The BugBlog is a daily look at computer bugs, incompatibilities, and other things that can go wrong with your computer.
The BugBlog is free- but if you want to help support its existence, subscribe to the BugBlog Plus. A three month subscription is only $5. The BugBlog uses monthly archives. All of the current month's bugs are here. Use the links on the left to jump back to past months, or use the search form.
Secunia reports on a bug in Adobe Photoshop CS2, Adobe Photoshop Elements 5.0, and possibly in Adobe Photoshop CS3. The buffer overflow bug is in the PNG.8BI plug-in for handling PNG files. An attacker may be able to construct a PNG file that could be used to run hostile content. There is no fix yet, and the only workaround seems to be avoiding suspicous PNG files. They credit Marsu for finding the bug. Read the whole thing at http://secunia.com/advisories/25044/.
Try installing the Microsoft Windows Media Player plug-in for Mozilla Firefox 18.104.22.168, and the installation may fail with this error message:
Error code -203
Microsoft says to first make sure you have the latest version of the plug-in, at http://port25.technet.com/pages/windows-media-player-firefox-plugin-download.aspx. Then restart Firefox, and then restart the plug-in installation. You may see a message that Windows is changing Firefox compatibility settings. Microsoft says you don't need to do anything with that message. (Personally, I would cringe when seeing that Microsoft is changing something about Firefox, but that's just me.)
Secunia reports more on the highly critical bug in Apple QuickTime that may allow attackers to take over a computer. The bug is in the way that QuickTime uses Java, and any Java-enabled browser running on Mac OS X, which includes both Apple Safari and Mozilla Firefox, are vulnerable. For now the only workaround is to disable Java support. Read more at http://secunia.com/advisories/25011/. They credit Dino Dai Zovi with finding the bug.
Connect an external monitor to a Windows Vista laptop computer, and you may not be able to play a DVD after you close the laptop's lid. This will happen if, in Power Options, you selected Do Nothing as the response for "When I close the lid of my portable computer." When you close the lid, you will get an error message saying:
"Windows Media Player cannot play this DVD because there is a problem with digital copyright protection between your DVD drive, decoder and video card. Try installing an updated driver for your video card."
Microsoft says you will need to restart the DVD playback (and you'll probably need to open the laptop lid to do so.) There is no permanent fix yet. Watch http://support.microsoft.com/kb/933421 for updates.
Today's BugBlog Plus has fifteen more bugs and fixes for Acer, Adobe, Apple, IBM, Microsoft, Mozilla, and Sun Microsystems.
US-CERT says there is a cross-site request forgery bug in Google Reader. An attacker may be able to construct a malicious RSS feed that could link to an image source. After reading this feed a user may no longer be able to log in to the Google Reader. There is no fix yet, but US-CERT suggests configuring your browser so that third-party images aren't loaded may work. (It may also cause some problems with sites like Flickr.) See the details at http://www.kb.cert.org/vuls/id/378688.
Security researchers at iDefense discovered some bugs in Zone Labs Zone Alarm products. Zone Alarm Free 22.214.171.124 is vulnerable, and since the bug is in the srescan.sys module, other Zone Alarm products may be vulnerable. Because of the bug, a remote attacker may be able to run hostile code on the otherwise protected computer. This has been fixed in Zone Alarm 126.96.36.199 and higher. See the original iDefense report at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517. iDefense credits Ruben Santamarta of reversemode.com for finding the bug.
Today's BugBlog Plus has five more bugs and fixes for Adobe, Apple, and Microsoft.
Try to install Adobe Creative Suite 3 on a Windows Vista computer, and you may get this error message:
Setup has encountered an error and needs to close. Error Code: 2739.
Microsoft says that sometimes the installation will fail silently, without an error message. As a workaround, they recommend manually registering the jscript.dll file. See how to do that at http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=kb401521.
Today's BugBlog Plus has five more bugs and fixes for Apple, Microsoft, and WordPress.
