The BugBlog Plus -January 2004

BugBlog

Subscription portion of the BugBlog. The first bug of the day listed is always the free bug available to non-subscribers, followed by the subscription-only bugs.

1/30	An article in InfoWorld, at http://www.infoworld.com/article/04/01/28/HNiehole_1.html, theorizes how you can link some previously announced vulnerabilities in Microsoft Internet Explorer, and create a worm or virus with a "devastating" impact. One workaround you might consider -- start using Mozilla as your browser. If you have an Apple iBook with a serial number between UV220XXXXXX to UV318XXXXXX, and it was manufactured between May 2002 and April 2003, you may have a fix coming. Problems with a logic board may cause video problems that would include scrambled, distorted, or frozen video, or lines on the screen. You will need to consult with either Apple technical support or an authorized Apple service provider if you are having problems. ATI says that if you have one of the video cards with their CATALYST 4.1 software on a Windows XP computer, and you log on as an administrator and then do a fast user switch to a non-administrator user, you may get display corruption when using WinDVD 4 or 5 to view a DVD. ATI says this will get fixed in a future version of CATALYST. Microsoft says that some media formats, like AVI or MPEG, may have some problems performing optimally in Microsoft Windows Media Player 9 Series on Windows ME/2000/XP/Server 2003. Specifically, every other item in a playlist might have bad performance, because every second item uses the hardware buffer to render video. These problems do not affect Windows Media video files. (Is it because only Microsoft knows the secret way to get the files to play correctly on their player? The job's not done till QuickTime won't run.) Microsoft says that some third-party download managers (they cite Download Express and GetRight) may interfere when you try to use the Microsoft Baseline Security Analyzer to download the Mssecure.cab Security Update. Instead, you may get this error message: "No such interface supported. (0x80004002)" Microsoft says you will need to get rid of the download managers before doing the download. The Baseline Security Analyzer is used with Windows 2000/XP/Server 2003. When you are using Microsoft Project Professional 2003 with the Microsoft Project Server set with the Locked down actuals option turned on, you may not be able to save a milestone as 100 percent completed. Instead, you may see this error message: Your action may result in actuals in this project becoming out of synch with the actuals updated from timesheets. This has been fixed in the 12/17/2003 hotfix for Microsoft Project. Get the fix at http://support.microsoft.com/?kbid=832887. Novell has fixed a bug in the Novell Account Management 3.0 Manager. Without this fix, sometimes an invalid search object may exist that will cause some users or groups to be dropped from the census. Fix this with the patch in nam30cm1.exe found at http://support.novell.com/servlet/tidfinder/2967982.
1/29	Apple has released the 2004-01-26 Security Update for the Mac OS X 10.3.2 Client. There are fixes in this update for Apache 1.3, Classic, Mail, Safari, and Windows File Sharing. They also included the fixes from the 2003-12-19 Security update, too. You can get it at http://docs.info.apple.com/article.html?artnum=120301. Apple has released the 2004-01-26 Security Update for the Mac OS X 10.3.2 Server. There are fixes in this update for Apache 1.3, Apache 2, Classic, Mail, Safari, and Windows File Sharing. They also included the fixes from the 2003-12-19 Security update, too. You can get it at http://docs.info.apple.com/article.html?artnum=120300. Apple has released the 2004-01-26 Security Update for the Mac OS X 10.2.8 Client. There are fixes in this update for the AFP Server, Apache 1.3, Classic, Mail, Safari, and Systems Configuration. They also included the fixes from the 2003-12-19 Security update, too. You can get it at http://docs.info.apple.com/article.html?artnum=120302. Apple has released the 2004-01-26 Security Update for the Mac OS X 10.2.8 Server. There are fixes in this update for the AFP Server, Apache 1.3, Apache 2, Classic, Mail, Safari, and Systems Configuration. They also included the fixes from the 2003-12-19 Security update, too. You can get it at http://docs.info.apple.com/article.html?artnum=120304.
1/28	There may be compatibility problems with Microsoft IntelliType Pro 5.0 or IntelliPoint 5.0 software when installed on a Windows XP computer, and the computer doesn't have Terminal Services turned on. Some of the problems may include non-functioning scroll wheels, or problems with the My Favorites or Programmable button assignments. You may also see these error messages when shutting down your computer Type32.exe is not responding. Point32.exe is not responding Microsoft has a software update for Intellipoint at http://go.microsoft.com/fwlink/?LinkId=22009 that should fix these problems. Mandrake has update packages for tcpdump for Mandrake Linux 9.1 and 9.2. In all the versions of this package before 3.8.1, there are security bugs that may allow either a denial of service attack, or possibly allow an attacker to run their own code. I guess a computer can be too fast. If you have a computer with more than one processor, or an especially fast processor, Microsoft says that post Service Pack 1 hotfixes applied to Windows XP computers may not clean up after themselves. Instead, they will leave temporary files behind. If you think you fall into this category, then see the hotfix installation tips at http://support.microsoft.com/?kbid=821160. Microsoft says that if a Windows XP or 2000 computer is on a Windows Server 2003 network, it may have problems printing to a Canon BJC-4200SP printer, even if it is a local printer. The problem happens if you make this a shared printer, and then install the printer driver of the shared printer to this computer locally. Microsoft says to either look to Canon for an updated printer driver, or remove the printer driver, delete the remaining printer files, and then reinstall the printer. See the steps at http://support.microsoft.com/?kbid=830212 for the details. Microsoft says that the language ID (LCID) for stencils and masters in Microsoft Office Visio 2003 is different from the UI language in Visio. The new stencils get their language set up the Windows language by default, even if you are using a different language version for Visio or Office. This means that when you try to search for stencils or masters in Visio, you won't be able to find them. Microsoft says you will need to set the language of the new stencil so it matches the language used in Office. Novell has a TCP update for NetWare 5.1. This update fixes a communications problem if the first bound address on a server is a supternetted address. Get the update in the file tcp583l.exe at http://support.novell.com/servlet/tidfinder/2967780. Novell has a TCP update for NetWare 6. This update fixes a communications problem if the first bound address on a server is a supternetted address. Get the update in the file tcp607l.exe at http://support.novell.com/servlet/tidfinder/2967782.
