QuickTime 7.4 is available

Posted on January 16, 2008 by wstoner

The hits just keep coming! Apple has released another version of Quicktime this time around multiple vulnerabilities that may allow arbitrary code execution have been addressed. These include:

An error in the processing of embedded Macintosh Resource records within QuickTime movies.

Parsing errors of malformed Image Descriptor (IDSC) atoms.

A boundary error in the processing of compressed PICT images.

We recommend that everyone upgrade to QuickTime 7.4
See Apple’s full advisory at:
http://docs.info.apple.com/article.html?artnum=307301

Oracle Critical Patches for January 2008

Posted on January 16, 2008 by wstoner

As apart of their ongoing security program, Oracle has released their latest round of critical patches. Most versions of Oracle from 9i through 12 are affected in some manner and the vulnerabilities are unspecified. For full details visit their original advisory at:http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2008.html

The Continuing Saga of Malware by Email

Posted on January 16, 2008 by wstoner

We’re seeing reports of a new round of storm virus emails. This time they’re using valentine’s day to lure users to a site to download and run the malware. Otherwise it is essentially the same attack as before. We advise that you ensure all your email and virus defenses are running with the latest updates and that your users are reminded to ignore emails from unknown entities. They should also never download attachments from emails or web sites that are not explicitly trusted. There are plenty of potentially intriguing subjects that could be used to dup unsuspecting users. Things like winning Super Bowl tickets, checking out the latest American Idol videos, or even the latest news on the presidential campaign.

QuickTime 7.3.1 is available

Posted on January 14, 2008 by wstoner

Apple has released QuickTime 7.3.1 to address several vulnerabilities. These include the buffer overflow in RTSP, a heap buffer overflow found in QuickTime’s handling of QTL files and vulnerabilities which exist in QuickTime’s Flash media handler. Updates are available for: Mac OS X v10.3.9 or later, Windows Vista, and XP SP2. The relevant CVEs are CVE-2007-6166, CVE-2007-4706 and CVE-2007-4707 respectively.

Level One WBR-3460A Wireless Router Telnet Vulnerability

Posted on January 11, 2008 by wstoner

This device presents a telnet prompt on the standard port (23/tcp). This instance of telnet allows local users to login without authenticating. This gives the user access to the file system where they are able to manipulate files or grab the administrator password for the web interface. A fix is in development.

Sun Java Identity Manager Vulnerabilities

Posted on January 10, 2008 by wstoner

Sun released two advisories today. The first details Coss-Site Scripting vulnerabilites in Sun Java System Identity Manager. They consist of input validation errors in the parameters “cntry” and “lang” of /idm/login.jsp, the “resultsForm” parameter of /idm/account/findForSelect.jsp and the “helpUrl” parameter of /idm/help/index.jsp. The original advisory can be found at:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1

The second involves

Microsoft Patch Tuesday Information

Posted on January 8, 2008 by wstoner

MS08-001

Addresses vulnerabilities in the TCP/IP stack that could lead to the execution of arbitrary code or Denial of Service conditions. It is rated Critical. This bulletin replaces MS06-032. The Microsoft security bulletin can be found at:http://www.microsoft.com/technet/security/Bulletin/MS08-001.mspx

MS08-002

Addresses vulnerabilities in input validation errors in Local Security Authority Subsystem Service (LSASS) that could lead to execution of code or privilege escalation. The Microsoft security bulletin can be found at: http://www.microsoft.com/technet/security/Bulletin/MS08-002.mspx

Patches for VMWare ESX Server and VirtualCenter

Posted on January 8, 2008 by wstoner

VMWare has released new patches that address vulnerabilities in Tomcat and Java JRE that could lead to compromise of systems, Denial of Service or the ability to circumvent security restrictions. The updates are for VirtualCenter 2.0.2, ESX 3.0.1 and ESX Server 3.0.2.
The original VMWare announcement can be found at: http://lists.vmware.com/pipermail/security-announce/2008/000003.html

Microsoft Security Advanced Bulletin

Posted on January 3, 2008 by wstoner

According to the latest Microsoft security advanced bulletin, January 8th will give us 1 new Critical and 1 new Important security updates. Both affect a large cross section of Windows Operating systems. Additionally a new version of the Microsoft Windows Malicious Software Removal Tool and 7 non-security updates will also be released. For full details see: http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx

PHP 4.4.8 Released

Posted on January 3, 2008 by wstoner

The latest release of the 4.4 branch of php was released today. This release addresses several vulnerabilities including a couple of integer overflows, input handling and file and database interaction issues. We encourage anyone running earlier versions of this branch to upgrade as soon as is possible. For full details see http://www.php.net

MSI :: State of Security

Insight from the Information Security Experts

Author Archives: wstoner

QuickTime 7.4 is available

Oracle Critical Patches for January 2008

The Continuing Saga of Malware by Email

QuickTime 7.3.1 is available

Level One WBR-3460A Wireless Router Telnet Vulnerability

Sun Java Identity Manager Vulnerabilities

Microsoft Patch Tuesday Information

Patches for VMWare ESX Server and VirtualCenter

Microsoft Security Advanced Bulletin

PHP 4.4.8 Released