Computer Tips -Tech Info

Tag: updates

  • RealVNC 4.1.1 and prior exploits on the loose

    As reported over the last several days, there is a critical problem with RealVNC 4.1.1, there is NOW an exploit in the wild for RealVNC 4.1.1, that SANS is looking for more information on. There are updates from RealVNC for all affected product lines. Other VNC implementations have not been reported to be affected. Only (as far as I know), RealVNC 4.1.1 on Windows (prior versions may be, but the initial report didn’t indicate 4.1.0 to be vulnerable.) Don’t take the last sentence to give an excuse NOT to check, check if you have updates for your vnc product.

    (more…)

  • Nugache the latest in bot-net technology… and why you should care about botnets…

    To show you where the threat with bot networks is going there’s a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and essentially have no “human readable strings” in any of it’s communications. The encryption of it’s connections makes it harder for IDS to catch it (as they rely on signatures of traffic.

    (more…)

  • Quickbooks “An error has occurred in the script on this page”

    I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script on this page” it gave a line and char number and there were three different Error: messages. One was Object Required and another was Class not registered. This is a Windows XP Pro system with all current updates for windows AND quickbooks.

    (more…)

  • Exploit Prevention in software

    There’s been a lot of talk about hardware enforced DEP as a mitigating factor in some of the exploits in the last six months. There’s also a new software product that can limit the impact of zero-day exploits. The software is for windows and is called SocketShield. Suzi at Spyware Confidential has taken it for a testdrive on an unpatched XP system through some nasty exploit sites….

    (more…)

  • Microsoft fixes security fix….

    Well, for the second month in a row (I don’t recall one in March..) Microsoft has re-released a patch for Windows. This time it’s the Flash patch (which really falls under 3rd party software). They’ve re-worked the version detection of the update in an attempt to solve all the problems that people have run into with this update. The MS Security blog information is here.

    (more…)

  • Real VNC 4.1.1 vulnerability – Remote Access without password

    This is one worth checking out anybody using vnc for remote administration. It looks as though intelliadmin has come across a vulnerability in Real VNC 4 (the slashdot post I saw suggested “any machine running VNC 4.1”) I haven’t tested yet, so I don’t know if this ONLY affects REALVNC’s implementation or is broader. They have a proof of concept page which attempts to connect to the ip of the browser at the vnc port and display a screenshot. The site is getting slashdotted at the moment, so revisit this page and link until you get a chance to test out your VNC serving machines.

    (more…)

  • Apple Quicktime and OS X updates to patch multiple security vulnerabilities

    Apple has released Quicktime v. 7.1 for both Windows and OS X to address about 12 vulnerabilities. It looks as though all of the vulnerabilities were related to either a specially crafted images or movies (a variety of formats…) Upgrade or use another viewer…

    (more…)

  • Antispyware products put to a test

    There is no doubt that spyware is a problem, but when a vendor of anti-spyware software claims 87% of pcs have on average 34 pieces of spyware per machine installed…… you do have to wonder. And when they claim that in part on FREE anti-spyware software…..

    “Security analysts blame this increasing infection rate on the adoption of free anti-spyware programs that use outdated technology and don’t provide immediate threat definitions to combat against new and emerging threats. To guard against new spyware programs, home computer users must use an anti-spyware program with frequent definition updates and engines that are capable of removing the toughest spyware from deep within the operating system. Unfortunately, users who only install free anti-spyware programs do not get access to frequently updated definitions and versions.”

    (more…)

  • Sophos antivirus vulnerabilities…

    Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.)

    The main result of the vulnerability is arbitrary code execution, which is a bad thing…. PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning of .cab files to be enabled.

    (more…)

  • Oracle’s April patches late….

    Oracle released 36 patches in mid-April as part of their quarterly patch cycle…. unfortunately, not all of the patches were released. Apparently they hadn’t finished testing and users were advised to look for the updates around the first of May. Well, guess what – they’re not out yet and the word is that they won’t be until May 15th. This is one example of why I think it’s unwise to say that patches will be released on X date on a regular schedule. They should be releasing them as soon as they have the patch tested and ready.

    (more…)