 |
|
|
|
 |
 |
|
|
 |
|
||
 |
|
||
 |
|
||
 |
 |
|
|
 |
|
||
BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company
Jump to the BugBlog archives (October 03 and earlier are public archives)
Dec 06Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02
*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.
Adobe | Apple | ATI | Cisco | Creative | General | Hewlett Packard | IBM | Intel | Juniper | Linksys | Mandrake | Microsoft | Mozilla | Novell | Opera | Oracle | RealNetworks | Red Hat | Sun Microsystems | Symantec | Zone Labs
Adobe
Adobe has an update for both their full Acrobat program and the Acrobat Reader. The Acrobat 6.0.2 update include "Security update to further restrict malicious code execution" although they are not forthcoming about the details. (The real bad guys probably already know how to break in to a PDF, but they don't want the script kiddies to know, too.) The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
Adobe Acrobat and Adobe Reader 6.0 may have problems with some XML Data package (XDP) files. If they are not based on XML forms they might not be understood and correctly sent to XML agents. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In Adobe Reader 6.0, any hidden fields created with Adobe Designer 6.0 may cause the screen readers to fail. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In both Adobe Acrobat and Adobe Reader 6.0 , the XML Forms Architecture plug-in may have compatibility problems with JavScript-based intelligence. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In Adobe Acrobat 6.0 for both the Windows and Mac OS, bar-encoded forms may not generate 2D bar codes correctly. This has been fixed in the Acrobat 6.0.2 update. The Windows and Mac versions are at http://www.adobe.com/support/downloads/main.html.
Your computer may not want to let go if you are installing Adobe Creative Suite. After you see the message "Please insert Adobe Creative Suite Disk 2" you may not be able to eject CD 1. Adobe says you may be able to move the installation process along by quitting the Adobe Creative Suite Autoplay program. If that doesn't work, you may need to install from the desktop. For details on these solutions, see http://www.adobe.com/support/techdocs/3410e.htm.
Adobe says that if you have InDesign CS or other Creative Suite products running on a Mac OS X computer, you may not be able to see fonts from Extensis Suitcase immediately after they are activated. However, they will appear immediately in non-Adobe products. There are a number of things you can do to get the fonts to show up, such as create a new Adobe document, or quit and restart the Adobe application.
After opening a document in Adobe InDesign 2.x or CS on
a Mac, you may be faced with this rather cryptic error message
DocFontInfo::DoActivate - exception caught # (1)
Adobe says the problem is because Extensis Font Reserve 3.x is installed. You
will either need to restor the Font Reserve Database from a backup, or create
a new Font Reserve Database. For details on how to do either one of those,
see http://www.adobe.com/support/techdocs/33586.htm.
When running Adobe Photoshop CS on an Apple Mac OS X 10.3 computer, you should be able to open an image by double-clicking it or dragging it to the Photoshop icon. Adobe says this may successfully open Photoshop, but the image itself won't open automatically. Adobe says you may be able to fix this be going to the Previous System folder and copying the Adobe Unit Types file the the /Library/Scripting Additions folder. If that doesn't work, you may just want to reinstall Photoshop.
Adobe has an update for Photoshop CS for running on multiple-processor computers. This update fixes a bug that sometimes caused an image to be corrupted when you rotated it. It also fixes a bug in the Magic Wand tool. The Windows version is at http://www.adobe.com/support/downloads/detail.jsp?ftpID=2560.
When opening or saving a file in Adobe Photoshop CS for
Windows, you may see one of these error messages
Could not complete your request because it is not
the right kind of document
or
File [path to file] already exists. Do you want to replace
it?
If you determine that these error messages are erroneous (the file is the right
type, or it doesn't already exist) then there may actually be a number of places
where Photoshop has gotten confused. Adobe has a number of troubleshooting steps
you can work through at http://www.adobe.com/support/techdocs/336ba.htm.
If you are using Adobe Photoshop CS on a Mac OS X computer,
when you try to create a Web Photo Gallery in the Adobe Photoshop File Browser,
you may run into unexpected difficulty. Adobe InDesign will open and give
you the error message
"Cannot open the file 'index.htm.' Adobe InDesign
may not support the file format, a plug-in that supports the file format
may be missing, or the file may be open in another application."
Adobe gives three workaround: associate Web Photo gallery files with a web browser;
reinstall Photoshop; upgrade to InDesign CS 3.0.1. You can see the detailed help
at http://www.adobe.com/support/techdocs/33a9a.htm.
Apple
If you are trying to access AOL from a Mac OS X 10.3 computer via an AirPort or AirPort Extreme Base Station, you may be able to receive mail, but you won't be able to browse the web -- using neither an AOL dialup account or a DSL account. To fix this, you need two upgrades. First, get AOL software v.10.3 (revision 4136.208) or later. Then give the AOL keyword "MacAirportFix", which should lead you to another AOL update, which you need to install.
