MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Virus Software Updates (Read Only)
Register FAQ Members List Calendar Casino Mark Forums Read

Virus Software Updates (Read Only) Make sure your anti-virus is up to date and protecting you.


Reply
 
Thread Tools Display Modes
  #401  
Old 03-29-07, 18:13
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
Published: March 29, 2007

Microsoft is investigating new public reports of targeted attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker.

As a best practice, users should always exercise extreme caution when opening or viewing unsolicited emails and email attachments from both known and unknown sources.Microsoft has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability.Microsoft intends to actively share information with Microsoft Security Response Alliance partners so that their detection can be up to date to detect and remove attacks.Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

http://www.microsoft.com/technet/sec...ry/935423.mspx
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
Sponsored links
  #402  
Old 04-10-07, 17:15
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Attention AVG 7.0/7.1 users

A recent AVG update can cause problems for users still using outdated versions of AVG (version 7.0 or 7.1), or if AVG Free was previously used on the same computer. Symptoms can vary from an incorrect state of some AVG components, to errors during running tests, causing AVG to unexpectedly close. Detailed description of these symptoms and information on how to correctly solve this problem is available at the Support section, topic no. 545.
- April 10th, 2007 -

http://www.grisoft.com/doc/faq/us/crp/0?num=545#faq_545
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #403  
Old 04-13-07, 07:36
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Microsoft Security Advisory (935964)
Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution.
Published: April 12, 2007

Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as these versions do not contain the vulnerable code.

Microsoft’s initial investigation reveals that the attempts to exploit this vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM.

Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1-866-PCSAFETY). International customers can use any method found at this location: http://support.microsoft.com/security

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

http://www.microsoft.com/technet/sec...ry/935964.mspx
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #404  
Old 04-14-07, 02:52
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Microsoft Security Advisory (935964)
Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution.
Published: April 12, 2007 | Updated: April 13, 2007


Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as these versions do not contain the vulnerable code.

Microsoft’s initial investigation reveals that the attempts to exploit this vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM.

Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1-866-PCSAFETY). International customers can use any method found at this location: http://support.microsoft.com/security

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Revisions:


April 12, 2007: Advisory published.


April 13, 2007: Advisory updated to include additional details about Windows Small Business Server. Mitigations also updated to include additional information regarding the affected network port range and firewall configuration. Additional details also provided for registry key mitigation values.
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #405  
Old 04-20-07, 07:11
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

VULNERABILITY ALERT:
Microsoft Windows DNS Server RPC interface remote code execution vulnerability
RISK LEVEL: High

On Friday, April 20, 2007 , the CA Security Advisory Team is issuing an alert regarding a high risk level vulnerability threat called Microsoft Windows DNS Server RPC interface remote code execution vulnerability.

For more information, including our remediation steps, please visit our detail page.
http://www3.ca.com/securityadvisor/v....aspx?id=35234

This is an update to last weeks publication

Revisions:

• April 12, 2007: Advisory published.

• April 13, 2007: Advisory updated to include additional details about Windows Small Business Server. Mitigations also updated to include additional information regarding the affected network port range and firewall configuration. Additional details also provided for registry key mitigation values. .

• April 15, 2007: Advisory “Suggested Actions” section updated to include additional information regarding TCP and UDP port 445 and the 15 character computer name known issue.

• April 16, 2007: Advisory updated: Ongoing monitoring indicates that we are seeing a new attack that is attempting to exploit this vulnerability.

• April 19, 2007: Advisory updated: To provide information on Windows Live OneCare malware detection capability and to clarify that the registry key workaround provides protection to all attempts to exploit this vulnerability. Advisory also updated to provide additional data regarding exploitability through port 139.


http://www.microsoft.com/technet/sec...ry/935964.mspx
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security


Last edited by NICK ADSL UK; 04-20-07 at 14:53..
Reply With Quote
Sponsored links
  #406  
Old 04-24-07, 06:20
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Apple QuickTime Java Handling Unspecified Code Execution



Secunia Advisory: SA25011
Release Date: 2007-04-24


Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched


Software: Apple Quicktime 3.x
Apple Quicktime 4.x
Apple Quicktime 5.x
Apple Quicktime 6.x
Apple QuickTime 7.x


Description:
A vulnerability has been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error within the Java handling in QuickTime. This can be exploited to execute arbitrary code when a user visits a malicious web site using a Java-enabled browser e.g. Safari or Firefox.

The vulnerability is reported on a Mac OS X system using Safari and Firefox. Other browsers and platforms may also be affected.

