One of the changes Internet explorer 7.0 will see is a tightening of restrictions on the zone settings. Currently, there are four security zones for web sites: Internet, Intranet, Trusted Sites and Restricted Sites. Explorer tries to autodetect if a site is within the intranet (which becomes more trusted), or the internet (which becomes less trusted. The problem is this detection can be tricked and so, malicious websites can run in a less restrictive zone.
Category: Security
-
Sony releases XCP remover
Sony has had a busy day… they’ve released software to remove the XCP DRM program that was the start of all the recent SONY DRM rootkit controversy. Of course, the original DRM software had multiple problems in it’s concept AND implementation, the uninstallers and patches since have also had problems. Today I’ve seen reports that Sony’s uninstaller for the SunnComm MediaMax DRM software (the OTHER approach sony uses for copy protection) has some serious problems.
-
Interesting vector for browser vulnerability exploit…ebay
incidents.org has received a tip on an ebay item that contained some malicious script…
ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.
-
Sunncomm/Mediamax software fix FLAWED
Once more in the continuing story…. According to freedom-to-tinker, the “fix” released today for the SunnComm/Mediamax DRM software (the “other” DRM software on sony/bmg discs). Is fatally flawed. The problem the software initially poses is much worse than the company lets on in their release and their advise is…. 1) don’t play a mediamax protected disc in your pc. 2)don’t use the fix, 3) don’t use the old uninstaller.
-
New variation of Sober virus coming in January
Now, we seem to be getting “coming attractions” previews in virus-land…. Anyway, I’ve read at several sources that we are to expect a new variation on the sober worm around January 5th, 2006. It’s said that the date was chosen to mark the formation of the Nazi Party. In the past, variants have spouted pro-nazi sentiments and redirected users to pro-nazi web sites.
-
Sunncomm/MediaMax software fix released
What a long journey it’s been and there is progress in the Sony DRM story. The main issue in the Sony controversy was the XCP DRM software (Digital Rights Management) which was made by first4internet. However, as the first rootkit was discovered, questions began about the MediaMax software (made by SunnComm) which was the OTHER DRM method that Sony made use of. As the story developed it was found that there were security flaws in the ActiveX control which was necessary to uninstall both of the DRM packages…. anyway..
-
16,000 new viruses this year
This is for all those people that say to me. “There haven’t been any new viruses lately have there?” It’s really amazing to me that people think if it’s not on the national news it doesn’t happen…. According to Pc Pro, Sophos has reported that 16000 new viruses have been added to their database this year. Along with that comes a flood of 1940 new viruses last month added to Sophos’ virus signatures. (That mark is a record for one month.)
-
Google tightens Google Desktop security to avoid IE bug
Last week there was word of a bug in Internet Explorer that would allow users of Google Desktop to be vulnerable to having the files on their machine viewed from a malicious website. Today, there is news that Google has made changes on thier site that prevent that flaw from being exploited through their software.
-
The perils of Metadata in documents
Loose lips sink ships, so the old saying goes. These days documents are emailed back and forth and many times, revisions are made to “polite the text” up or “sanitize” or “redact sensitive information”. With many file formats though, the metadata about the revisions (or even the old versions of the data itself) are still there. The Security Fix has a great article on the topic today.
-
More on the Sony XCP DRM (Rootkit)
Freedom-to-tinker.com has some good detailed analysis on Sony’s (mis) use of GPL software in their XCP DRM (Digital Rights Management) software that’s been at the center of somewhat of a firestorm the last couple months. DRMS was the source of the code that was allegedly misappropriated, but the puzzle was why a Digital Rights Management removal bit of software was used in Digital Rights Management software to begin with…