If you have been wondering whether your USB printer is compatible with Apple's AirPort Extreme Base Station, Apple has posted a list at ttp://docs.info.apple.com/article.html?artnum=107418. There are compatible printers from Canon, Epson, HP, Lexmark, plus a separate list of Postscript printers. Check the list for the exact compatible models.
Apple says that if you upgrade to iTunes 4.5, you may find that you are missing songs or playlists. Their first advice is to continue upgrading, only this time go to iTunes 4.6. If you don't want to do that, there are a few other things to try. Ask iTunes to upgrade the library again, or recreate the library from the XML file. If you need help on how to do this, see http://docs.info.apple.com/article.html?artnum=93834.
Apple has a new version of iTunes for both the Mac and the PC. While they do not divulge any details of what gets fixed, they say that the new iTunes 4.6 is more stable and reliable. You can get the update at http://www.apple.com/support/downloads/itunes.html.
Apple says that while an iPod can hold very large text files, it will only display the first 4 KB of text in that file, which works out to around 4096 characters. If you want to see everything in the file, you are going to have to break it up into smaller files.
If you are having problems sharing a large music library in Apple iTunes 4.5 (Apple doesn't give an exact definition of "large"), upgrading to iTunes 4.6 may allow you to share. If you don't want to upgrade yet, you may be able to work around the problem by having the person with the large library create smaller playlists that are subsets of the big library. You should be able to share these.
PDF documents can be password-protected by their creators. Apple says that sometimes the Preview Feature of Mac OS X 10.3.3 and earlier will ask for a password, even if the document is not password-protected. As a workaround, Apple says that if you can use Adobe Reader or some other application to open the document without asking for a password, just use that and not Preview. They also say this is fixed in Mac OS X 10.3.4.
Apple has released a a 6/7/2004 security update for both Mac OS X 10.2.8 and Mac OS X 10.3.4. Apple says that these are "recommended for all Macintosh users" although outside security experts and news reports refer to them as "critical" updates. You can find links to both of them from the main Apple Support page at http://www.apple.com/support/. Details will be covered below.
Apple says that the Mac OS X 10.3.4 may not always handle out-of-sequence TCP packets correctly. This has been fixed in the Apple 6/7/2004 security update, which you can get at http://www.apple.com/support/downloads/securityupdate_2004-06-07_(_10_3_4).html.
The Apple Mac OS X 10.3.4 Security Update fixes two problems
in the LoginWindow. It fixes the bug detailed in CAN-2004-0514 that affects
directory services lookups, and it also fixes the CAN-2004-0515 bug in handling
console log files. Apple credits aaron@vtty.com for finding these problems.
Get the security update at
http://www.apple.com/support/downloads/securityupdate_2004-06-07_(_10_3_4).html.
The Apple 6/7/2004 Security Update for Mac OS X 10.3.4 fixes
a problem in NFS that will make it easier to do logging when tracing system
calls. Apple credits David Brown for finding this bug. Get the security update
at
http://www.apple.com/support/downloads/securityupdate_2004-06-07_(_10_3_4).html.
The Apple 6/7/2004 security update fixes the bug in the "Show
in Finder" button of Safari that would not only open some downloaded
files, but in some cases would execute a downloaded application. That's not
something you want to happen if that downloaded application contained a worm
or virus. Get the security update at
http://www.apple.com/support/downloads/securityupdate_2004-06-07_(_10_3_4).html.
The Apple Mac OS X Server 10.3.4 update fixes some problems with NFS. One bug interferes with searching on NFS reshared volumes that are mounted at a client. Another bug is when there is a Sherlock searcy on an AFP reshared volume that was first exported using NFS.
eWeek has a story roundup about people having problems with the Mac OS X 10.3.4 update. While the BugBlog is covering the fixes in the update, there are anecdotes about people having problems, although there is no official word from Apple. You can read the story at http://www.eweek.com/article2/0,1759,1603685,00.asp?kc=ewnws060104dtx1k0100599.
Apple says that if you use Disk Utility's repair permissions on a Mac OS X Server 10.3.3 startup disk, you may have problems getting Mailman to accept new mail. This has been fixed in the Mac OS X Server 10.3.4.
When using the Password Server on an Apple Mac OS X 10.3.3
server, sometimes you will get incomplete databases during a replication,
and CPU time spikes up to 100 percent. You may also see this error message
in the Password Server Replication log file
DoSyncWithServer: error = -14090.
This has been fixed in Mac OS X 10.3.4. This update also fixes a bug that causes
weirdness if the primary administrator's password has a $ sign.