Solution:
Disable Java support.

Do not browse untrusted websites.

Provided and/or discovered by:
Dino Dai Zovi

Original Advisory:
Matasano:
http://www.matasano.com/log/812/brea...32-apple-code/

http://secunia.com/advisories/25011/
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #407  
Old 04-30-07, 09:04
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

----------------------------------------------------------------------
Adobe Products PNG.8BI PNG File Handling Buffer Overflow

Secunia Advisory: SA25044
Release Date: 2007-04-30


Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched


Software: Adobe Photoshop CS2
Adobe Photoshop CS3
Adobe Photoshop Elements 5.x


Description:
Marsu has discovered a vulnerability in various Adobe Products, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the PNG.8BI Photoshop Format Plugin when handling PNG files. This can be exploited to cause a stack-based buffer overflow via a specially crafted PNG file.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in Adobe Photoshop CS2 and Adobe Photoshop Elements (Editor) version 5.0 for Windows and reportedly affects Adobe Photoshop CS3.

Solution:
Do not open untrusted PNG files.

Provided and/or discovered by:
Marsu

Original Advisory:
http://milw0rm.com/exploits/3812

http://secunia.com/advisories/25044/
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #408  
Old 05-05-07, 07:34
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Windows Genuine Advantage Phished;We don't have to pay to "activate" a copy of Windows
Windows Genuine Advantage Phished;We don't have to pay to "activate" a copy of Windows

Symantec is warning users of the new trojan horse that phished Microsoft's Windows Genuine Advantage.

Users should KNOW that activating a copy of Windows is free (online activation or using some toll-free numbers).

If ever you see got that Windows asking for credit card information to activate the copy of Windows, DO NOT enter your credit card details. Run a scan using antivirus or antimalware program. You're maybe infected with Trojan.Kardphisher!

More info can be found here
http://www.symantec.com/enterprise/s...card_deta.html
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security


Last edited by NICK ADSL UK; 12-14-07 at 08:35..
Reply With Quote
  #409  
Old 05-08-07, 02:43
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Vulnerability Summary for the Week of April 30, 2007" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

High Vulnerabilities:

Adobe -- Photoshop
Adobe -- Photoshop Elements
Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.

Cerulean Studios -- Trillian Pro
Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.

Cerulean Studios -- Trillian Pro
Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.

Microsoft -- Windows 2000
Microsoft -- Windows Server 2003
Microsoft -- Windows XP
Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source.

MicroWorld Technologies -- eScan
The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly other versions, allows remote or local attackers to gain privileges and execute arbitrary commands by connecting directly to TCP port 2222.

Sun -- JRE
Sun -- SDK
Sun -- Java Enterprise System
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.

Symantec -- LiveState Recovery
Symantec -- Ghost
Symantec -- BackupExec System Recovery
Symantec -- Norton Save & Recovery
Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.

More at http://www.us-cert.gov/cas/bulletins/SB07-127.html
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #410  
Old 05-12-07, 04:19
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

ClamAV OLE2 Parser Denial of Service" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
Affected Software:
Clam AntiVirus (clamav) 0.x
ClamWin Free Antivirus 0.x
ClamXav 1.x

Description:
Victor Stinner has reported a vulnerability in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the OLE2 parser when handling objects with malformed FAT partitions and large property sizes. This can be exploited to cause a DoS due to storage and CPU resource consumption by scanning a specially crafted OLE2 file.

Solution: There is no known solution at this time.
http://secunia.com/advisories/25244/


----------------------------------------------------------------------
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
Sponsored links
  #411  
Old 05-16-07, 02:52
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

"Vulnerability Summary for the Week of May 7, 2007" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

High Vulnerabilities:

Computer Associates -- eTrust Integrated Threat Management
Computer Associates -- eTrust PestPatrol
Computer Associates -- eTrust EZ Antivirus
Stack-based buffer overflow in the Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via unspecified vectors involving login authentication credentials.

McAfee -- SecurityCenter Agent
McAfee -- VirusScan
McAfee -- SecurityCenter
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.

Microsoft -- Exchange Server
Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

Microsoft -- Office
Microsoft -- Excel
Microsoft -- Excel Viewer
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.

Microsoft -- Exchange Server
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an "incorrectly handled UTF character set label".

Microsoft -- CAPICOM
Microsoft -- BizTalk Server
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

Microsoft -- Internet Explorer
Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls", which allows remote attackers to execute arbitrary code via a crafted COM object.

