Vulnerabilities

Yet another example of vulnerabilities in client software (ie: drive by downloads)..which is a huge attack vector. I can’t remember when the last remotely exploitable vulnerability was. As usual, IE ActiveX is to blame (when running RealPlayer 10.5 or 11 beta). Below is an article about the vulnerability: Attacks exploiting RealPlayer zero-day in progress Security […]

If you haven’t heard…there is a critical security vulnerability that affects Adobe Acrobat and Adobe Reader, versions 8.1 and below. See Adobe Security Advisory APSA07-04 and CVE-2007-5020. According to the Adobe Security Advisory, your machine is vulnerable if you have: * Adobe Reader 8.1 and earlier OR Adobe Acrobat 8.1 and earlier * Windows XP

Looks like XSS is becoming the latest threat vector. No surprise here. Webmasters…keep your sites patched! Cross-site scripting the top security risk – Network World

This is a nice suprise from Microsoft! The patch to fix an exploit..causes a crash the is able to be exploited! (say that fifty times in a row) What to do? – Windows XP: Make sure you are on XP Service Pack 2. SP2 is not vulnerable. Or, disable HTTP1.1 functionality. – Windows 2000 IE

So the truth comes out…here is a great quote from the article: “Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is,” Apple Director of Mac PR, Lynn Fox, told Macworld. “To the contrary, the SecureWorks demonstration used a

LURHQ once again has done a very good analysis of how the latest Mocbot (which exploits the MS06-040 vulnerability) works in detail. It also is a good overview on how bots, botnets, and botherders’s control thousands of Zombie machines to do thier bidding. Also shows you how security researchers spy on the botherders to learn

LURHQ has relased a very good analysis of the MS06-040 IRC Bot which started exploiting vulnerable systems this weekend. You can view the analysis at the LURHQ website. SANS also has a very good article on some steps to take to block or detect this on your network. Note the following: – Lookout for laptops

eEye has just released a free MS06-040 vulnerability scanner for you network admins out there. It will tell you what machines are vulnerable. It comes in a 16 and 256 IP version. This might come in handy if you need to quickly audit a network for vulnerable systems. Network Security | IT Security | Vulnerability

I guess it is just a matter of time…a worm is about to be released we can all feel it coming. New module is even been released for Metasploit..so now the script kiddies can have some fun too. By the way if you haven’t patched for MS06-040..do it now! Slashdot | Microsoft Bracing for Worm

Microsoft patch Tuesday brings us another very critical vunerability that needs to be patched ASAP! This one has the potential to be developed into a huge worm: SANS – Internet Storm Center – Cooperative Cyber Threat Monitor And Alert System Note: Even though this article says Windows SP2 can block this…patching should still occur regardless!