Apple says that even if you have more than 4 GB of RAM installed in your Mac OS X computer, Final Cut Pro HD 4.5 will only be able to use a memory allocation of 2.5 GB. First, Apple points out that since Mac OS X is a 32-bit OS, it can't address more than 4 GB of memory. Then there is a whole bunch of overhead for libraries, drivers and the like. Final Cut saves 1.5 GB for them. That means only 2.5 GB is left.
ATI
If you are using an ATI graphics card with their Catalyst 4.5 or 4.6 software suite, you may have some problems loading the game Return to Castle Wolfenstein: Enemy Territory. If anti-aliasing is set to 2x or 4x, then you may see a split screen when the game loads. There is no fix yet
If you have an ATI Radeon 8500 graphics card on a Windows XP computer, and you are using ATI Catalyst software suite 4.4, 4.5, or 4.6, you may not be able to see the main menu in the game Indiana Jones and the Emperor's Tomb. Instead, you may only see a bunch of flashing textures. There is no fix yet.
If you have a Windows XP computer using an ATI graphics card and the Catalyst 4.6 display drivers, you may have problems playing Larian Studios Beyond Divinity. When you scroll the screen to the left, you will get display corruption on the right. For now, ATI has no fix or workaround.
If you have a Windows XP computer using an ATI graphics card and the Catalyst 4.6 display drivers, you may have problems playing Eidos Thief 3. Lighting on the wall may flash blue, and you will get flickering shadows. For now, ATI has no fix or workaround.
ATI says that if you are using one of their graphics cards with their Catalyst 4.5 software, when you use a hotkey to rotate the display image or use the ATI icon in the system tray to rotate, you may cause the operating system to intermittently lock up for about ninety seconds. This has been fixed in their Catalyst 4.6 software.
If you have an ATI graphics card running the Catalyst 4.5 software on a Windows 2000 computer with the extended desktop turned on, you may get display corruption if you rotate the primary desktop either 90 or 180 degrees. This has been fixed in the Catalyst 4.6 upgrade.
ATI says that with their Catalyst 4.6 software, used with an ATI graphics card, you will be able to force on Anti-Aliasing. This can be done via the Catalyst control panel. However, forced Anti-Aliasing is incompatible with these games: Ubisoft Prince Of Persia: Sands of Time; Ubisoft Splinter Cell / Pandoras Box; Codemasters Race Driver (TOCA); Acclaim Crazy Taxi 3. Try it, and you may end up with display corruption.
Cisco
Cisco says that their CatOS is vulnerable to a denial of service attack via the Telnet, HTTP and SSH services. The vulnerable hardware would include: Catalyst 6000 series; Catalyst 5000 series; Catalyst 4500 series; Catalyst 4000 series; Catalyst 2948G, 2980G, 2980G-A, 4912G; Catalyst 2901, 2902, 2926[T,F,GS,GL], 2948. They have both workaround and fix information at http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml.
Cisco says that any of their hardware that is running IOS
and has the Border Gateway Protocol (BGP) turned on can be hit by a denial
of service attack. The device has to received a malformed BGP packet, and
Cisco says in most cases it will have to look like it is sourced from a configured,
trusted peer. They also note that BGP is not turned on by default. They have
fixes (or news of fixes) for various versions of IOS listed at
http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.
Creative
Creative has an updated driver for the Creative Disc Maker or Creative CD Burner. These programs may have been included with the Sound Blaster Audigy 2 ZS Platinum Pro. The new driver update 1.00.03 supports some of the newer CD-RW drives.
General
US-CERT has two vulnerability notes related to bugs in the Internet Systems Consortium's (ISC) Dynamic Host Configuration Protocol (DHCP) 3 application. These bugs may allow buffer overflows that may let attackers run their own code on the target system. According to US-CERT, this vulnerability may affect various flavors of UNIX and Linux: AIX; AlphaOS; Cygwin32; HP-UX; Irix; Linux; NextStep; SCO; SunOS 4; SunOS 5.5; Ultrix. The latest version of DHCP from ISC, DHCP 3.0.1rc14, fixes this problem. Check with vendors for their versions of the updates.
According to the anti-virus vendor Sophos, who keeps track of such things, May 2004 set a thirty month high in the number of new viruses found on the Internet. Not only was there a lot of new activity, but five of the newcomers hit their Top Ten list for the month. The overall leader was Sasser. Even though this research can be viewed as reinforcing the need for their products, there is certainly enough independent news accounts of virus activity to say that May was very busy.
If you noticed some high profile web sites, such as Yahoo!,
MSN, and Microsoft.com acting slow, or even missing, on 6/15, it was because
someone or something launced a distributed denial of service attack against
Akamai Technologies. Akamai administers certain DNS functions for large sites.