1/27	The virus of the week in the Windows world is called W32.Novarg.A@mm or W32/Mydoom@MM. It will arrive as an email attachment with a file extension .bat, .cmd, .exe, .pif, .scr, or .zip. It can affect all versions of Windows back to Windows 95. If you get infected, it will set up a backdoor on your system and use that to do a number of other nasty things. It will also mount a denial of service attack against SCO Corporation. There are a variety of subject lines and text it uses in the email. You can see some of them at Symantec's write-up of this threat at http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html. ATI says that if you are using one of their graphics cards with their CATALYST 4.1 software on a Windows 2000/XP computer, if you leave a 3D game none of your user defined color settings from the Display Properties dialog are retained. They say this will be fixed in a future CATALYST release. If you are playing UbiSoft's Prince of Persia on a Windows 2000/XP computer with an ATI RADEON 9500 Pro card and the ATI CATALYST 4.1 software, you may have problems with anti-aliasing turned on. According to ATI, light sources may shine through textures. As of now, there is no fix. Apple says that you can't use an iPod with iPod 2.1 or later software with a Microsoft Windows ME computer. The only versions of iPod compatible with Windows ME are versions 1.3 to 2.0.2. Note that if you send your iPod off to Apple for repairs, they will probably update the software to the latest version. If you get it back and want to use it with Windows ME, you will need to find the original CD that came with the iPod and restore that version of software. If you are using Microsoft Project Standard 2003, and you indent a task in the project plan, Microsoft says you may not be able to outdent the task that has become part of a summary task. They have fixed this bug in the 12/17/2003 hotfix for Microsoft Project. You can get this hotfix at http://support.microsoft.com/?kbid=832887. In both Microsoft Project 2003 Standard and Professional, if you are using actual work time-phased tasks, and one of your tasks gets completed earlier than scheduled, Microsoft says this task may cause a trailing split. One workaround is to never finish something early -- go goof off for awhile. If you don't want to do that, get the 12/17/2003 hotfix for Microsoft Project at http://support.microsoft.com/?kbid=832887. The bug is fixed in this. Red Hat has an update slocate package (for all versions up through 2.7) for the various versions of Red Hat Enterprise Linux. This update fixes a heap overflow that may allow a local user to to get "slocate" group privileges and then read the entire slocate database. Red Hat credits Patrik Hornik with finding this bug. Get the link to your update at https://rhn.redhat.com/errata/RHSA-2004-041.html. If you are using one of the Symantec products that use LiveUpdate, and you have updated to LiveUpdate 2.0, Symantec says to make sure you re-boot your computer after the update. If you don't, then automatic LiveUpdate gets turned off, and you may not know that it is not running.
1/26	Apple says that if you are using iDVD 4 to set up a slide show, you can use an iTunes playlist for the soundtrack. When you are in preview mode, the songs will play in their list order. However, when you actually burn the DVD the first song on the burned disk will repeat, and you won't get the full list. As of now, there is no fix. Apple may have updates on this problem later at http://docs.info.apple.com/article.html?artnum=93646. If you have a Windows XP compute with an ATI RADEON™ 9000 series video card and the ATI Catalyst 4 software, the skater's shadows won't be correctly displayed in Activision's Tony Hawk's Pro Skater 4. One workaround would be to assume that it is cloudy and there are no shadows. A better solution may be to get the ATI Catalyst 4.1 upgrade, which fixes this and other problems. If you play LucasArts Star Wars: Knights of the Old Republic on a Windows XP computer with an ATI video card running the ATI Catalyst 4 software, the game may lock up if you move the mouse to try to view the shore. This has been fixed in the ATI Catalyst 4.1 update. If you have a Windows XP computer with an ATI graphics card with ATI Catalyst 4 software, you may have problems with display resolutions set to 1024 by 768 in the games Nascar Racing from Sierra, or Beach Head 2002 from WizardWorks. These have been fixed in the ATI Catalyst 4.1 upgrade. IBM has released a Fix Pack for the WebSphere Commerce Suite 5.1.1.1, 5.1.1.2, and 5.1.1.3. This fix pack takes care of a large number of bugs in cookies, beans and other areas of the server. You can get Windows (but not NT), AIX, and Solaris versions at http://www-1.ibm.com/support/docview.wss?uid=swg24003730&rs=260. The font style of some text in a Microsoft Excel Worksheet object may change into some other style when you edit that Excel object within Microsoft Word or PowerPoint. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call.
1/24	This isn't a bug, but advice on how to prevent problems in the future. The National Institute of Standards and Technology (NIST) has a 50 page guide (PDF, 1.2 MB) on the "Care and Handling Guide for the Preservation of CDs and DVDs" at http://www.itl.nist.gov/div895/carefordisc/index.html. Microsoft says that in Excel 2003, if you put a hyperlink that contains text with a line break into a cell, all the text after the line break will be deleted. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Novell has a field patch for iChain 2.2. Field Patch 3 version 2.2.112 fixes a number of abends, including: one in PROXY.NLM: one that happens after applying iChain 2.2 service pack 2 into an authentication tree whose name begins with T; and an abend in the Internal Rewriter . Get the patch ic22fp3.exe at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967728.htm. Red Hat has an update for the slocate package that is in Red Hat Linux 9. This patches a bug that allows a heap overflow vulnerability in Slocate 2.7 and earlier. This bug was discovered by Patrik Hornik, and may enable a local user to get "slocate" group privileges which would let them read the entire slocate database. Get the update at https://rhn.redhat.com/errata/RHSA-2004-040.html. In the Sun ONE Web Server 6.1, if you enable Remote File Manipulation from the Server Manager UI, it may be possible for any remote user to get a listing of any directory in the server's URI space. This has been patched in Sun ONE Web Server 6.1 Service Pack 1. Sun Microsystems says that in the Sun ONE Web Server 6.1, there is a possible denial of service attack that can be mounted via the Secure Socket Layers (SSL) protocols. This has bee fixed in Sun ONE Web Server 6.1 Service Pack 1.
