Networkworld brings us this report that exploit code removed from websites can live on for quite a while in caching servers. Which, in a way is NOT news, but it’s worth remembering. Many times when someone visits a website, their really visiting a caching proxy server that has previously grabbed a copy of data from the original website. Many networks use cache servers to improve network performance. (i.e…. we have 20 people an hour hitting cnn.com why shouldn’t we just be able to download the page once?)
Category: Security
-
What wasn’t patched Tuesday…
Sunbelt reminds us that the daxctle.ocx exploit was NOT among those patched Tuesday by Microsoft. They remind us of the following workaround…
Mitigation: The DirectAnimation Path control can be disabled by setting the kill bit for the following CLSID: {D7A7D7C3-D47F-11d0-89D3-00A0C90833E6}
More info at Microsoft’s Knowledge Base
-
Microsoft October 2006 patch Tuesday
The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of 15 issues covered by those four. Powerpoint, Excel, Word and Office/Publisher there are a variety of exploits, some public (like the powerpoint) others that were privately reported. Also, Incidents.org gives a nice summary of the advisories and the severity of each (urgency of updating.) The setslice vulnerability is patched in this batch by the way.
-
By the way, the US commerce dept. computers are under attack….
Shouldn’tthis and this get more news coverage? US Commerce Department computers (specifically a bureau responsible for export licenses) is under cyber attack from hackers based in China. The Bureau in question is the Bureau of Industry and Security…. which handles “U.S. exports which have both commercial and military applications”…. They’ve been targetted by various rootkits among other malwares and in early September were forced to cut off internet access (yes that’s around a MONTH ago).
-
October Microsoft update advance notice….
11 patches will be released by Microsoft on the 10th of October. Bulletin is here, 6 for windows, 4 for Office (at least one in each of those two batches is critical) and 1 .NET (moderate) – yes the Windows updates will likely require a restart. Betanews has a bit more coverage hoping the WebViewFolderIcon ActiveX control vulnerability will get fixed in this batch.
-
More rogue security software
Wolves in sheeps clothing…. from Sunbelt blog…. Watch out for pestcapture and “friends” (using dlls from spysheriff). Thanks to sunbelt for keeping their eyes open on the threat of wolves in sheepdogs clothing…. It’s so frustrating having to explain to someone that the software they downloaded to solve their problems has become part of the problem…..
-
Exploits in wild for recent Apple vulnerabilities
If you’ve been delaying on updating with the recent Apple Mac OS X updates…. don’t, there are exploits in the wild now for at least one. It’s speculated that this code may have been in the wild before Apple released the security updates.
-
Watch what things you store in public places…. part 342
Not too long ago there was an article about how people reveal too much about their lives in Google (or other web) calendars AND MAKE PUBLIC…. well I think this takes it a step further. Gmail let’s you access your mail through an RSS feed…. well there are online services that let you subscribe/watch feeds and apparently the feeds are put in the public access folder…. (oooops.) Be careful what you make public….
-
Multiple Apple updates as Mac goes to version 10.4.8
Apple is fixing 15 security flaws with the 10.4.8 version upgrade of Mac OS X. (There is a second update as well…. Security Update 2006-006). In typical fashion there are a bundle of issues in these updates. Several address remotely exploitable vulnerabilities.
-
Microsoft Internet Explorer patches for unsupported OS versions (Windows 98 and ME)
For starters, if you’re using Windows 98 or ME still in a production system, you REALLY need to be looking at migration options and you should realize that the architecture of those systems is NOT conducive to a good secure platform. No XP isn’t perfect, but it is an improvement in many areas. That much said, if you don’t have too many choices and are wondering how you can protect the old system against the recent Windows Internet Explorer vulnerabilities…. here you go. The zero-day emergency response team has released a version of the VML vulnerability patch for older versions of Windows. So, if you REALLY need to patch an old windows 98 or ME install, you can give that a try. (No guarantees.)