We can expect 7 updates next week from Microsoft on the monthly patch day for July. Four of the updates will be for Windows, and 3 for Microsoft Office. There will be at least one critical update for each. It’s expected that we’ll see an update for the Excel issues that have been talked about the last few weeks. There are a number of publicly known Internet Explorer vulnerabilities, but it’s not known if Microsoft has prepared patches for those yet. It should be noted that many times 1 patch will cover a number of issues. This is commonly seen with Internet Explorer cumulative updates where several vulnerabilities are addressed with one update.
Category: Security
-
Denyhosts as an added defence to ssh server
A couple days ago I had a brief article on the vandals banging away at the door of my ssh server. Like I said, I’ve, at times, been fairly smug abou the futility of their actions, but…. the persistance concerns me. Let me be more specific, I keep a fairly tight ssh server setup (don’t allow version 1, only have specific users allowed, use privilige seperation, deny root login, and keep it updated whenever there is a problem with a running version.) But, when you see a single IP making THOUSANDS of attempts to log in, you start thinking…. what if they were to hit on the right username and try a thousand combinations of passwords with that username. Hmmmm… disturbing. So, I wound up setting up denyhosts and thought I’d share a bit more about it here.
-
Windows 98 and ME in final days of support (6 by my count)
July 11th will mark the end of Microsoft’s support for Windows 98 and ME. Which means that there will be no further security updates for those systems after that date. In SOME ways, those systems may find comfort in the security through obscurity approach as much malware MAY not run on those systems, but that’s kind of a risky angle to play. For those that are willing to experiment…
-
Sophos suggests…. for more safety – get a Mac
Analyzing the state of the computer world…. Sophos Antivirus has suggested that consumers consider a Mac for their next PC if they’re concerned about the increasing swarm of malware targetting Windows PC’s. The main point being there are no ACTIVE malware threats against Mac systems and Windows still seems to be increasingly targetted. Mac will likely be less malware prone for the foreseeable future. No, MAC users – that is NOT an excuse to ignore Security updates!!!!
-
Camcorder shopping and a reminder of caution
The last few days I’ve been heavily researching the purchase of a camcorder. I guess I can’t just go out and pick something, I have to research at a number of levels. (Editorial reviews, user reviews, pricing, media, computer compatability, quality, etc. all of these come into play.) So, after several days of researching the product itself I was VERY close to going ahead with one place that had a fantastic price. But then I wondered, how come, this one place had a price that was a clear $100 lower than most anywhere else?
-
Fasten your seatbelts – Browser vulnerability a day to be announced in July
I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
-
Vandals banging on the door of ssh….
Sometimes I wish I wasn’t curious about things…. The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but it was awfully persistent. So, I started nosing around. I saw that sshd was showing up in the process list and on checking /var/log/messages…. found hundreds of ongoing attempts to break in through the ssh server. (sigh….) Now, there was a time when I’ve kind of snickered when I’ve seen these futile attempts, because I have a VERY short list of allowed ssh users. (AllowUsers username can be set in /etc/ssh/sshd_config) But, this was fairly persistent and there was more variety to the usernames than I’m used to seeing.
-
Exploit in the wild for Apple vulnerability
A couple days ago there was a release of Mac OS X 10.4.7 which addressed several security flaws. There is now an exploit published for one of these vulnerabilities. The attacker using this exploit could gain remote root (administrator) access to the machine. So, don’t delay any further on patching. No system is a fortress if the administrator doesn’t keep up with security updates……
-
OpenOffice.org security update
Version 2.0.3 of OpenOffice.org has been released. It includes quite a few bugfixes, including three security related fixes. The security vulnerabilities were apparently found in an internal audit. One of the improvements in 2.0.3 is an integrated update check, to be able to check for available updates directly from within OpenOffice. I think this is an important area to be improved.
-
Intelliadmin – free disable usb storage tool
For Windows system administrators that have sweated over the perils of usb drives and memory sticks…. Intelliadmin has a tool for you. It’s a small utility that will allow to remotely disable usb drives over the LAN. It won’t affect usb mice/keyboards – just usb storage. So, if your network security policy doesn’t like USB storage you can easily use this to make sure those devices don’t work on plugin.