Microsoft -- Internet Explorer
Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability."

Microsoft -- Word
Microsoft -- Works Suite
Microsoft Word 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text properties, which allows user-assisted remote attackers to trigger memory corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability."

Nokia -- Intellisync Mobile Suite
Nokia -- Intellisync Wireless Email Express
Nokia -- Groupwise Mobile Server
usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action.

Trend Micro -- ServerProtect
Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll.

More at http://www.us-cert.gov/cas/bulletins/SB07-134.html
----------------------------------------------------------------------
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #412  
Old 05-22-07, 16:35
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Opera Browser Security Release - v9.21 Available, Please upgrade to latest version

Changes Since Opera 9.20
User Interface
New shortcut 'ya' for searching with Yahoo! Answers.
Scripting
The onunload event is no longer fired if a new URL is entered manually via the address bar or bookmarks.
Fixed a bug where User JavaScript on HTTPS would keep prompting to be allowed to run on a page.
Fixed a crash caused by long object descendant property chains in JavaScript.
Security
Fixed a buffer overflow with malformed torrents, as reported by iDefense. See the advisory.
Miscellaneous
Stability fix for torrents.
Windows specific
Fixed support for the WMP for Firefox plug-in.
Corrected plug-in paths.
PAC (Proxy Auto-Config) setting is now read from system.

http://www.opera.com/download/
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #413  
Old 05-28-07, 15:43
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Apple has released Security Update 2007-005 to fixed vulnerabilities in several Apple components mentioned in below bulletin/advisory:

http://docs.info.apple.com/article.html?artnum=305530
http://docs.info.apple.com/article.html?artnum=61798
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #414  
Old 05-30-07, 12:28
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

"F-Secure Anti-Virus Products Code Execution and DoS Vulnerabilities" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
Multiple vulnerabilities have been identified in various F-Secure Anti-Virus products, which could be exploited by attackers or malware to take complete control of an affected system or cause a denial of service.

The first issue is caused by a buffer overflow error when processing malformed LHA archives, which could be exploited by attackers to execute arbitrary commands by tricking a system protected by a vulnerable application to scan a malicious file.

The second vulnerability is caused by an infinite loop when handling malformed archives or packed executables, which could be exploited by attackers to crash a vulnerable application, creating a denial of service condition.

The third issue is caused due to improper access validation of the address space used by the Real-time Scanning component, which could be exploited by malicious local attackers to obtain elevated privileges via a specially crafted IRP (I/O request packet).

Affected Products

F-Secure Anti-Virus for Workstations version 5.44 and prior
F-Secure Anti-Virus for Windows Servers version 5.52 and prior
F-Secure Anti-Virus for Citrix Servers version 5.52
F-Secure Anti-Virus for MIMEsweeper version 5.61 and prior
F-Secure Anti-Virus Client Security version 6.03 and prior
F-Secure Anti-Virus for MS Exchange version 6.40 and prior
F-Secure Internet Gatekeeper version 6.60 and prior
F-Secure Internet Security 2005
F-Secure Internet Security 2006
F-Secure Internet Security 2007
F-Secure Anti-Virus 2005
F-Secure Anti-Virus 2006
F-Secure Anti-Virus 2007
F-Secure Protection Service for Consumers version 6.40 and prior
F-Secure Anti-Virus for Linux Servers version 4.65 and prior
F-Secure Anti-Virus for Linux Gateways version 4.65 and prior
F-Secure Anti-Virus Linux Client Security 5.30 and prior
F-Secure Anti-Virus Linux Server Security 5.30 and prior
F-Secure Internet Gatekeeper for Linux 2.16 and prior

Solution

Apply patches :
http://www.f-secure.com/security/fsc-2007-1.shtml
http://www.f-secure.com/security/fsc-2007-2.shtml
http://www.f-secure.com/security/fsc-2007-3.shtml

References

http://www.frsirt.com/english/advisories/2007/1985
http://www.f-secure.com/security/fsc-2007-1.shtml
http://www.f-secure.com/security/fsc-2007-2.shtml
http://www.f-secure.com/security/fsc-2007-3.shtml
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #415  
Old 06-06-07, 06:22
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

"Symantec Product Advisory: SYM07-013" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
SYM07-013 - Multiple Symantec Ghost Solution Suite Vulnerabilities
Multiple denial of service vulnerabilities have been identified in Symantec Ghost Solution Suite.