1/23	Dell says that some PowerEdge 1650 servers shipped with defective motherboards. A bad inductor may cause the computers to overheat, start smoking and then die. This could happen in any PoweEdge 1650 manufactured between January and May 2003. You can read the details in ZD Net at http://zdnet.com.com/2100-1103_2-5145372.html. Apple says that while iPhoto has a Scale Percentage option in the Page Setup dialog, this does not affect in any way the size of the printout. You will still get a full page print. If you want to change the size, you need to use the alternative methods shown at http://docs.info.apple.com/article.html?artnum=75469. Apple says that if you place a beat, time or scoring marker in SoundTrack 1.2 that is in the exact same position as an Apple Final Cut Pro scoring marker, you won't be able to move or delete the beat or time marker. Apple says that Soundtrack 1.2 is designed to be used at a screen resolution of at least 1024 by 768. If you try using it at a smaller resolution, the screen layout may not be correct, and if you try modifying the layout weird things may happen. Microsoft says that there may be a memory leak in Windows 200 Professional/ Server/Advanced Server. It is because of a bug in Dnsapi.dll. If you notice that this is grabbing more and more memory, you are affected. Microsoft has a hotfix, which will be in a future service pack. If you can't wait for the fix, you need to contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 827535. Note that you might get charged for this call. You might want to ask them, since the fixed files have 9/2003 dates on them, how long are they going to be sitting on these fixes? Microsoft says that when you upgrade to Office 2003, the upgrade removes the Microsoft Photo Editor. That means you won't be able to take an image from the Clipboard and save it in Photo Editor. Microsoft says there are three other things you can do with the pictures: you can use the Microsoft Office Picture Manager; you can use the Clip Organizer; or you can use Microsoft Paint. (Of course, rather than use something as lame as MS Paint, you might want to consider buying something like Jasc Paint Shop Pro.)
1/22	Cisco has discovered that if you install many of their voice products on IBM servers, the Director Agent gets installed in an unsecure state. This means that outsiders may be able to launch denial of service attacks, or remotely control the Cisco products. The vulnerability list includes: Cisco CallManager; Cisco IP Interactive Voice Response (IP IVR); Cisco IP Call Center Express (IPCC Express); Cisco Personal Assistant (PA); Cisco Emergency Responder (CER); Cisco Conference Connection (CCC); Cisco Internet Service Node (ISN) running on an IBM with an affected OS version. Cisco has a repair script available at http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des. For more details see http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml.
1/21	Sometimes you just need patience. If you have a laptop computer, running Windows 2000, and you've inserted it into a docking station, you may not be able to give the Eject PC command right away. Instead, you may get an error message like You cannot eject your computer because one of the devices in the docking station, 'Microsoft ACPI-Compliant Control Method Battery', cannot be stopped right now. Try closing all applications and ejecting the computer again later. Microsoft says that when you dock a computer, certain processes get run, and these all need to get finished before you undock. This time may vary, depending upon what programs are active, and what hardware is involved. So you'll just have to wait, but it may only be 20 to 30 seconds. If you are using Adobe Photoshop Album 2.0, you may not be able to use the Easy print settings with Canon Bubble Jet printers. This has been fixed in the Photoshop Album 2.0.1 update. You can get this at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2412. In Microsoft Excel 2003, you can have a spreadsheet configured to print to your mailbox, or to some local printer that might have its own specific settings. If you then email that spreadsheet to someone and they try to print, it may try to print it back to your mailbox, or to that local printer (which of course is no longer local.) Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Microsoft says that in Excel 2003, if you calculate a range of cells that has a circular reference, the calculation may not be performed correctly, and there will be no error message alerting you to it. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Red Hat says there is a buffer overflow in the Midnight Commander, or mc, package that may come with Red Hat Linux 9. Because of the overflow, remote attackers may be able to run their own arbitrary code during a symlink conversion. Get the update at https://rhn.redhat.com/errata/RHSA-2004-034.html.
