for months recommended turning off
    the vulnerable feature, which is turned on automatically the first time
    the software is installed.  Marc Maiffret, the self-described ``chief
    hacking officer'' for eEye, said malicious hackers would devise
    automated tools to scan the Internet and attack vulnerable computers
    rather than targeting machines individually.  The same technique was
    used to spread the damaging ``Code Red'' and ``Nimda'' across the
    Internet last year, which infected nearly 1 million servers.  ``It could
    readily be exploited with a worm,'' Maiffret said. ``It's kind of a
    scary thing.'' (AP-Washington, 12 Jun)
    
    NIPC WWU Comment: The flaw allows a remote buffer overflow in an HTR
    request.  It affects MS Windows NT 4.0, IIS 4.0, and MS Windows 2000 IIS
    5.0.  NIPC recommends patching affected systems as soon as possible
    using the free patch provided by Microsoft.  Patch is at
    www.microsoft.com <http://www.microsoft.com> 
    
    Malaysia sets up cyber-warfare hub. The Malaysian Defense Ministry is
    commissioning a secure network infrastructure to safeguard information
    from unauthorized access.  Minister Datuk Seri Najib Razak said the
    ministry was also setting up a cyber warfare center, which would look at
    both offensive and defensive information operations.  Najib said that
    the cyber warfare center would provide surveillance of, and protection
    from, cyber threats, and if necessary, counter any threats from
    cyberspace.  He said development of the network would be completed in
    about five years and would link all the information databases within the
    Defense Ministry and the armed forces. (New Straits Times Malaysia, 11
    Jun)
    
    Chinese software firm discovers native e-mail virus. Beijing Ruixing
    global virus supervision center intercepted a domestically produced
    e-mail virus they have temporarily named "Chinese Hacker".  According to
    Ruixing, the virus is very infectious, fast, and has the ability to
    bypass anti-virus software and enter computer memory.  Furthermore,
    according to Ruixing, even if anti-virus software can discover the
    virus, it cannot be destroyed.  The virus infects through e-mail and,
    once resident on the computer memory, has a self-start function.  The
    current version does not carry a destructive payload, but if an attacker
    added a destructive payload to the virus, it could pose a serious
    threat. (Xinhua, 11 Jun)
    
    Area residents can comment on possible routes for a new regional power
    transmission line.  Bonneville Power Administration (BPA) officials say
    the 500,000-volt line is needed to carry more power to rapidly growing
    King County, in Washington State, or the next spell of sub-freezing
    winter weather could bring brownouts or other problems. BPA earlier
    picked a route along an existing BPA line through the Cedar River
    Watershed, which is the source of water for most King County residents.
    That raised strong objections from Seattle City officials and
    environmentalists, but the route hasn't been ruled out.
    (Southcountyjournal.com, 12 Jun)
    
    Poll urges Congress to pass energy plan.  According to a recent poll
    conducted on 1,000 adults at the behest of the Alliance for Energy and
    Economic Growth, Americans feel more strongly about the need to enact an
    energy plan now than they did last fall. More than 8 of 10 Americans
    polled want Congress to pass comprehensive energy legislation now in
    order to ensure stable energy supplies and strengthen national security.
    These findings come as a House-Senate Conference Committee is being
    appointed to resolve differences in House and Senate passed energy
    bills. The Alliance for Energy and Economic Growth is a broad coalition
    of more than 1,300 energy producers and users, representing both large
    and small businesses, as well as labor unions.  The Alliance is united
    in support of comprehensive energy legislation that will increase
    domestic energy supplies, modernize the energy infrastructure, and
    strengthen the economy.  (Federal Computer Week, 12 Jun)
    
    Status of General Aviation Operations at Reagan National Airport.  Over
    the past 45 days, officials of the U.S. Department of Transportation
    (DOT) have been working closely with the General Aviation (GA) community
    to develop plans to restore GA operations at Ronald Reagan Washington
    National Airport (DCA). Tentative conclusions on such plans have been
    reached by DOT and the GA community. In a meeting yesterday with
    representatives of the GA community, DOT Deputy Secretary Michael
    Jackson announced that the U.S. Government would delay any
    implementation of the draft plans while continuing to assess security
    requirements for General Aviation at DCA. Deputy Secretary Jackson said
    that the Department would convene another meeting with General Aviation
    industry representatives in approximately 30 days, and will continue to
    keep them apprised of its progress.     (PR Newswire, 12 Jun)
    



    This archive was generated by hypermail 2b30 : Thu Jun 13 2002 - 07:41:38 PDT