Page 55 of 68 FirstFirst ... 54551525354555657585965 ... LastLast
Results 811 to 825 of 1011
  1. #811
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Real Player exploit made public

    http://isc.sans.org/diary.html?storyid=4120

    An exploit for Real Player has been disclosed on a public mailing list.

    Until a patch is available, users are advised to use a web browser that doesn't support ActiveX.

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  2. #812
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Microsoft Black Tuesday

    It's patch time again, and this month we have 4 critical security updates:

    http://isc.sans.org/diary.html?storyid=4124

    https://www.microsoft.com/technet/se.../ms08-mar.mspx

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  3. #813
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Microsoft Internet Explorer 5 and 6 FTP vulnerability

    Two new vulnerabilities in IE 5 and 6 affecting the way malformed ftp requests are handled:

    http://isc.sans.org/diary.html?storyid=4126

    No fix is currently available. Users are advised to upgrade to IE7 or use an alternative web browser.

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  4. #814
    Joined
    Jul 2003
    Location
    Long Beach CA
    Age
    55
    Posts
    4,773

    Re: Virus Alerts/Security Warnings/Solutions

    Quote Originally Posted by Ned Slider View Post
    Microsoft Internet Explorer 5 and 6 FTP vulnerability

    Two new vulnerabilities in IE 5 and 6 affecting the way malformed ftp requests are handled:

    http://isc.sans.org/diary.html?storyid=4126

    No fix is currently available. Users are advised to upgrade to IE7 or use an alternative web browser.
    Ouch. To bad we have some enterprise applications (IE used by thousands of people in our company) that are not IE7 compatible.
    Game - BIOSTAR TA785 A2+ / Phenom II X4 965 Black Edition Deneb 3.4GHz 125W / Patroit 8GB DDR2 800 CAS 4 Timing: 4-4-4-12 / Sapphire HD 6870 1GB / Antec Three Hundred Case / PC Power & Cooling S61EPS 610W / X-Fi XtremeGamer / Western Digital 640GB 7200 RPM SATA 3.0Gb/s /Windows Vista home premium 64 SP1

    Back up - Biostar 6100-939 / A64 3800 Venice(Stock 2.4) / 1.5 GB Corsair XMS 3200 / HD3870

  5. #815
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Quote Originally Posted by RatboyX View Post
    Ouch. To bad we have some enterprise applications (IE used by thousands of people in our company) that are not IE7 compatible.
    Indeed. And you know which direction it's going plus it's only going to get worse.

    I was visiting an organization today that haven't started planning a migration to Vista yet and who were surprised to learn that Windows XP availability (OEM and retail) becomes end of life in June this year (System Builder Licenses are available for a further 6 months), and they don't have a volume site license for XP (all their XP licenses are OEM that came preinstalled with the original equipment and are non-transferable). So come the summer, new kit WILL be running Vista regardless of whether they are prepared or not!

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  6. #816
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Windows Home Server

    A serious bug in Windows Home Server can cause loss of data:

    http://forums.pcper.com/showthread.php?t=452855

    Mitigation

    A fix is rumoured for some time in June. In the meantime:

    • Don't use Windows Home Server
    • Have good (verified) backups (not on Windows Home Server)
    • Buy a NAS or external HD
    • Deploy Samba

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  7. #817
    Joined
    Jul 2003
    Location
    Long Beach CA
    Age
    55
    Posts
    4,773

    Re: Virus Alerts/Security Warnings/Solutions

    Quote Originally Posted by Ned Slider View Post
    Indeed. And you know which direction it's going plus it's only going to get worse.

    I was visiting an organization today that haven't started planning a migration to Vista yet and who were surprised to learn that Windows XP availability (OEM and retail) becomes end of life in June this year (System Builder Licenses are available for a further 6 months), and they don't have a volume site license for XP (all their XP licenses are OEM that came preinstalled with the original equipment and are non-transferable). So come the summer, new kit WILL be running Vista regardless of whether they are prepared or not!

    Yup and unless I have been misinformed IE6 won’t run on Vista.
    Game - BIOSTAR TA785 A2+ / Phenom II X4 965 Black Edition Deneb 3.4GHz 125W / Patroit 8GB DDR2 800 CAS 4 Timing: 4-4-4-12 / Sapphire HD 6870 1GB / Antec Three Hundred Case / PC Power & Cooling S61EPS 610W / X-Fi XtremeGamer / Western Digital 640GB 7200 RPM SATA 3.0Gb/s /Windows Vista home premium 64 SP1

    Back up - Biostar 6100-939 / A64 3800 Venice(Stock 2.4) / 1.5 GB Corsair XMS 3200 / HD3870

  8. #818
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Quote Originally Posted by RatboyX View Post
    Yup and unless I have been misinformed IE6 won’t run on Vista.
    I see your predicament. Time to start working on getting those apps running on IE7 me thinks

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  9. #819
    Joined
    Aug 2001
    Posts
    74,684

    Re: Virus Alerts/Security Warnings/Solutions

    2117966.net-- mass iframe injection
    Published: 2008-03-14,
    Last Updated: 2008-03-14 16:28:06 UTC
    by Kevin Liston (Version: 2)
    Situation:

    Over 10,000 legitimate websites have been compromised and now have an iframe that will direct visitors to a malicious website hosted on 2117966.net. The malicious website attempts to exploit the vulnerability described in MS06-014 MS07-004, MS06-067, MS06-057and a number of ActiveX vulnerabilities.