1/20	The latest virus/worm/Trojan threat first popped up in Australia over the weekend. It's called Bagle-A, and it comes as an .exe attachment via email, often masquerading as a message from a systems administrator. Everybody should know by now that you don't click on these things. AV companies should have this in their latest signatures. By the way, if you got a message from US Bank asking for verification of your account details -- that was a fraud too. If you delete a number of cells in a Microsoft Excel 2003 worksheet, and then recalculate the worksheet with a SHIFT+F9 keypress, Excel may crash. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Adobe sasy that Photoshop Album 2.0 may sometimes crash when it finds itself in certain "reconnect situations." This has been fixed in the Photoshop Album 2.0.1 update. You can get this at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2412. Apple says that if you are using the Safari web browser on a Mac OS X 10.3 computer, you may have some compatibility problems with RealOne Player links. The problems occur if the player is saved on the desktop, or if it had been installed by someone using FileVault protection. This will lead to an error message saying the alias can't be resolved. You may also see a dialog trying to open the home directory of another account. To sort out these permission problems, see http://docs.info.apple.com/article.html?artnum=107835. Microsoft says that if you have Excel set with a zoom setting that is not 100 percent, if you open a workbook that has many text boxes it will open very slowly. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Microsoft says that if you open a XML spreadsheet in Excel 2003, it may cause Excel to crash. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Microsoft says that Excel 2003 may have computation problems when creating multilevel subtotals for data. The subtotals may be staggered incorrectly (which is a bit different than being staggeringly incorrect) and some of the grand totals may not show up. Microsoft has fixed this and a number of other Excel 2003 bugs in an Excel 2003 Hotfix dated 1/12/2004. These fixes will be in a future service pack, but if you need the fix right away, you need to contact Microsoft Tech Support and ask for the 1/12/2004 Excel Hotfix, which is also described in Knowledge Base Article 833618. Note that you may get charged for this call. Microsoft says that the Windows 2000 Backup utility may fail to report a backup error in the backup log. This will happen if you have selected Verify data after the Backup completes. A checksum comparison is done on the files, and even if there is an error in the two checksums, the error won't be reported to the log file. Microsoft has a hotfix for this, which will be in a future Windows 2000 service pack. If you need the fix right away, contact Microsoft Technical Support and ask for the hotfix discussed in Knowledge Base article 833046. Note that you may be charged for this call -- so another workaround may be to get good third-party backup software. In the non-Windows versions of Mozilla 1.6, if you paste into Composer or into an HTML message, the first character of the line may be missing.
1/19	Mozilla 1.6 has been released. There have been improvements made to the rendering. For one thing, the opacity of decendents of a group should be changed correctly. Also, they have changed the Cascading Style Sheet inheritance so that it conforms to CSS 2.1. (This means that pages will display in Mozilla as the web designers intended -- but only if those web designers knew what they were doing in the first place.) If you use Apple's AppleWorks 6.2.x for the Mac OS X platform, and you have a mouse with a scroll wheel, then you may want to upgrade to AppleWorks 6.2.9. This version supports scroll wheels, and also fixes a number of other problems with the presentation and spreadsheet, and fixes some printing problems, too. If you install Microsoft Windows XP Media Center Edition 2004, the first time you click on Live TV, you may see the TV video but there will be no sound. Microsoft says to leave the Media Center by using Exit in the Media Center controls. Then go back to the Windows Media Center by using the Start button, and then press Live TV. This loss of sound is supposed to be a one-time thing, so you won't have to leave and re-enter for future TV viewing. Mozilla 1.6 includes a new cross-platform NTLM authentication mechanism. This feature brings NTLM authentication to the non-Windows Mozilla users for the first time and also delivers more robust and featureful NTLM support to users of older Windows versions. Mozilla says that if you are using Mozilla 1.6 with certain unspecified ATI video drivers, you may end up with a lot of system crashes. If you are crashing, you should look for the latest ATI drivers for your video card at http://www.ati.com/support/driver.html. The NovaStor NovaBACKUP 7.1 upgrade makes NovaBACKUP compatible with Windows 2003 Server. It also adds many new supported devices for DVD-RAM, FireWire, and USB Support for Tape. Novell says that their NetWare 6.5 Support Pack 1 had some problems when used with NSS volumes with comptression. Novell says that while files on the source server are OK, compressed files copied to destination NetWare 6.5 Server with Support Pack 1 may get corrupted. If you think you fall into this category, see http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967906.htm.
1/16	Here's a bug you actually won't have to worry about for a year. According to Palm, you may have problems turning off Tungsten T3 or E handheld computers in the first week in January. You may turn the power off, but it comes back on after a few seconds. Palm says this may be due to a birthday reminder that spans the end of the year. If you have a birthday reminder set to go off seven days before a birthday, for instance, and the birthday is January 5, you may not be able to power off for those first five days in January. The easiest workaround is to change the reminder time so that it doesn't span the year change. Adobe says that if you have an item in the library in InDesign CS, and that item has mixed ink with both spot and process colors, don't try to drag it into a document. If you do, InDesign may crash with the error message The instruction at "<hexidecimal address>" references memory at "<memory address>". The memory could not be written. Click OK to terminate the program. In Windows. It will also crash on a Macintosh, with this error message The Application InDesign has Unexpectedly quit. Adobe says that you shouldn't mix -- either use all process colors or all spot colors in an object. Mandrake says that there is a bug in the accelerator keys in the qt3 package. This causes incompatibilities with KDE applications Konqueror, KMail, and others. Try to use the keys, and the programs may crash. They now have a fix for Linux 9.2 that fixes this problem. If you start Microsoft Windows XP Media Center Edition for the first time on a Hewlett-Packard Pavilion ZD7000 laptop, you may get this warning message: Your display is running at a very high resolution which may cause performance problems in Media Center. Go to the Display Control Panel settings tab, and reduce the primary monitor's screen size. Microsoft has only tested Windows XP Media Center at resolutions of 1024 by 768 and lower. However, the default resloution for this HP is 1440 by 990. When Windows sees that, it gets nervous and gives the warning message. If you reduced your resolution, HP says not to worry -- they haven't found any problems. So you can crank it back up. Red Hat has a fix for the redhat-config-kickstart package in Red Hat Enterprise Linux 3. This takes care of a bug that was giving the wrong listing for available package groups in the Package Selection Screen. Without the fix, you may get errors with the SQL Database Group. See https://rhn.redhat.com/errata/RHBA-2003-306.html for details. Symantec has updated their Symantec Vulnerability Assessment 1.0 tool, so that it checks for 20 new problems. It's enough up-to-date that it checks for the new January 13, 2004 security problems disclosed by Microsoft. You can get the new information via LiveUpdate, or at http://securityresponse.symantec.com/avcenter/security/Content/2004.01.15a.html. This web page also has the complete list of new additions.
