tag:blogger.com,1999:blog-4260139794397237747Thu, 12 Nov 2009 02:23:01 +0000As a single repository on the I.T. news & consulting advices heard from the net, my personal comment, analysis and advices.http://itsecnews.blogspot.com/noreply@blogger.com (Lofan)Blogger379125tag:blogger.com,1999:blog-4260139794397237747.post-4357244541515766166Tue, 10 Nov 2009 09:43:00 +00002009-11-10T17:43:17.698+08:00VMwarevulnerabilityVMware released security advisory VMSA-2009-0015 today, announcing patches that resolve two security issues with some versions of VMware Workstation, Player, ACE, Server, Fusion, ESXi and ESX products. For details, see: http://lists.vmware.com/pipermail/security-announce/2009/000069.htmlMore information:http://www.hkcert.org/english/salert/2009/home.html?s091020_http://itsecnews.blogspot.com/2009/11/vmware-security-advisory-vmsa-2009-0015.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-3467906148029835385Tue, 10 Nov 2009 08:54:00 +00002009-11-10T16:56:46.457+08:00vulnerabilityMacOSApple has released Security Update 2009-006 / Mac OS X v10.6.2. Due to multiple errors, an attacker could execute arbitrary code, cause an unexpected system termination, bypass security restrictions, obtain elevated privileges, cause an unexpected application termination, cause a Denial of Service, disclose sensitive information and conduct cross-site scripting, man-in-the-middle or HTTP responsehttp://itsecnews.blogspot.com/2009/11/apple-security-update-2009-006-for-mac.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-679590621935008247Tue, 10 Nov 2009 08:29:00 +00002009-11-10T16:57:13.941+08:00freewareWhen parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow.It was affected from version 1.0.1 to 0.5.So, upgrade to VLC media player 1.0.3 (it also support for Windows 7)more information:http://www.videolan.org/security/sa0901.htmlhttp://itsecnews.blogspot.com/2009/11/vlc-media-player-102.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-7359688658339084131Tue, 10 Nov 2009 06:53:00 +00002009-11-10T15:04:54.270+08:00IBMAIXvulnerabilityIBM AIX could allow a remote attacker to gain unauthorized access, caused by an unspecified error in the PowerHA Cluster Management component related to the godm service. By sending a specially-crafted request to TCP port 6177, a remote attacker could exploit this vulnerability to make arbitrary changes to the AIX configuration.More information:IBM SECURITY ADVISORY: PowerHA Cluster Management http://itsecnews.blogspot.com/2009/11/ibm-aix-powerha-cluster-management.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-8572388978027733777Tue, 10 Nov 2009 06:47:00 +00002009-11-10T14:52:43.039+08:00firefoxvulnerabilityEverything changed so rapid.Firefox cames to 3.5.5http://itsecnews.blogspot.com/2009/11/firefox-355.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-7274910758438143772Tue, 10 Nov 2009 06:19:00 +00002009-11-10T14:39:13.200+08:00wormiphoneFirst iPhone worm discovered - ikee changes wallpaper to Rick Astley photohttp://itsecnews.blogspot.com/2009/11/iphone-worm.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-5496599477681032087Fri, 06 Nov 2009 09:01:00 +00002009-11-10T17:07:46.961+08:00Shockwave playervulnerability Multiple vulnerabilities have been identified in Adobe Shockwave Player, which could be exploited by remote attackers to compromise a vulnerable system. An invalid index when handling certain Shockwave content, which could be exploited to execute arbitrary code via a specially crafted web page.An invalid pointer http://itsecnews.blogspot.com/2009/11/sun-java-6-update-17-out-fixes-lots-of.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-1559225231545902475Fri, 06 Nov 2009 01:06:00 +00002009-11-10T14:47:26.103+08:00blackberryvulnerabilityThere is a vulnerability for Blackberry Desktop Manager version 5.0 and earlier (on all platforms) allowed remote exploitsSolution:Update to version 5.0.1More information:CVE-2009-0306 KB19701http://itsecnews.blogspot.com/2009/11/blackberry-desktop-manager-501.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-1008638989666141408Thu, 29 Oct 2009 09:35:00 +00002009-10-29T17:41:09.294+08:00firefoxevery month got a minor release firefox 3.5.4http://itsecnews.blogspot.com/2009/10/firefox-354.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-8311482405772818460Thu, 29 Oct 2009 01:20:00 +00002009-11-10T17:26:07.385+08:00blackberryA free software program released Thursday turns everyday BlackBerry smartphones into remote bugging devices.Dubbed PhoneSnoop by creator Sheran Gunasekera, the software sits quietly on a targeted BlackBerry and monitors the phone number of each incoming call. When it detects a number set up in the program's preferences section, it silently turns on the speakerphone, allowing an attacker to http://itsecnews.blogspot.com/2009/10/phonesnoop-turns-blackberry-into-remote.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-8183404474438569427Wed, 14 Oct 2009 09:34:00 +00002009-10-14T17:40:26.326+08:00microsoftParties of hotfix is the October 2009.This month, MS published:http://www.microsoft.com/technet/security/Bulletin/MS09-oct.mspxSummary:Microsoft has released 13 security bulletins listed below fixing anumber of vulnerabilities which affect various versions of Microsoftproducts or components:MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code ExecutionMS09-051 Vulnerabilities in Windows http://itsecnews.blogspot.com/2009/10/ms-october-2009-security-issues.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-4275997164102384226Wed, 14 Oct 2009 09:33:00 +00002009-10-14T17:34:32.352+08:00adobeAfter updated to 9.1.3 yesterday, the story continues.http://www.adobe.com/support/security/bulletins/apsb09-15.htmlhttp://itsecnews.blogspot.com/2009/10/adobe-reader-and-acrobat-black-tuesday.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-1837400066615636173Tue, 13 Oct 2009 04:21:00 +00002009-10-13T12:22:50.472+08:00adobeSuccessful exploitation could allow a remote attacker to execute arbitrarycode on an affected system.http://www.adobe.com/support/security/bulletins/apsb09-15.htmlhttp://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.htmlhttp://xforce.iss.net/xforce/xfdb/53691http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3459http://itsecnews.blogspot.com/2009/10/adobe-913.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-5502207607834686062Tue, 22 Sep 2009 05:51:00 +00002009-09-22T13:53:39.571+08:00microsofthttp://www.microsoft.com/technet/security/Bulletin/MS09-045.mspxhttp://www.microsoft.com/technet/security/bulletin/MS09-046.mspxhttp://www.microsoft.com/technet/security/bulletin/MS09-047.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-048.mspxhttp://www.microsoft.com/technet/security/bulletin/MS09-049.mspxhttp://www.microsoft.com/technet/security/advisory/975497.mspxhttp://http://itsecnews.blogspot.com/2009/09/ms-september-2009-security-issues.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-8458872674408495836Tue, 22 Sep 2009 05:50:00 +00002009-09-22T13:51:17.623+08:00microsofthttp://www.microsoft.com/technet/security/Bulletin/MS09-036.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-037.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-038.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-039.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-040.mspxhttp://www.microsoft.com/technet/security/Bulletin/MS09-041.mspxhttp://http://itsecnews.blogspot.com/2009/09/ms-august-2009-security-issues.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-8815824249179245637Mon, 21 Sep 2009 07:45:00 +00002009-09-21T16:00:03.023+08:00Bing recently provided visual search for new experience on searching.It required the Silverlight, can be run on firefox or IE.http://www.microsoft.com/silverlight/http://itsecnews.blogspot.com/2009/09/bing-visual-search.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-3651373070060503626Fri, 11 Sep 2009 09:11:00 +00002009-09-11T17:13:08.543+08:00firefox3 critical security fixes in the Firefox 3.5.3, http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.3http://itsecnews.blogspot.com/2009/09/firefox-353.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-7793409559664570264Wed, 05 Aug 2009 01:06:00 +00002009-08-05T09:19:40.671+08:00firefoxvulnerabilityOh.. remembered 3.5.1 release on July, seems one month one release..Multiple Vulnerabilities were identified in Firefox, please update to - Firefox 3.5.2:The first issue is caused by an error when handling a SOCKS5 proxy reply containing an overly long DNS name, which could be exploited to corrupt subsequent data stream in the response. The second vulnerability has been identified in Mozilla http://itsecnews.blogspot.com/2009/08/firefox-352.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-6976113220771610570Tue, 28 Jul 2009 04:14:00 +00002009-07-28T12:29:56.629+08:00wormmobile phoneSocial engineering is used to entice the user into installing Worm:SymbOS/Yxe.The installer prompts the user to install "Sexy View" by the vendor "Play Boy".The user is offered English and Chinese language options. However, there is no user interface.Worm:SymbOS/Yxe variants have been Symbian signed using a valid certificate. They will install normally on S60 3rd Edition phones. The certificate http://itsecnews.blogspot.com/2009/07/worm-on-smartphone.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-6841154898146459454Mon, 27 Jul 2009 05:56:00 +00002009-07-27T13:58:12.219+08:00securityA prototype of the service, dubbed Vanish, is available here Washington University as an extension for the Firefox browser. To work, both the sender and recipient must install the software. Of course, Vanish won't protect data if the recipient cuts the protected data and pastes it elsewhere, or otherwise allows third parties to see it while it's in the clear. But the tool could provide a http://itsecnews.blogspot.com/2009/07/self-destructing-digital-data.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-7539273339141768462Mon, 27 Jul 2009 05:49:00 +00002009-07-27T13:54:25.896+08:00vulnerabilityhttp://xforce.iss.net/xforce/xfdb/51926The vulnerability is caused due to a boundary error within the "p_header()" function in misc.c. This can be exploited to cause a heap-based buffer overflow via an overly long PWD response sent by a malicious FTP server.Successful exploitation may allow execution of arbitrary code.The vulnerability is confirmed in version 1.1.0.http://itsecnews.blogspot.com/2009/07/vulnerability-in-stftp.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-774381080690503762Mon, 27 Jul 2009 05:47:00 +00002009-07-27T13:49:06.523+08:00vulnerabilityhttp://xforce.iss.net/xforce/xfdb/51963http://xforce.iss.net/xforce/xfdb/51964Some vulnerabilities have been reported in RaidenHTTPD, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.1) Input passed via the "ulang" parameter to raidenhttpd-admin/menu.php is not properly verified before being used to read files. This http://itsecnews.blogspot.com/2009/07/vulnerabilities-in-raidenhttpd.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-327820135400343669Mon, 27 Jul 2009 05:46:00 +00002009-07-27T13:47:07.226+08:00flash playervulnerabilityhttp://www.adobe.com/support/security/advisories/apsa09-03.htmlhttp://www.us-cert.gov/cas/techalerts/TA09-204A.htmlA critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows, Macintosh and UNIX operating systems. http://itsecnews.blogspot.com/2009/07/vulnerability-in-adobe-reader-acrobat.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-2247573273083558532Wed, 22 Jul 2009 02:51:00 +00002009-07-22T10:54:23.831+08:00trojon微軟最新漏洞導致奇虎網被掛馬由於黑客利用微軟最新視頻漏洞進行攻擊，導致這些網站被掛馬，用戶訪問後會感染惡性木馬。在本周掛馬網站中截獲的一個病毒值得注意，它就是AV終結者。 　 　關注病毒：“AV終結者木馬變種BLW”病毒運行後會取得系統文件夾權限，從病毒自身中釋放驅動文件到system32\drivers \acpiec.sys，並通過創建一個名為UPDATEDATA的服務進行加載。病毒會遍歷進程，使用FreeMem釋放內存結束多個殺毒軟件，如發現 卡巴斯基的文件avp.exe，會將其卸載。病毒還會修改系統時間、hosts文件，並感染exe文件，最後會從指定地址下載木馬到本機運行。 more infohttp://www.rising-global.com/Information/Daily-Virus-Report/Daily-Virus-Report-Jul-17-to-19-http://itsecnews.blogspot.com/2009/07/avblw.htmlnoreply@blogger.com (Lofan)0tag:blogger.com,1999:blog-4260139794397237747.post-1868741805862256823Tue, 21 Jul 2009 01:14:00 +00002009-07-21T09:15:53.248+08:00vulnerabilitychromeVulnerabilities have been identified in Google Chrome. Due to multiple errors, a remote attacker could crash an affected browser, execute arbitrary code and compromise a vulnerable system. These vulnerabilities affect versions prior to 2.0.172.37 of Google Chrome.Upgrade to Google Chrome version 2.0.172.37 or later: Related Link http://www.vupen.com/english/advisories/2009/http://itsecnews.blogspot.com/2009/07/vulnerabilities-in-google-chrome.htmlnoreply@blogger.com (Lofan)0