You can read more at eWeek at
http://www.eweek.com/article2/0,1759,1612744,00.asp?kc=ewnws061504dtx1k0000599
There seem to be even more security problems in CVS, the Concurrent Versions System that is used in both open-source and commercial software development. While this may directly affect people working on these projects, it may indirectly affect end-users of the software being developed. These flaws may be used by attackers to plant back-doors or other flaws in the software. You can read the full report from E-matters GmbH, the German security firm that has found the latest problems, at http://security.e-matters.de/advisories/092004.html.
The Netsky-P Internet worm is making a comeback. Its malicious payload is now circulating in various messages related to the new movie "Harry Potter and the Prisoner of Azkaban". While muggles won't be tempted, Harry Potter fans may click to see the latest, and get the worm instead.
Both US-CERT and Symantec have increased their nervousness about the different variations of the Korgo worm making its was around the Internet. The two newest versions are W32.Korgo.F and W32.Korgo.G. They both take advantage of the LSASS Buffer overrun that affects Windows systems, and may be listening via TCP ports 445, 113, and 3067. Up-to-date antivirus signatures should take care of these variations.
Hewlett Packard
HP says that over 900,000 of their laptop computers may have bad memory modules that may cause blue screens of death or other problems on the computers. The bad memory modules were made between March 2002 and July 2003, and could be 128MB, 256MB or 512MB. If you have an HP laptop, you should go to http://h30090.www3.hp.com/mmrp/ and download a test that will tell you whether you need a free memory module replacement from HP.
If you have a Hewlett Packard Media Center 896c desktop PC with a HP 400i/Philips DVD8401 8X DVD+R/RW, you may have problems appending data to CDs if you switch to a NEC ND-1100A drive. HP has a FH04 firmware update that will fix this, and also give improved disk write strategies.
There is an updated driver for both the Hewlett Packard ScanJet 5500C Scanner and the Scanjet 3970 digital flatbed scanner. This driver fixes a bug that would sometimes cause an internal error when you try to save a multiple page scan to a PDF file. There are Windows ME and XP drivers for the 5500C, and ME, 2000, and XP drivers for the 3970.
IBM
eEye Digital Security says that BM Access Support (eGatherer) Activex Version 2.0.0.16, a tool to help IBM give automated support solutions, has a vulnerability that may allow an attacker to write a Trojan file to a computer. This tool is installed on many IBM computers. IBM has a patch for this at http://www-306.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-51860. You may also want to read eEye's details at http://www.eeye.com/html/research/advisories/AD20040615B.html.
An ActiveX tool used in automated support by IBM, acpRunner Activex Version 1.2.5.0, is installed on some IBM computers by default. eEye Digital Security says there are security holes in this ActiveX tool that may allow malicious users to plant their own files on your computer. IBM has a patch at http://www-306.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-51860 (the same patch as for another ActiveX vulnerability). eEye has more details at http://www.eeye.com/html/research/advisories/AD20040615A.html.
If you have an IBM ThinkPad T22, there is a BIOS update
that is supposed to give you better battery control. You can get the update,
and important installation instructions, at
http://www-1.ibm.com/support/docview.wss?uid=psg1MIGR-4VWPPU&rs=260.
If you have an IBM ThinkPad with a DVD drive, I'm sure you've
spent time wondering whether you have the most up-to-date firmware. (Why worry
about things like terrorism or global warming when you can sweat the details?)
IBM has a new disk-based utility that will scan your ThinkPad, check the DVD
firmware, and figure out whether you need an update. You can get this at
http://www-1.ibm.com/support/docview.wss?uid=psg1MIGR-41018&rs=260.
Intel
Intel says that if you try to play Microsoft's Rise of Nations
on a computer with an Intel 82852/82855 Graphics Controller with a driver
older than PV 12.1, you may see this error message:
This video card driver is not supported for use with
Rise of Nations. Please download the latest drivers from your manufacturer's
website.
Intel says to listen to Microsoft. Go to http://downloadfinder.intel.com/ to
get the latest driver for your card.
If you have a computer with a graphics card with an Intel
82865G Graphics controller, you may not be able to play Atari Enter the Matrix.
Start the game and you may get this error message
Full screen mode not available
and you may just have the game quit without an error. According to Intel, the
game needs a graphics adapter with hardware T&L (Transform and Lighting)
support. They say that while this could be handled by the processor, the game
will look for the graphics hardware support only, and quit if it doesn't find
it.
Juniper
The Juniper JUNOS Packet Forwarding Engine (PFE) has a memory leak with some IPv6 packets. An attacker may be able to use this knowledge to send many of these packets to the Juniper router and creating a denial of service attack by using up all the memory. For a fix, see https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search.