Affected Products: Symantec Ghost Solution Suite 2.0.0 and earlier

Three remote denial of service vulnerabilities have been identified in Symantec Ghost Solution Suite. All three vulnerabilities affect both the client and server daemons. Each vulnerability is triggered by sending a malformed UDP Packet to ether the client or server daemon.

Symantec response
Symantec has released updates for all supported 2.0.0 versions of Symantec Ghost Solution Suite. These updates are available through LiveUpdate.

Symantec has released the following downloadable updates for all supported 1.1 version of Symantec Ghost Solution Suite.

Download the updates from: http://securityresponse.symantec.com...07.06.05b.html
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
Sponsored links
  #416  
Old 06-06-07, 08:28
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Bogus offer claims forwarding chain letter will glean hundreds of pounds in vouchers

IT security and control firm Sophos is warning computer users not to be duped by enticing email offers, following the rapid spread of a spoof chain-mail, allegedly sent by UK high street supermarket Marks and Spencer, in conjunction with Persimmon Homes.

The email promises at least £100 worth of M&S vouchers in return for forwarding the message on to at least eight people, and copying in a legitimate email address at British housebuilding firm Persimmon Homes. However, neither Marks and Spencer nor Persimmon Homes has endorsed the email and both advise recipients to delete it immediately.

http://www.sophos.com/pressoffice/ne...arkschain.html
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #417  
Old 06-07-07, 15:21
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Yahoo! Messenger Two ActiveX Controls Buffer Overflows" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
Affected Software: Yahoo! Messenger 8.x

Description: Danny has discovered two vulnerabilities in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

1) A boundary error within the Yahoo! Webcam Upload (ywcupl.dll) ActiveX control can be exploited to cause a stack-based buffer overflow by assigning an overly long string to the "Server" property and then calling the "Send()" method.

2) A boundary error within the Yahoo! Webcam Viewer (ywcvwr.dll) ActiveX control can be exploited to cause a stack-based buffer overflow by assigning an overly long string to the "Server" property and then calling the "Receive()" method.

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

The vulnerabilities are confirmed in version 8.1.0.249. Other versions may also be affected.

Solution: Set the kill-bit for the affected ActiveX controls.

http://secunia.com/advisories/25547/
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #418  
Old 06-22-07, 17:41
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Fake Adobe Shockwave Player download page!,
This is just a heads up that when your surfing and a box should pop up saying that you need the Adobe Shockwave Player to view something or to play a game that you should always get these updates either direct from here or the authors website only as there are many bogus links going around at this time which will download malware instead so do be careful
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #419  
Old 07-08-07, 04:41
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

Yahoo! Messenger 8.1 Unspecified Remote Buffer Overflow Vulnerability" in forum "Vulnerabilities / Advisories".

----------------------------------------------------------------------
Yahoo! Messenger is prone to an unspecified buffer-overflow vulnerability. The software purportedly fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Yahoo! Messenger version 8.1 is reportedly vulnerable to this issue.

WabiSabiLabi is offering this vulnerability for auction. It was discovered by an unknown researcher.

http://www.securityfocus.com/bid/24784/info
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
  #420  
Old 07-10-07, 03:31
NICK ADSL UK's Avatar
NICK ADSL UK NICK ADSL UK is offline
MajorGeeks Forum Administrator
 
Join Date: Mar 2003
Location: UK
Posts: 21,247
Thanks: 102
Thanked 174 Times in 152 Posts
Default Re: Major Security / Virus Warnings

"Windows Vista Kernel Unspecified Remote Denial Of Service Vulnerability"

----------------------------------------------------------------------
Microsoft Windows Vista is prone to an unspecified remote denial-of-service vulnerability.

Attackers may exploit this issue to crash the affected operating system, denying further service to legitimate users. Remote code-execution may be possible, but this has not been confirmed.

Vulnerable:
Microsoft Windows Vista x64 Edition 0
Microsoft Windows Vista December CTP
Microsoft Windows Vista Ultimate
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Business
Microsoft Windows Vista beta 2
Microsoft Windows Vista Beta 1
Microsoft Windows Vista Beta
Microsoft Windows Vista 0

http://www.securityfocus.com/bid/24816/info
__________________
Majorgeeks on Facebook:

Majorgeeks Newsletter


Wilders Security Forum Admin
Microsoft MVP - Consumer Security

Reply With Quote
Sponsored links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to delete file A0016131.CPY?? Virus Problem. TR15220 Software 16 05-15-05 01:11


All times are GMT -5. The time now is 06:16.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger