-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Thursday, April 10, 2003 7:51 AM To: Information Technology Subject: [Information_technology] Daily News 4/10/03 April 09, New York Times SARS roils computer industry. With telecommuting taking on a sudden new attractiveness, the computer industry is benefiting in the short term from fears in East Asia over Severe Acute Respiratory Syndrome (SARS). But some executives are nervous about how they will manage if the disease continues to spread in the region, which dominates global production of computers and other electronic goods. In Hong Kong, companies and consumers have bought every desktop, laptop and notebook computer they can find as more and more people work from home for fear of becoming infected if they come to work. Executives warn that companies could shy from sending engineers to oversee the design of new products and the construction of new factories in places where the disease becomes widespread. That would pose a big concern in China, for example, where many companies rely on visits by expatriate engineers to make design changes in products assembled by large numbers of low-wage local workers. Source: http://www.nytimes.com/2003/04/09/science/sciencespecial/09TECH.html April 09, Microsoft Microsoft Security Bulletin MS03-011: Flaw in Microsoft VM Could Enable System Compromise. The Microsoft VM is a virtual machine for the Win32 operating environment. The Microsoft VM is shipped in most versions of Windows, as well as in most versions of Internet Explorer. A new security vulnerability affects the ByteCode Verifier component of the Microsoft VM, and results because the ByteCode verifier does not correctly check for the presence of certain malicious code when a Java applet is being loaded. The attack vector for this new security issue would likely involve an attacker creating a malicious Java applet and inserting it into a web page that when opened, would exploit the vulnerability. An attacker could then host this malicious web page on a web site, or could send it to a user in e-mail. Corporate IT administrators could limit the risk posed to their users by using application filters at the firewall to inspect and block mobile code. Microsoft has assigned a risk rating of "Critical" to this vulnerability. A patch is available at the Microsoft website. Source: http://www.microsoft.com/technet/treeview/default.asp?url=/t echnet/security/bulletin/MS03-011.asp April 09, Microsoft Microsoft Security Bulletin MS03-012: Flaw In Winsock Proxy Service And ISA Firewall. There is a flaw in the Winsock Proxy service in Microsoft Proxy Server 2.0, and the Microsoft Firewall service in ISA Server 2000, that would allow an attacker on the internal network to send a specially crafted packet that would cause the server to stop responding to internal and external requests. Receipt of such a packet would cause CPU utilization on the server to reach 100%, and thus make the server unresponsive. The Winsock Proxy service and Microsoft Firewall service work with FTP, telnet, mail, news, Internet Relay Chat (IRC), or other client applications that are compatible with Windows Sockets (Winsock). These services allow these applications to perform as if they were directly connected to the Internet. They redirect the necessary communications functions to a Proxy Server 2.0 or ISA Server computer, thus establishing a communication path from the internal application to the Internet through it. Microsoft has assigned a risk rating of "Important" to this vulnerability. A patch is available at the Microsoft website. Source: http://www.microsoft.com/technet/treeview/default.asp?url=/t echnet/security/bulletin/MS03-012.asp April 08, Government Computer News DHS looks to take steps forward without going back. The first rule IT leaders of the new Department of Homeland Security (DHS) are following as they establish the agency's systems makeup is "Do no harm," said Steve Cooper, the department's CIO. "We've got to be sure that we don't let the existing capabilities fall through the cracks," he said. It's not an easy process, Cooper added in a keynote speech today at the FOSE trade show in Washington, likening integrating the systems of 22 separate agencies that will become part of DHS to changing the tires of a car while it's traveling 70 miles an hour. A team of IT leaders is working to make sure the systems work for users while fitting into the department's enterprise architecture. They are trying to determine whether systems overlap, so they can determine where redundancies can be eliminated. Work on the architecture requires input from federal agencies, state and local governments, and private-sector organizations such as the Industry Advisory Council, Armed Forces Communications and Electronics Association and the IT Association of America. The first technology priority of the department is wireless technology, Cooper said. . Source: http://www.gcn.com/vol1_no1/daily-updates/21659-1.html April 08, Government Computer News Information sharing across government needs improvement. Experts agreed that information sharing across government still calls for process, not necessarily technology, improvements. But some wonder whether government leaders have weighed down that process with too many new rules, slowing that information flow. "We're setting up a whole new system of rules, processes and protocols," said John Cohen, co-director of the Progressive Policy Institute's Homeland Security Task Force. State and local law enforcers may not be sharing data readily, he said, "not because they do not want to share the information, but because they don't understand what rules they're playing under." He said state and local public safety agencies have been termed "first responders," without having a clear page of instructions on what or how to respond in chance encounters with potential or suspected terrorists. Source: http://www.gcn.com/vol1_no1/daily-updates/21674-1.html April 08, The General Accounting Office Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures. On April 8, the General Accounting Office (GAO) published report GAO-03-564T titled "Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures." Significant information security weaknesses at 24 major agencies continue to place a broad array of federal operations and assets at risk of fraud, misuse, and disruption. Although recent reporting by these agencies showed some improvements, GAO found that agencies still have not established information security programs consistent with the legal requirements. For example, periodic testing of security controls is essential to security program management, but for fiscal year 2002, 14 agencies reported they had testing the controls of less than 60 percent of their systems. Further information security improvement efforts are also needed at the governmentwide level, and these efforts need to be guided by a comprehensive strategy in which roles and responsibilities are clearly delineated, appropriate guidance is given, adequate technical expertise is obtained, and sufficient agency information security resources are allocated. Source: http://www.gao.gov/cgi-bin/getrpt?GAO-03-564T Internet Security Systems - AlertCon: 2 out of 4 https://gtoc.iss.net/ Last Changed 8 April 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 10 April 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 25 (smtp), 113 (ident), 445 (microsoft-ds), 11310 (---), 139 (netbios-ssn), 53 (domain), 0 (---) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Thu Apr 10 2003 - 10:07:36 PDT