Linksys
Linksys says that their BEFSR41 Cable/DSL Router with 4-Port Switch has a bug that may cause it to send out BOOTP reply packets that contain sensistive information. They have new firmware for Version 3 of this router, which fixes the bug, and hope to have fixes for Version 1 and 2 real soon.
Linksys says that Microsoft's Windows XP WPA hotfix Q815485, which is supposed to control your wireless connections, may actually interfere with some Linksys wireless hardware. After installing the Microsoft hotfix, you may lose your wireless connection. Linksys says the first thing to do is check to see if there are new wireless card drivers from them at http://www.linksys.com/download. If not, you will need to remove the hotfix, which you can probably do from the Windows XP Control Panel's Add/Remove Programs applet.
Mandrake
Mandrakesoft has a new kernel package for the Linux kernel 2.4.26 and earlier. They say that a bug in the e1000 driver may allow local attacks via C programs that may crash memory. This update is for Mandrake Linux 9.1, 9.2, 10.0, Corporate Server 2.1, and Multinetwork Firewall 8.2.
Mandrakesoft has an updated kysmoops package for Mandrake Linux 9.x and 10.0. This fixes a security bug, found by Geoffrey Lee, that may allow a local attack through the /tmp directory.
Mandrakesoft has an updated Mailman package for Mandrake Linux 9.2 and 10. They've found out that versions of Mailman from 2.1 on up have a bug that may allow 3rd parties to get member passwords from the server.
Microsoft
In Microsoft Access 2003, when you try to preview or print
a report, you may get the error message
There was a problem retrieving printer information for the <PrinterName> on <PortName>.
The object may have been sent to a printer that is unavailable.
Assuming you have checked the obvious problems (the printer cable is connected
and the power is turned on) Microsoft lists some of the other problems that could
go wrong at http://support.microsoft.com/?kbid=825875.
These include corrupted regional settings, an uncaptured printer port, an invalid
network name, or bad printer driver. The Knowledge Base article above has some
troubleshooting steps you can take for each situation.
The Microsoft Baseline Security Analyser 1.2 has been updated so that it can check on the latest security vulnerabilities, including those announced by Microsoft in June. You can download the latest version at http://www.microsoft.com/technet/security/tools/mbsahome.mspx.
Microsoft's Security Bulletin MS04-007, about vulnerabilities in ASN.1, has been revised. Changes have been made to the removal instructions for Windows NT 4.0. You can read the updated bulletin at http://www.microsoft.com/technet/security/bulletin/MS04-007.mspx.
Microsoft's Security Bulletin MS04-011, the Sasser bug patch, has been updated. The change is to note that there is an updated Windows NT 4.0 workstation fix for the Pan Chinese languague version. (Not sure how many BugBlog readers use that.) You can read the updated bulletin at http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx.
Microsoft's update in the MS04-014 Security Bulletin, a fix for the Microsoft Jet Database engine, included some optional Jet error strings that weren't in the correct local language. Microsoft has fixed this, so if you notice error messages in the wrong language, you will want to get the update at http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx.
There are a number of news stories about a new bug surfacing
in patched versions of Microsoft Internet Explorer. This bug may make it easier
to engage in "phishing attacks", where a malicious web site can
make itself appear to be a trusted website, and lure you into giving passwords,
credit card numbers, or other sensitive data. The security research community
is discussing the newfound bug, and I'm sure there has been discussion on
the various "black-hat" sites and newsgroups, too. No official security
bulletin from Microsoft yet. You can read one story at
http://www.eweek.com/article2/0,1759,1611102,00.asp?kc=ewnws061404dtx1k0000599.
It's not just the BugBlog saying you should use Mozilla instead of Microsoft Internet Explorer. Now, US-CERT suggests you may want to use a different web browser, too. (They don't specify Mozilla.) As they say at http://www.kb.cert.org/vuls/id/323070, "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser." Of course, it won't give you total security (IE is deeply embedded in Windows systems) and some sites function correctly only with IE. (Microsoft has an excuse, of course, but what about all you other sites? You need to test for cross-browser compatibility.)
If Microsoft Internet Explorer 6 has been set up to use
the SAS Proxy Server, but a proxy server is not required in the current Internet
connection, you may see this error message while browsing:
You have tried to access a page that you are not
authorized to display and were stopped by the SAS Proxy.
As a fix, go to the Control Panel, Network and Internet Connections. Click the
Internet Connection icon. Go to the Connections tab and click LAN Settings. Uncheck
the Use a proxy server for your LAN option.