Apple says that an attacker can make a help file with a maliciously-designed name which, when opened in Mac OS X 10.3.9 or 10.4.9, may trigger a bug that could crash your Mac or run malicious code. This bug has been fixed in the Security Update 2007-004. This bug was first described on the Month of Apple Bugs website.
The new Mozilla Thunderbird 2.0 email client adds support for new types of mail systems. This includes support for Gmail accounts on all platforms. The Mac OS X version also supports .Mac mail. The default version of Thunderbird comes only with an English dictionary. Dictionaries for other languages are available at https://addons.mozilla.org/thunderbird/dictionaries/.
If you noticed people with the shakes, chills, profuse sweating and other physical ailments, they may have been Blackberry users going through withdrawl symptoms because of an outage of the service throughout North America. The outage started on 4/17 and Research in Motion said they were working on it. This thread at Slashdot may have more up-to-date information as service is restored, as well as even more withdrawl-type jokes: http://slashdot.org/articles/07/04/18/126220.shtml.
Today's BugBlog Plus has five more bugs and fixes for Adobe, Clam, and Microsoft.
Code that attacks an unpatched hole in Microsoft Windows DNS (Domain Name System) is now being circulated over the Internet. This code means that you won't need to be particularly skilled to exploit the bug, which may allow attackers to completely take over your system. Read more at http://news.zdnet.com/2100-1009_22-6176429.html. Microsoft's official response is "We're working on it" but they do have some temporary fixes at http://www.microsoft.com/technet/security/advisory/935964.mspx that include turning off some services and firewall tweaks.
Today's BugBlog Plus has five more bugs and fixes for Akami, Apple, Microsoft and Skype.
Adobe says that the Zone Labs ZoneAlarm security program may interfere with the installation of Adobe Photoshop CS3 for Windows. That's because the installation needs to modify the Registry, and ZoneAlarm prevents that. There are two possible workarounds from Adobe (three if you count checking with ZoneAlarm for help.) Either disable ZoneAlarm while you install the product, or turn on ZoneAlarm's Control Program Access. See http://www.adobe.com/go/kb401110 for details.
Today's BugBlog Plus has five more bugs and fixes for Adobe, Apple, Cisco and Microsoft.
The BugBlog is going on the road for a short spring break. While most people head south, we will be going north, eh.
Remote attackers may be able to gain access to users of an Apple AirPort Extreme Base Station with 802.11n. According to Apple, this is because the Base Station default configuration allows incoming IPv6 connections. Apple has changed this configuration in the Firmware Update 7.1. Only local network traffic will be allowed to use IPv6. Get the update details at http://docs.info.apple.com/article.html?artnum=305366.
Today's BugBlog Plus has ten more bugs and fixes for Adobe, Apple, Intuit, Microsoft, Oracle, and World of Warcraft.
There is a bug in Microsoft Windows XP, with or without Service Pack 2, Universal Plug and Play (UPnP) service that may allow a remote attacker to run hostile code on a computer. The bug is in the way that HTTP headers are sent to the UPnP control point as part of a request or notification. Microsoft has patched this at http://www.microsoft.com/technet/security/bulletin/ms07-019.mspx. The bug was discovered by Greg MacManus of iDefense Labs. Their analysis is at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=509.
Today's BugBlog Plus has five more bugs and fixes for Microsoft, from Microsoft's Patch Tuesday release
When you start up Adobe InDesign or InCopy CS2 on a Mac OS computer, it may lockup while displaying the message
Initializing the SING gaiji system…
Adobe has a couple of suggested workarounds including: granting Read/Write access to the SING folder to everyone; deleting the AssocCache and Datastore folders; or deleting the SING folder, and then reinstall InDesign CS2 or InCopy CS2. See http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=331578 for the details.
Today's BugBlog Plus has five more bugs and fixes for Apple, IBM, Intel and Microsoft.