1/15	There is a new version of Logitech Mouse Software. However, Version 9.79.1 build 25 does not work with Windows Server 2003. The mouse will work as a basic pointing device, but you won't be able to program the buttons or see it in the MouseWare Control Center. When you are installing Adobe Photoshop CS on a Mac OS X 10.3 system, the installation may crash right after the administrator password is authenticated. You may also see this error message " The application install Photoshop CS unexpectedly quit. The operating system and other applications have not been affected. Do you want to send a report to Apple?" According to Adobe, the problem may actually be a damaged or corrupted font on the Mac. They suggest two workaround -- either disable fonts and then install Photoshop, or create a new administrator profile (which won't have the damaged fonts in it.) Ultimately, you may need to do some font troubleshooting. For more information, see http://www.adobe.com/support/techdocs/32afe.htm. Mandrake says there is a problem with the kdegames package in Mandrake Linux 9.2. The kwin4 application may crash when you start it up. Get the update from Mandrake to fix this. Mandrake has patched the security hole in the kdepim Personal Information Manager, which is distributed with KDE 3.1.0 through 3.1.4, which ships with Mandrake Linux 9.1 and 9.2. A bug in the .VCF reader may allow an attacker to send a bad .VCF file that can run code on the target machine. Get the patch automatically or at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:003. Microsoft says that when you start Outlook Express for Macintosh, you may see one of three error messages, none of which points exactly at the problem. If you see An error has occurred. Unexpected end of file. or Memory is full. or An unknown error 4359 occurred. or The end of file was reached the problem is that there is some damage to the identity that is used when OE starts. To fix this, you need to rebuild the Identity Preferences File. Find out how to do this at http://support.microsoft.com/?kbid=296844. If you install the Microsoft Office Outlook Connector for MSN, you may later have problems accessing the non-premium parts of your MSN accounts, such as the Calendar, Notes, or Journal. Although you are going to the non-premium portion, you may see this error message: Microsoft Office Outlook Connector for MSN is limited to paying MSN Subscribers. Do you want to subscribe now? Apparently, the Office Outlook Connector gets confused with the different parts of the accounts. Microsoft says you need to "add the non-Premium MSN account as a secondary account to associate the non-Premium MSN account with a Premium MSN account." Got that? I didn't think so -- you may want to read the whole thing at http://support.microsoft.com/?kbid=834460.
1/14	The most wide-ranging problem in January's batch release of security bulletins from Microsoft concerns a buffer overflow in Microsoft Data Access Components 2.5 through 2.8. While most people think they are unaffected, these components are included in Windows 2000/XP/Server 2003, as well as Microsoft SQL Server 2000. While this vulnerability may allow an attacker to run their own code on your computer, there are a number of factors that limit the scope of the vulnerability. See the details and get the patch at http://www.microsoft.com/technet/security/bulletin/ms04-003.asp. Corel says that in WordPerfect 11, if you have surpress criteria, and you change the criteria, all of the surpress code will get deleted instead. Corel has a macro that can be used as a workaround for this. Get the details at http://support.corel.com/scripts/rightnow.cfg/php.exe/enduser/std_adp.php? p_sid=x9xrPg1h&p_lva=&p_faqid=207691. Microsoft says that there is a bug in the H.323 Filter in their Internet Security and Acceleration Server 2000. Because of the bug, a remote attacker may be able to run their code on the computer. As a workaround, you can turn off the H.323 filter. For details on how to do that, or to download the permanent fix from Microsoft, see http://www.microsoft.com/technet/security/bulletin/ms04-001.asp. Microsoft credits the The UK National Infrastructure Security Co-ordination Centre (NISCC) for finding this problem. A security hole in Microsoft Outlook Web Access for Exchange Server 2003 may allow a user to gain higher privileges on the server. The attacker would first have to authenticate to an Exchange Server 2003 front-end server, according to Microsoft, and then could only gain access to a random mailbox. Get the fix at http://www.microsoft.com/technet/security/bulletin/ms04-002.asp. Microsoft says that if use use a specialized dictionary in the Dutch version of Office 2003, you may crash an Office application when its time to do a spell check. Microsoft's workaround is to turn off the specialized dictionaries. To see which dictionaries are the problems, and to see how to turn them off, go to http://support.microsoft.com/?kbid=833752. If you have a form with grouped controls in a Microsoft Access 2003 database, and the database is digitally-signed, Access may crash when you open this database. To fix this, you need to ungroup the controls. However, you can't do that if you can't open the database. As a workaround to that, you need to temporarily set the Macro Security Level to Low. To see the 13 steps needed for this, go to http://support.microsoft.com/?kbid=833877. Novell says that if you have installed their 483PSP2E.EXE fix to NWFS.SYS on Novell NetWare clients, those clients may not be able to open Microsoft Word documents. In this case, you will need the 348133.exe fix from Novell at http://support.novell.com/servlet/tidfinder/2967092. Novell says that if Citrix servers are hanging or talking about memory shortages during login, you may need to upgrade the Novell client's NWFS.SYS with the 348133.exe upgrade. You can get this at http://support.novell.com/servlet/tidfinder/2967092. Red Hat has updated their kdepim package for Red Hat Linux 9. This KDE Personal Information Manager has a security bug in the information reader for VCF files. An attacker may be able to send a carefully constructed VCF file that would run code on the target computer. If you use this PIM, get the update from https://rhn.redhat.com/errata/RHSA-2004-006.html. In its latest security update, Symantec ManHunt has new vulnerability information, signatures, and event refinement rules. There is also an update to the ManHunt engine that supports new protocols. This update was released on 1/12/2004. Symantec updated NetRecon 3.6 on 1/12/2004. This update checks on nine new problems discovered in Microsoft Internet Explorer, Cisco IOS, and Cisco Catalyst. You can get this update with NetRecon's Live Update feature.