The Internet Storm Center (ISC) says that a new Trojan program may install itself via a pop-up ad on Microsoft Internet Explorer, and then aims to steal keystrokes used to log on to nearly 50 different Internet banking sites, including Citibank, Barclays Bank and Deutsche Bank. A news story about this is at ZD Net at http://zdnet.com.com/2100-1105_2-5251981.html, and the technical details are available from the ISC at http://isc.sans.org/presentations/banking_malware.pdf.
The attack that targeted Microsoft Internet Information Server and Microsoft Internet Explorer (blogged on 6/27) was being controlled by a server located in Russia. That site has been shut down, which ends the immediate threat. However, the underlying vulnerability that allowed this attack is still there. While it is difficult to avoid sites that use Microsoft server technology, you can be safer by switching from Microsoft Internet Explorer to Mozilla or Opera on Windows computers.
If Microsoft Internet Information Services (IIS) is running
under the Local System account, your browser (Wininet) proxy settings have
been manually configured, and you do not have the Web Proxy Auto-Discovery
(WPAD) configured, then you may have problems if you install the MS04-011
security patch on the computer. In particular, when you go to a Web site that
requires client certificates, you may see this error message
403.13 Client Certificate Revoked
As a fix, you will need to do some editing to your Proxycfg.exe file. See the
details for that at http://support.microsoft.com/?kbid=kb841641.
US-CERT says that Microsoft Internet Explorer has another security problem. In this case, it doesn't correctly check the security context of a redirected frame. This may allow an attacker to trick the browser into running a script with Local Machine Zone security, rather than in the Internet Zone security, leading to potential information theft problems. There is no patch yet from Microsoft. US-CERT says potential workaround include: Disable Active scripting and ActiveX; Apply the Outlook Email Security Update; Read and send email in plain text format; Do not follow unsolicited links; Use a different web browser. They also credit Rafel Ivgi and Jelmer for reporting and researching this problem.
I knew something interesting would happen while I was gone -- a number of web sites using Microsoft Internet Information Server 5.0 were infected with malicious code know as Download.Ject, or JS.Scob.Trojan, Scob, and JS.Toofeer. If you visit these infected sites while using Microsoft Internet Explorer, you may then be infected. The end users will have files called Kk32.dll and Surf.dat on their computers. You can prevent this by installing the patches from MS04-011. This should be done both by administrators running IIS web sites and people who browse with IE. Windows XP Service Pack 2 Release Candidate 2 also seems to fix it. You can also prevent this from happening by using Mozilla instead of Microsoft Internet Explorer. More details are at Microsoft at http://www.microsoft.com/security/incident/Download_Ject.mspx, Symantec at http://securityresponse.symantec.com/avcenter/venc/data/js.scob.trojan.html, and probably many other places around the Web.
A story on C Net reports how some customers have experienced
data loss of their saved files on Hotmail. Losing data is bad, of course,
but if you are going to store data on a free service run by Microsoft, it
better not be important data without a backup. If you look at the terms of
service for the free email services, you generally see that you are guaranteed
to get what you paid for. You can read the story at
http://news.com.com/Hotmail+incinerates+customer+files/2100-1038_3-5226090.html.
If you upgrade from Microsoft Outlook 2000 to Outlook 2003, but don't upgrade the rest of your Office applications, you will lose some functionality in Excel. If you click File, Sendto in Excel, you will see that all the commands are grayed out and unavailable. This is Microsoft's way of saying "You are cheap. You should have upgraded everything." Other than an upgrade, there does not seem to be a fix or workaround.
If you edit a Visual Basic for Applications (VBA) macro in Microsoft Outlook 2003, close the macro editor and lock your computer, you may have problems using the Macro editor again after you unlock the computer. While the editor will start, there may not be any menus or toolbars. There is no fix yet.
If you upload a large Microsoft PowerPoint 2003 presentation, that includes an embedded video, to Microsoft Office Live Meeting, you may crash the computer. The problem appears to be one of file size, although Microsoft doesn't specify how large the file needs to be before causing a crash. Workarounds all have to do with reducing file size, such as removing the video, splitting the PPT into two, or posting the video separately.
If you have both Microsoft Office 2000 and Office 2003 programs
on your computer, you may have problems with the older version. While things
will be fine the first time you open a Microsoft Office 2000 program, anytime
you start it after that you may see this error message
The Office Assistant could not be started. Please repair the Assistant by running
Office 2000 setup and selecting "Repair Office 2000".
This will happen if you start an Office 2003 program first, and that program
has the Office Assistant program active. Microsoft has an Office 2000 post-Service
Pack 3 Hotfix Package dated 5/13/2004 that fixes this. See http://support.microsoft.com/default.aspx?kbid=841530 to
get the update.
Microsoft says that users of Visual Studio .NET 2003, who use Microsoft Office Outlook 2003 with Business Contact Manager, or who use Microsoft Business Solutions Customer Relationship Management (CRM) 1.2, are vulnerable to a remote attack. As a result, files could be retrived and/or deleted. The number of vulnerable files depends on the security context of the Crystal Reports and Crystal Enterprise Web viewers, which is where the vulnerability is. It is important to note that this vulnerability is only present if Microsoft Internet Information Server is installed. (And that should happen only if this is a web server or it’s a computer where you do web development work.) You can get a patch, and more information, at http://www.microsoft.com/technet/security/bulletin/MS04-017.mspx.
A new Internet worm uses multiple ways of infiltrating Windows systems. The worm is called Explet.a by Symantec and Plexus by Kaspersky labs, can attack either through the Microsoft RPC DCOM bug ov via the LSASS bug. The former route was the way MSBlast did its damage, and the latter was the route that Sasser used. You can fall victim without opening mail attachments; the worm can find you. Symantec's information is at http://securityresponse.symantec.com/avcenter/venc/data/w32.explet.a@mm.html.
Microsoft says that if you hook up a USB compatible cell phone to a Windows 2000 computer, the connection may not be recognized by the USB Device Viewer utility (USBView.exe), or it may display the wrong information, such that the device is not connected when it really is. Microsoft has a hotfix for this, which will be in a future Windows 2000 Service pack. If you have a USB cell phone and use USBView.exe, you may want to contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 838771. Note that you may get charged for this call.
Microsoft says that the Office 2003 Setup program may remove some Registry subkeys. These subkeys control how Office 2003 documents appear as thumbnails inside Windows Explorer. If you are in Windows Explorer and choose thumbnail view, and only see blank squares with the Office 2003 icon, you may have been victimized. You can fix this by adding the subkeys back to the Registry. To see how to do this, plus read important Registry editing warnings, see http://support.microsoft.com/?kbid=838877.
If you apply any of the post-Microsoft SQL Server 2000 Service
Pack 3 (SP3) hotfixes, versions 8.00.0859 through 8.00.0875, you may get various
errors when processing some statements. These errors may say
ADO: Operation is not allowed when the object is
closed
or
ODBC: [Microsoft][ODBC SQL Server Driver]Invalid cursor state
Microsoft also says that you may also have problems with the Design Table feature
in SQL Enterprise Manager. They have a hotfix that should clear up the problems
created by the earlier hotfixes. This will be included in a future SQL Server
2000 service pack. If you need the fix right away, contact Microsoft Technical
Support and ask for the fix described in Knowledge Base article 831997. Note
that you may get charged for this call. You can also see more at http://support.microsoft.com/?kbid=831997.
Windows 2000 clients may have problems performing a DNS dynamic update. Microsoft says the problem happens when three conditions are true: the master DNS server is in a different DNS domain from the Active Directory directory service; The master DNS server is not hosting the zone of the domain that it belongs to; Recursion has been turned off for the master DNS server. Microsoft has a hotfix for this, which will be included in a future Windows 2000 service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 838151. Note that you may get charged for this call.
Microsoft's MS04-011 security patch has some compatibility problems with certain third-party applications on Windows 2000 computers. One application mentioned specifically is the Nortel Networks VPN client, but in general applications that load these drivers -- Ipsecw2k.sys, Imcide.sys, or Dlttape.sys --may cause big problems. These may include totally locking up the computer, having CPU usage spike to almost 100 percent, or an inability to log on to Windows. Microsoft has a hotfix to undo the damage done by the MS04-011 fix. It will be in a future service pack, but it you are having these problems you should contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 841382. Note that you may be charged for this call.
If you install the security update from MS04-011 (the fix for the Sasser worm) on a Windows NT 4.0/2000/XP computer, you may have problems viewing EMF (Enhanced MetaFile) images in Adobe Illustrator. According to Microsoft, the security patch enforces tougher security on metafiles. This tougher security is also present in Windows Server 2003 by default. There are hotfixes available for Windows 2000 and XP, which will be in future service packs for these products. If you use EMF files, and need these fixes right away, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 840997. Note that you may be charged for this call. If you use the other versions of Windows, you may want to check back at http://support.microsoft.com/?kbid=840997 for updated information.
If you have a Windows 2000 computer that is trying to connect
to a SMB/CIFS (Server Message Block/Common Internet File system)server that
is also running Windows 2000, and both computers have the Microsoft 04-011
fix applied, you may not be able to get a connection. Instead, you will see
this error message
The network name cannot be found
and this entry may show up in the System Event log
Event Type: Warning
Event Source: MRxSmb
Event Category: N/A
Event ID: 3034
Microsoft has a hotfix to fix the bug that came in with their security patch.
