CRIME FW: [Information_technology] Daily News 12/23/03

From: George Heuston (GeorgeH@private)
Date: Tue Dec 23 2003 - 08:35:15 PST

Next message: Irving Popovetsky: "CRIME Security contact at PSU"

Previous message: Gavin Redshaw: "RE: CRIME Re: RSVP December 18th Meeting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: information_technology-admin@private
[mailto:information_technology-admin@private] On Behalf
Of InfraGard
Sent: Tuesday, December 23, 2003 7:44 AM
To: Information Technology
Subject: [Information_technology] Daily News 12/23/03

December 22, CNET News.com - New open-source patch released for IE. A
Website that published a third-party patch to fix a security hole in
Microsoft's Internet Explorer (IE) has had to re-issue the patch
Saturday,
December 20, after the original was found to contain a buffer overflow
exploit. This exploit, which allowed an attacker to take control of the
patched PC, might have been far more damaging than the flaw that the
patch
was trying to fix. According to Openwares, only about 6,500 people
downloaded the original patch. Security experts warned people against
installing it last week, saying that aside from trust issues, the patch
author would not have had access to IE source code and so the patch
could
interfere with future updates from Microsoft. The IE vulnerability,
which
was first reported in late November, allows a browser to display one URL
in
the address bar while the page being viewed is actually hosted
elsewhere,
making the user more susceptible to ruses like "phishing." However,
Openwares' first fix, which worked by filtering out any URLs containing
suspicious characters, would work only with addresses that had less than
256
bytes. Larger addresses produced a buffer overflow. Microsoft has still
not
released a fix for the IE problem or given any indication as to when one
might be available. Source:
http://news.com.com/2100-1002_3-5130708.html?tag=nefd_top

Current Alert Levels
AlertCon: 1 out of 4
https://gtoc.iss.net

Security Focus
ThreatCon: 1 out of 4
http://analyzer.securityfocus.com/

Current Virus and Port Attacks
Virus: #1 Virus in the United States: WORM_SOBIG.F
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center
[Infected Computers, North America, Past 24 hours, #1 in United States]

Top 10 Target Ports
135 (epmap), 1434 (ms?sql?m), 6129 (???), 137 (netbios?ns), 80 (www),
17300
(Kuang2TheVirus), 445 (microsoft?ds), 53 (domain), 139 (netbios?ssn),
1433
(ms?sql?s)
Source: http://isc.incidents.org/top10.html; Internet Storm Center

_______________________________________________
Information_technology mailing list
Information_technology@listserv

Next message: Irving Popovetsky: "CRIME Security contact at PSU"
Previous message: Gavin Redshaw: "RE: CRIME Re: RSVP December 18th Meeting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 23 2003 - 09:15:57 PST