1/13	Cisco has unearthed a bug in how many of their products process H.323 messages. These are usually related to Voice over IP (VoIP) applications or other multimedia messages. Products that use Cisco IOS® Software Release 11.3T and later are affected, as are: Cisco CallManager versions 3.0 through 3.3; Cisco Conference Connection (CCC); Cisco Internet Service Node (ISN); Cisco BTS 10200 Softswitch; Cisco 7905 IP Phone H.323 Software Version 1.00; and Cisco ATA 18x series products running H.323/SIP loads with versions earlier than 2.16.1. This bug can lead to denial of service attacks against the devices. Details and fix information are at http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml.
1/12	If you have a Symantec product that uses LiveUpdate (such as Norton AntiVirus) you may have run into problems starting on 1/7/2004. According to Symantec if you suddenly notice your computer slowing down, and that Microsoft Word or Excel won't start, it may be due to issues involving security verification. In particular, they say that VeriSign (who handles the security certificate verification) suddenly started receiving a large number of requests for a certificate revocation list (CRL) starting on January 7-8, 2004. At this point, details are sketchy, but you may want to keep an eye on this page (really long URL) for later developments. 3 Way Color Corrector didn't make the cut for Apple Final Cut Express 2.0. While the online help talks about this feature, Apple says it is actually not part of the program. Apple says that, even if the installation program lets you put it somewhere else, you should always install Final Cut Express 2.0 on the computer's startup disk. They don't say why, so we will have to assume it's for a good reason. Microsoft says that the 802.1x wireless implementation in Windows XP Service Pack 1 (SP1) and Microsoft Windows Server 2003 has some compatibility problems with some third-party Extensible Authentication Protocol (EAP) solutions. The only one in particular they cite is RSA Security's SecuID technology. If you have a Windows XP SP1 or Windows Server 2003 computer with these connection problems, you may want to contact Microsoft Technical Support to get the hotfix discussed in Knowledge Base article 827537. Note that you might get charged for this call. Microsoft says that if you are using a Windows XP client to copy an encrypted file to a Windows Server 2003 server, you may run into problems. You may not be able to copy the file locally, or you may get a Confirm File Replace dialog even though there is not a file with the same name in the destination. Microsoft has a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 830380. Note that you may get charged for this call. Microsoft says that Office 2003 applications may have compatibility problems with Sensiva Symbol Commander. If this third-party application is installed, it may interfere with right-clicking in some of the Office applications. The context-sensitive menu may not appear, or you won't be able to click a menu choice. Microsoft says that as a workaround, you can turn off Symbol Commander by right-clicking its icon in the taskbar, and selecting Remove Symbol Commmander.
1/10	Microsoft does not deliver security updates by email. If you get an email message that says it's from Microsoft, with the text saying something like " "Window [sic] Update has determined that you are running a beta version of Windows XP Service Pack 1 (SP1)" and tells you to install the attached file -- DON'T! It's a trojan that is being called Trojan.Xombe. Apple says that files that MPEG files encoded by the Sonic Creator application may not work right in Apple DVD Studio Pro 2. Apple says you might not be able to drag these files into either the Timeline or Outline Contents. After dragging them they will snap right back to where they were. As a workaround, Apple says to make a detour. First drag the files into the Assets tab. Then you can drag them from the Assets tab to their ultimate destination. Apple says that in Mac OS X 10.3.2, using certain languages and then connecting to an AFP server may cause your menu bar items to blink. If you have Crash Logging turned on, every blink will cause a "SystemUIServer" to be logged. Languages affected are those based on Cyrillic, Greek, Central European, or Modified Roman characters. A full list is at http://docs.info.apple.com/article.html?artnum=107824. The blinking will stop when you disconnect from the AFP server. Microsoft says that some cell phones with Bluetooth tranceivers, such as Nokia phones, the Sony au c413s, and the Docomo (Sharp) PALDIO 633, may have problems connecting with the Microsoft Wireless Optical Desktop for Bluetooth. If you are having problems, check out the detailed explanation, and a fix that requires a Registry edit, at http://support.microsoft.com/?kbid=811235. Microsoft says you might have problems upgrading clients of their Systems Management Server 2003 if the Sygate Security Agent is installed on the client. Before upgrading, Microsoft says to configure Sygate Security Agent to allow upgrades of SMS Agent Host for Advanced Clients, and SMS Client Service for Legacy Clients. Microsoft says that the Windows 2000 Indexing Service may not work correctly on documents that have a property set greater than 1 MB. The Indexing Service will skip these documents. Microsoft has a hotfix for this, which will be in a future service pack. If you need these documents indexed right away, contact Microsoft Technical Support and ask for the hotfix discussed in Knowledge Base article 825654. Note that you might get charged for this call. NVIDIA says that if you are using a Quadro NVS card with the Forceware 53.03 driver on Windows XP systems, you may be getting some Blue Screen of Death crashes. They say this will be fixed in the next driver release. NVIDIA says that if you are using one of their graphics cards with the Forceware 53.03 driver, you may get horizontal black lines in Need for Speed Hot Pursuit 2. They say this will be fixed in the next driver release.
1/9	Cisco says that their Cisco Personal Assistant 1.4(1) and 1.4(2) may let unauthorized users come in and manipulate user preferences and configurations. This will happen if the Personal Assistant administrator goes to System, Miscellaneous Settings and checks the box "Allow Only Cisco CallManager Users", and the Personal Assistant Corporate Directory settings are the same directory service that is used by Cisco CallManager. Cisco says this can be fixed very easily. Just go to the Personal Assistant Administration site, then go to System, Miscellaneous and uncheck the "Allow Only Cisco CallManager Users" option.