    Successful exploitation result in the installation of a password-stealing malicious program that attempts to steal the logon credentials from websites and online games.
    Recommended immediate action:

    Block 2117966.net at your web proxy
    Recommended follow-up action:

    Inspect your web proxy logs for visitors to 2117966.net. This will indicate who is potentially exposed. Check these systems to verify that their patches are up-to-date. Systems that are successfully compromised will begin sending traffic to 61.188.39.175
    (http://www.shadowserver.org/wiki/pmw...endar.20080313). Search your proxy logs for systems generating those requests and reimage the infected machines.
    Protecting Browsers:

    A properly-patched system should not be at-risk from this attack. It is recommened to use a browser that does not support ActiveX.
    Protecting Webservers:

    Until details become available on how the iframe was injected, we have no recommendations.
    Missing information:

    We currently do not have details on how the iframes were placed on the websites. If you are responsible for cleaning-up or investigating one of the defacements, please contact us if you have information on how the compromise occurred.
    Update: Added additional exploit information

  10. #820
    Joined
    Aug 2001
    Posts
    74,684

    Re: Virus Alerts/Security Warnings/Solutions

    Bit of follow up^^

    You may find the video somewhat instructive

    http://www.avertlabs.com/research/bl...s-hack-attack/

  11. #821
    Joined
    Aug 2001
    Posts
    74,684

    Re: Virus Alerts/Security Warnings/Solutions

    From our good friends at SANS


    Patches and Vista service pack
    Published: 2008-03-19,
    Last Updated: 2008-03-19 17:39:43 UTC
    by Adrien de Beaupre (Version: 4)
    The first service pack from Microsoft for Vista is out. Please let us know your experiences downloading and applying the 434.5 MB Windows Vista Service Pack 1 Five Language Standalone (KB936330).
    Apple has released Security Update 2008-02 and Security Update for Safari 3.1 for Mac users.
    Update 1: If Vista SP1 will not install, or is not being offered as a option you should read the following article. You may have to update drivers first or other issues. If you run into any other problems please let us know. (Thanks Susan!): Windows Vista Service Pack 1 is not available for installation from Windows Update and is not offered by Automatic Updates

    Update 2: Before you install the final release of Windows Vista SP1, you must uninstall any previous releases (Thanks Chris!). As detailed in this article.
    Update 3: V3.0 of MS08-014 dated March 19, 2008 should fix the Excel issues.
    Cheers,
    Adrien de Beaupré
    Bell Canada

  12. #822
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    Mozilla Firefox 2.0.0.13 released

    An update to Firefox has just been released that fixes the following issues:

    • MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
    • MFSA 2008-18 Java socket connection to any local port via LiveConnect
    • MFSA 2008-17 Privacy issue with SSL Client Authentication
    • MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
    • MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
    • MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution


    Mozilla SeaMonkey has also been updated to v1.1.9
    Last edited by Ned Slider; 03-26-2008 at 04:52 AM.

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  13. #823
    Joined
    Aug 2001
    Posts
    74,684

    Re: Virus Alerts/Security Warnings/Solutions

    This gets more and more interesting

    http://ddanchev.blogspot.com/2008/03...ng-attack.html

  14. #824
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Virus Alerts/Security Warnings/Solutions

    New Storm Worm mass mailing for April Fools Day

    A new storm worm mass mailing is underway, this time the subject is April Fools day.

    Typical email...

    Subject: Happy All Fools Day!
    Body:
    Surprise! The joke's on you. http://<ip_address>

    Visiting the link gives the virus, and detection is really bad at present:

    Antivirus Version Last Update Result
    AhnLab-V3 2008.4.1.0 2008.03.31 -
    AntiVir 7.6.0.78 2008.03.31 TR/Crypt.XPACK.Gen
    Authentium 4.93.8 2008.03.30 -
    Avast 4.7.1098.0 2008.03.30 -
    AVG 7.5.0.516 2008.03.31 -
    BitDefender 7.2 2008.03.31 Trojan.Crypt.AP
    CAT-QuickHeal 9.50 2008.03.31 (Suspicious) - DNAScan
    ClamAV 0.92.1 2008.03.31 -
    DrWeb 4.44.0.09170 2008.03.31 -
    eTrust-Vet 31.3.5658 2008.03.31 -
    Ewido 4.0 2008.03.31 -
    FileAdvisor 1 2008.03.31 -
    Fortinet 3.14.0.0 2008.03.31 -
    F-Prot 4.4.2.54 2008.03.30 -
    F-Secure 6.70.13260.0 2008.03.31 -
    Ikarus T3.1.1.20 2008.03.31 -
    Kaspersky 7.0.0.125 2008.03.31 -
    McAfee 5262 2008.03.28 -
    Microsoft 1.3301 2008.03.31 -
    NOD32v2 2987 2008.03.31 -
    Norman 5.80.02 2008.03.31 -
    Panda 9.0.0.4 2008.03.31 -
    Prevx1 V2 2008.03.31 -
    Rising 20.38.01.00 2008.03.31 -
    Sophos 4.28.0 2008.03.31 -
    Sunbelt 3.0.978.0 2008.03.18 -
    Symantec 10 2008.03.31 -
    TheHacker 6.2.92.259 2008.03.30 -
    VBA32 3.12.6.3 2008.03.25 -
    VirusBuster 4.3.26:9 2008.03.31 -
    Webwasher-Gateway 6.6.2 2008.03.31 Trojan.Crypt.XPACK.Gen

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  15. #825
    Joined
    Jun 2002
    Location
    Anywhere but here.
    Posts
    4,501

    Re: Virus Alerts/Security Warnings/Solutions

    Scary stuff (grabs helmet and looks for a foxhole).
    R.I.P Brad (BWM). You will be missed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •