Long-suffering Internet browser, Internet Explorer, has had another vulnerability disclosed. Initially announced for Internet Explorer 6.x and 7 Beta, similar vulnerabilities are also said to affect Firefox and Opera browsers. While a successful exploitation of the Opera vulnerability can lead to arbitrary code execution, the IE and Firefox vulnerability relates to allowing spoofing of the URL address bar (i.e. badguysrus.com will show as goodguysrus.com). All vulnerabilities are related to browser handling of Flash and Shockwave internet plugins.
Disabling Active Scripting is said to prevent any exploitation of the vulnerability from happening.
Other problem vulnerabilities have been disclosed for a range of Cisco devices, ranging from Denial of Service issues through to possible arbitrary code execution on the Cisco Transport Controller workstation. Cisco have released information regarding the issues and it is recommended that users of the devices apply the fixes as soon as possible.
Black Tuesday to bring 5 patches
Microsoft's monthly Security patch release program is scheduled to provide five patches for Windows users. One of the patches will address issues with Microsoft Office components (rumoured to be Excel), while the other four address core components of the Operating System. The cumulative Internet Explorer patch which is one of these remaining patches is reported to resolve the currently exploited 'CreateTextRange()' 0-day vulnerability. At least one patch is rated critical, which is Microsoft's highest threat rating.
Even insiders do bad things
News was being reported of two regrettable cases involving individuals who were responsible for important US Government IT and Security roles who have been arrested for charges of possessing illegal pornography and for solicitation of sex from a minor. A high ranking US DOD IT official, who was responsible for managing IPv6 within the organisation, was arrested and indicted for possessing child pornography, while a spokesman for the Department of Homeland Security was arrested for soliciting sex from what he thought was a 14 year old girl (undercover cop) through Instant Messaging. To make matters worse, it was suspected that he might have released sensitive department information in his attempt to solicit sex.
Two bank employees in Louisville (Citigroup and National City bank) have been charged with hacking into customer accounts, and in one case embezzling more than $200,000 USD.
The NSW police were left red-faced when information about how to extract the login and password (in the clear) details for subscribers to Police news releases were published in the leading NSW newspaper, The Sydney Morning Herald. Although the information had been removed from public view, Google had already crawled and cached all the data, which meant that it was a simple matter of a set of Google searches to extract the information. The big risk is that the information could be used as authentication information on other systems / platforms by users who apply poor password management.
Finally, an employee (now former employee) of Progressive Casualty Insurance used her company access to customer accounts to discover details on property foreclosures which she was interested in purchasing. Unfortunately for customers, this information included sensitive personal and financial data. Rather than any actual hacking, the access was a breach of ethical guidelines.
Winny won't let go
The list of sensitive information breaches related to worms plaguing the Japanese Winny file trading network continue to make headlines. In the latest case, internal Trend Micro reports were leaked onto the network as a result of a worm that attacked his system. Ironically, it was his failure to apply Trend Micro's own tools which left the system vulnerable.
Apple Computer's release of their Beta 'Bootcamp' software, which allows for dual booting of OS X and Windows XP (SP2) on Intel-based Macintosh machines has been covered widely already, but one question which does not appear to have been addressed very well at this stage is what sort of impact Windows malware is going to have on an OS X data partition (HFS+ or equivalent). As time goes on, more details are going to become available about the interaction between the two systems, and this issue will be experienced.
8 April 2006
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.Comments will soon be available for registered users.