1/8	Zone Labs ZoneAlarm Pro 4.5.538.0 includes a number of compatibility fixes so that the ZoneAlarm firewall gets along better with third-party programs. There are also a number of unspecified reliability enhancements. You can get the update at http://download.zonelabs.com/bin/free/information/zap/releaseHistory.html Mandrake's fix for the Linux kernel versions 2.4.23 security bug is now available. This fixes the bug found by Paul Starzetz that may allow a local attacker to get root access. They also fixed a bug in the real time clock routines. To update, see the directions at http://www.mandrakesecure.net/en/kernelupdate.php. Microsoft says that if you use Web Distributed Authoring and Versioning (WebDAV) on a Windows XP Professional computer to open a file on a network share, and the total length of the path to the file is greater than 260 characters, you will get a Stop error in Mrxdav.sys. Microsoft has a hotfix for this, which will be in a future service pack. If you need to get this fix earlier, contact Microsoft and ask for the hotfix described in Knowledge Base article 832143. Note that you may get charged for this call. Microsoft says that if you try to upgrade to Windows XP while Symantec Norton AntiVirus is running on the old version of Windows, you may get this error message Windows could not start because the following file is missing or corrupt C:\Windows\inf\Biosinfo.inf Microsoft says some other third-party software may also cause this error. As a workaround, quit the upgrade, remove NAV or the other program, and then re-do the upgrade. If you are using a video capture program on a Windows XP Service Pack 1 computer, that is running Microsoft DirectX 9.0b, the video may only show up in the preview window for a few seconds. This may affect Microsoft Windows Movie Maker, as well as third party programs. Microsoft has a hotfix for this, which will be in a future service pack. If you need to get this fix earlier, contact Microsoft and ask for the hotfix described in Knowledge Base article 830363. Note that you may get charged for this call. Red Hat has an update for Red Hat Linux 9 that fixes two security problems in Ethereal, a network traffic monitoring utility. An attacker may be able to send bad packets that would crash Ethereal. This has been fixed in Ethereal 0.10.0. You can get it at https://rhn.redhat.com/errata/RHSA-2004-001.html.
1/7	If you have a Palm Tungsten T3 or E, and you recently updated on your desktop computer to Microsoft Outlook 2003, you may want to get the Outlook Conduits for Palm Update v1.01. The earlier version of the Outlook Conduit didn't support Outlook 2003. There are also some other minor bug fixes in it. Get the update at http://www.palmone.com/us/support/downloads/outlookupdate2k3.html. If you are using the Active Desktop feature on a Windows 2000 computer, then after running and exiting Microsoft Age of Empires II: The Age of Kings 2.0 or Microsoft Age of Empires II Gold Edition, you may find your desktop wallpaper shrunken and stuck in the upper left corner of the desktop. To get the wallpaper back to its desired state, go to the Desktop Display Properties dialog, and change the Picture Display to some other setting. This will force the desktop to redisplay the wallpaper correctly. To avoid the problem completely, you will need to turn off the Active Desktop. Microsoft says that they have changed the protocols used by the Microsoft Download servers. Because of this change, if you try to get a Construction Update in Microsoft Streets and Trips or Microsoft MapPoint (2001 through 2004), you will get an error message that the Highwy Construction information is still out of date, even after the update is complete. Microsoft says you will have to get the update manually. See the instructions at http://support.microsoft.com/?kbid=812938 for the details. If you are going to run the Microsoft Systems Management Server 2003 on a Windows 2000 computer, you must be in one of these states: Windows 2000 Service Pack 3 and the SMS 2003 Hotfix 325804 both installed, or Windows 2000 Service Pack 4. Microsoft helpfully includes this hotfix on the SMS 2003 CD, so you don't need to go looking for it. If you have a NVIDIA graphics card in your Windows 2000/XP computer, using the NVIDIA 52.16 driver, you may be getting crashes in Adobe After Effects. This has been fixed with the NVIDIA Driver 53.03 update. Get the update at http://www.nvidia.com/object/winxp_2k_53.03 . If you have a NVIDIA graphics card on a Windows 2000/XP computer, and are trying to play EA Sports Tiger Woods 2004, the introductory movie may get cut in half. This has been fixed with the NVIDIA Driver 53.03 update. Get the update at http://www.nvidia.com/object/winxp_2k_53.03. If you are running Sun Microsystems's Sun ONE Web Proxy Server 3.6 SP4 on a Windows computer, make sure that the LDAP server is up and running before the Proxy Server starts. If not, the Proxy Server will go through a constant stop and restart cycle.
1/6	Red Hat has a kernel update for Red Hat Linux 7.x, 8.0, and 9. This update fixes a security hole that may allow one of your local users to get root privileges. The bug was discovered by Paul Starzetz from ISEC in the Linux kernel versions 2.4.23 and earlier. You can get the Red Hat fixes from https://rhn.redhat.com/errata/RHSA-2003-417.html. Apple has an updated list of which digital music/CD/MP 3 players that are compatible with iTunes 4 and Mac OS X. You can find this list at http://docs.info.apple.com/article.html?artnum=93548. If you are running Microsoft Content Managent Server 2002 SP1 on a Windows Server 2003 computer, you may have problems installing Microsoft Visual Studio .NET 2002. You may see this error message "Unable to pre-create directory for profile files." Microsoft has more information and a workaround at http://go.microsoft.com/fwlink/?LinkID=18359. If you have installed Microsoft Content Management Server 2002 SP1 on a Windows Server 2003 computer, you may have problems accessing the MCMS Default Console via Internet Explorer. That's because the version of IE on Windows Server 2003 has a default security setting of High. You will need to add the MCMS Web site to Windows Server 2003 Trusted Sites list. If you are trying to use Microsoft Flight Simulator 2004: A Century of Flight with a Microsoft Sidewinder Force Feedback 2 on a Windows 98 or Windows 2000 computer, you will have problems unless you are using a Sidewinder 4.0 driver. If you try to configure the forces in the Game Controller dialog box, the forces will quit until you stop and restart FS 2004. Where do you get those drivers? According to Microsoft, "The Sidewinder 4.0 drivers are available when you purchase a Sidewinder 4.0 product." If you try to run Microsoft Flight Simulator 2004: A Century of Flight on a computer that has two joysticks installed, then you may get stuttering or pausing in the program. Microsoft says you need to remove one of the joysticks that is listed in the Windows Control Panel Game Controller dialog box. Novell has released Novell Account Management Service Pack 2. This fixes a potential security flaw in Open SSL that may have allowed remote timing attacks. You can get the service pack at nam30sp2.exe from http://support.novell.com/servlet/tidfinder/2967796. Novell has released Novell Account Management 3 Service Pack 2. This service pack includes a number of fixes for the Novell Account Management 3.0 Manager. There should be less problems with crashes and lockups during trawl phases, and the service pack fixes bugs that occur when processing users with duplicate grids. You can get the service pack at nam30sp2.exe from http://support.novell.com/servlet/tidfinder/2967796. When Sun ONE Web Proxy Server 3.6 SP4 is running on Windows, you might have problems using Microsoft Internet Explorer 6 Service Pack 1 if you have ACL turned on. Sun says to hit the Refresh button in IE -- this should make sure that subsequent requests from that browser instance work.
1/05	Microsoft released some bad news just before Christmas. They say that if you install Hotfix 329256 onto a Windows XP Service Pack 1 computer, you may adversely affect the performance of a 1394 (Firewire) hard drive. They say that both reading and writing to the drive may be affected, although the performance hits to different systems may vary. This happens because of "an increase in the gap count for stable enumeration." There's not a lot of details, but there may be updated information at http://support.microsoft.com/?kbid=831584. Apple says that if you have an image in an AppleWorks 6 document, and then export that image to Microsoft Word, the image won't be there when the document is opened in Word. Apple says to use Rich Text Format instead of Word to avoid this problem. Apple says that the Calculator in Mac OS X 10.3 falls victim to the well-known properties of floating point arithmetic when performing calculations. If you are in the Calculator window and add 77 + .1, you will get the expected 77.1. However, if you are looking at the Paper Tape display, you will get an answer of 77.09999999999999. (This quirk in floating-point arithmetic cuts across companies, applications, and platforms -- it is not specific to Apple.) ATI says that if you are using their MULTIMEDIA CENTER 8.8, you shouldn't change the color depth or display resolution while the MULTIMEDIA CENTER is running. It may crash either the CENTER or your OS. Before making your changes, exit the Multimedia Center. If you are using the ATI MULTIMEDIA CENTER 8, and you shut down the TV while Picture in Picture (PiP) is on, the next time the TV is restarted there will be a blank PiP frame. This has been fixed in the 8.8 update from ATI. If you are using Lotus Organizer 6 on a Windows XP computer, customizing the color on some of the organizer tabs may not work correctly. If you are having this problem, and want to customize your colors, get the upgrade from IBM at http://www-1.ibm.com/support/docview.wss?uid=swg24004151&rs=260. Novell has an updated ADDriver for DirXML 1.1, DirXML 1.1a and Password Sync 1.0. This update fixes any -292 error or driver exception error when the driver is first started. Get the update in dradpt3.exe at http://support.novell.com/servlet/tidfinder/2966257. Service Pack 4 for the Sun ONE Web Proxy Server 3.6 fixes a number of bugs related to LDAP (Lightweight Directory Access Protocol). If the LDAP server used for ACL is down, it should no longer cause the proxy server to lock up. Also, the proxy server will no longer crash if a user is not in the LDAP.
1/04	Apple says that if you are using Web acceleration software (they aren't specific about companies or products) then you may have problems using iTunes for Windows. If you go to the Source list and click Music Store, the main iTunes window will go white and not show any data. Apple says to iTunes for Windows 4.2 or later to fix this incompatibility. If you are using Mac OS X 10.3.1 or earlier on an Apple PowerBook G4 computer, and you move a Classic application window, your computer may lock up. Apple says this has been fixed in the Mac OS X 10.3.2 Update. If you are using Microsoft Windows Server 2003, and try to copy a large number of files to a NAS (network attached storage) device, you may get this error message STOP 0x00000027 (baad00a0, b053a380, b0539fd8, b18d4a81) in mrxsmb.sys Microsoft has a hotfix to take care of this error, which will be in a future service pack. If you can't wait for the fix (if you do a lot of copying to these devices, for instance) you may want to contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 831128. Note that you may get charged for this call. Here is something not to do, according to Microsoft: Install Windows XP Service Pack 1, but before you restart your computer, try to install some more updates via the Windows Update web site. If you do this, you may see this error message while accessing Windows Update: Winlogon.exe. Entry Point Not Found The procedure entry point AssocIsDangerous could not be found in the dynamic link library SHLWAPI.DLL. Because you didn't restart, you have some damaged DLL files. You will have to do a fairly complicated fix from the Windows XP Recovery Console. You can see the details at http://support.microsoft.com/?kbid=829786.
12/31	If you are using ProFTPD on Mandrake Linux 9.1 or 9.2, you want to get the update to ProFTPD 1.2.7. This fixes a security problem that may allow a remote attacker create a root shell. This was originally fixed in September, but another bug was found in that update.