According to Paul Thurott of Windows IT Pro Magazine, there is not going to be a Windows XP Service Pack 3. The last service pack was in 2004, and SP3 was scheduled for 2005, and later 2006. Now it appears Microsoft is saying to millions of XP users, in the voice of the Soup Nazi "No Service Pack for you!" Read his take at http://www.windowsitpro.com/Articles/ArticleID/95725/95725.html
Last week eEye Digital Security reported to Microsoft that they found a bug within Windows that can allow remote attackers to run hostile code "with minimal user interaction." Obviously, they aren't going public with any details. In reality, most users probably assume there are still lots of bugs in Windows that may allow such attacks. You just have to find them and hunt them down, one by one. Their report, such as it is, is at http://research.eeye.com/html/advisories/upcoming/20070327.html.
Today's BugBlog Plus has six more bugs and fixes for Apple and Microsoft.
If you install the MS07-017 Security Patch, which fixes the Microsoft Animated Cursor problem, and you also install the MS07-008 secuirty patch for an HTML Help bug, you may have problems if you have the Realtek HD Audio Control Panel installed on your computer. The panel may not start, and you may get this error message when you start your computer: Rthdcpl.exe - Illegal System DLL Relocation. If you have this problem, Microsoft has yet another patch that may help. See http://support.microsoft.com/kb/935448 for the details.
Today's BugBlog Plus has ten more bugs and fixes for Apple, CA, Kaspersky, Microsoft, Red Hat and WordPress.
Microsoft released a patch for the Windows animated cursor bug (see the 3/30 entry below) that affects Windows Vista, XP, and 2000. This patch was released a week earlier than Microsoft's normal Patch Tuesday, an indication of how serious the bug is. Get the patch at http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx
Today's BugBlog Plus has five more bugs and fixes for Apple, Microsoft, MIT, and Mozilla.
There is a bug in the America Online 9.0 Revision 4156.910 SuperBuddy ActiveX control. A malicious user may be able to use this bug to run hostile code on the victim's computer. This control is in the sb.dll file. AOL is automatically sending out updates for this. You can also set the kill bit for the ActiveX control. The TippingPoint Security Research Team discovered this bug. Read the details at http://www.tippingpoint.com/security/advisories/TSRT-07-03.html.
Today's BugBlog Plus has ten more bugs and fixes for Adobe, Apple, IBM, Microsoft, and Sun Microsystems.
There is a bug in Microsoft Windows animated cursors. Hostile websites may be able to exploit this bug to load hostile code on your computer. Just about every version of Windows is vulnerable, including Vista, Windows Server 2003, Windows XP, and Windows 2000. At this point, there is no fix yet from Microsoft, although they have issued a security advisory at http://www.microsoft.com/technet/security/advisory/935423.mspx. A story at Computerworld says you may be safe if you use Mozilla Firefox.[Edit 4/3: Newer reports indicate this may not be true; Firefox users may be vulnerable.]Read the whole thing at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9015079
A tip at the Internet Storm Center points to what appears to be an interesting tool from Microsoft called the Change analysis Diagnostics tool for Windows XP. By querying System Restore points, this tool will point out what changes have been made in software programs, operating system components including hotfixes, browser helper objects, drivers, ActiveX controls, auto-start extensibility points, and startup objects. Download the tool, and find out more about it, at http://support.microsoft.com/?kbid=924732.
If you didn't install the cumulative update for Microsoft Internet Explorer that was released in February (and in the 2/13 BugBlog Plus), now may be a good time to do so. Code that exploits the bug has been published at the Milw0rm.com website. This may make it even easier for people to take advantage of the bug. You can get this patch at http://www.microsoft.com/technet/security/bulletin/ms07-016.mspx.
Today's BugBlog Plus has ten more bugs and fixes for Apple, IBM, Microsoft, Novell, and Websense.
Copyright 2003-2007 BJK Research LLC