-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Tuesday, July 15, 2003 7:17 AM To: Information Technology Subject: [Information_technology] Daily News 7/15/03 July 14, CERT/CC CERT Advisory CA-2003-14 Buffer Overflow in Microsoft Windows HTML Conversion Library. A buffer overflow vulnerability exists in a shared HTML conversion library included in Microsoft Windows. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. Microsoft Windows includes a shared HTML conversion library (html32.cnv). The HTML conversion library contains a buffer overflow vulnerability that can be triggered by a specially crafted "align" attribute in an HR element. This vulnerability is not limited to IE, Outlook, or Outlook Express. Any program, including non-Microsoft applications, can use the vulnerable library and may present other vectors of attack. Further information is available in VU#823260. CERT/CC states that an attacker could execute arbitrary code with the privileges of the process that loaded the HTML conversion library. The attacker could also crash the process, causing a denial of service. The solution to this vulnerability is to apply the appropriate patch as specified by Microsoft Security Bulletin MS03-023. Source: http://www.cert.org/advisories/CA-2003-14.html July 11, Information Week Homeland Security issued rules to implement safety act. The Department of Homeland Security (DHS) issued rules on Friday to implement the Support Anti-Terrorism By Fostering Effective Technologies, or Safety Act, which Congress enacted last year. The government will provide companies investing in the development and deployment of qualified anti-terrorism technologies with legal protections to minimize their risks should they be sued in connection with a terrorist attack. Many companies might not invest in potential lifesaving technologies without the act, the law's supporters say. The act gives the DHS secretary the power to determine if an anti-terrorism technology is considered qualified through two mechanisms designed to limit liability: designation and approval. For a company's anti-terrorism technology to receive a designation status, it must be evaluated against a list of specific criteria. To obtain an approval, the technology must also meet additional specifications requiring that the technology performs as intended, conforms to the seller's specifications, and is safe for use as intended. Source: http://informationweek.com/story/showArticle.jhtml;jsessionid=U1H5LA1DG0 C5EQ SNDBCCKH0CJUMEYJVN?articleID=12800332 July 10, The Register London police quiz suspected DOE cracker. An 18 year-old Londoner suspected of commandeering U.S. Department of Energy (DOE) computers to store illicitly obtained music and video files was arrested and questioned by UK police Wednesday. Officers from the Metropolitan Police's Computer Crimes Unit were asked to investigate unauthorized access to 17 unclassified computers at a U.S. Department of Energy research laboratory in Batavia, IL, during June 2002 after the trail of the attacker led back to the UK. The teenager was released on police bail until mid-August pending further enquiries, including a forensic examination of a PC seized from his home. Police are working on the belief that no sensitive information was seized during the June 2002 attack on the U.S. DOE's network. Officers from the Metropolitan Police's Computer Crimes Unit are been assisted in their enquiries by representatives from the Office of the Inspector General of the U.S. Department of Energy. Source: http://www.theregister.co.uk/content/6/31674.html Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 10 June 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 11 June 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 445 (microsoft-ds), 1434 (ms-sql-m), 4662 (eDonkey2000), 113 (ident), 139 (netbios-ssn), 6257 (WinMX), 25 (smtp), 53 (domain) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Wed Jul 16 2003 - 10:36:55 PDT