It will be in a future Windows 2000 service pack, but if you are having problems
with your SMB/CIFS connections, you may want to contact Microsoft Technical
Support and ask for the fix discussed in Knowledge Base article 841617. Note
that you may get charged for this call.
After installing the security fix from MS04-011, wen you
try to run a 16-bit MS-DOS program compiled with the Lahey Fortran compiler
in Windows 2000/XP/Server 2003, you may see this error message
Abnormal program termination: Stack fault
CS:EIP = 000Fh:00001373h
Microsoft has some workaround suggestions. See the details at http://support.microsoft.com/?kbid=843484.
After you install the fix in MS04-011, which is the fix for the Sasser worm, on a Windows 2000 computer, if you use either Hebrew or Arabic text the text will end up flowing from left to right. (The correct direction for both of those is right to left.) Microsoft has a hotfix for this, which will be in a future service pack. If you can't wait for the fix (in other words, you use Hebrew or Arabic) you may want to contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 841450. Note that you may get charged for this call.
Microsoft says that if you install the security fix from MS04-011, the fix for the Sasser worm, you may have problems getting Oracle database service startup processes to run automatically. Microsoft suggests either starting the services manually, or use the Windows Resource Kit utilities to automate the startup. See http://support.microsoft.com/?kbid=841180 for details.
After installing Microsoft's patch for the Sasser worm, MS04-011, on a Windows 2000 server, the Domain Controller may not be able to register these DNS entries: _GC, _KERBEROS, _KPASSWD. According to Microsoft, this may cause multiple problems for child domains. Microsoft has a hotfix to fix the problems caused by their earlier security fix. It will be in a future Windows 2000 service pack, but if you need it earlier contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base Article 841395. Note that you may get charged for this call.
After installing Microsoft's patch for the Sasser worm,
MS04-011, on a Windows 2000 computer that is running Services for Unix, you
may see this entry in the System Events log every ten minutes:
Type: Information
Event ID: 1036
Source: NfsSvr
Description:
Microsoft Server For NFS Activity Log
Operation: Mount
Result: Failure
Client: IP_Address
File Name: /sysvol/
This mounting activity will only work on a domain controller. Microsoft says
that MS04-011 undoes a hotfix that is described in Knowledge Base article 827684,
and they have released a new hotfix that should reverse the damage. It will
be in a future Windows 2000 service pack, but if you need the fix right away,
contact Microsoft Technical Support and ask for the hotfix described in Knowledge
Base article 842638. Note that you may get charged for this call.
Microsoft says that if the fix from the MS04-012 security update is applied to a Windows XP Service Pack 1 computer, 16-bit Component Object Model (COM) applications will lock up. The problem is in the way these programs share instances of Ntvdm.exe. (You can see details at http://support.microsoft.com/?kbid=841559.) Microsoft has a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for this, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 841559. Note that you may get charged for this call.
Microsoft says that after adding the MS04-011 security update to a Windows XP computer, there may be problems with programs that "impersonate users and act on their behalf" may have incompatibility problems. Whle this problem would affect end users, there may not be much that they can do about it. The Knowledge Base article at http://support.microsoft.com/?kbid=841086 talks about ways that software developers may have to change their use of certain relatively new Windows XP functions.
If Windows XP clients are having problems saving files to
an SMB share point on a Mac OS X 10.3 server, especially when using Adobe
or AutoCAD applications, you may need to do an edit to the OS X server configuration.
According to Apple, go to the [global] section of smb.conf and add this line
socket options = SO_RCVBUF=64240
Microsoft says that Windows NT computers may have their mice and keyboards quit working after either the MS04-011 security patch or the Windows NT 4.0 Security Rollup package installed. The problems occur if Microsoft IntelliPoint 2.0 has been installed on the computer. Since you are talking about a computer that won't respond to the keyboard or a mouse (and yelling loudly at the computer usually doesn't work) the fix is somewhat tedious, and depends on what file system is being used on the hard drive. Check out the fix at http://support.microsoft.com/?kbid=305462 for full details.
Microsoft says that if you are running Windows XP with Service Pack 1 installed, and then you install the MS04-012 security update, you may have problems running any applications that use the 16-bit Component Object Model (COM). These applications may crash. (Microsoft doesn't give specific examples of these applications, but as they are 16-bit, they are probably kind of old.) Microsoft has a hotfix to fix the problems caused by the MS04-012 hotfix, which will be in a future Windows XP service pack. If you use these 16-bit applications a lot, you may not want to wait for the fix. In that case, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 841559. Note that you may get charged for this call.
If you have installed the MS04-011 security patch on a Windows
XP Service Pack 1 computer, you may see this error message when using the
AT command:
The binding handle is invalid.
This error message may also pop up if programs use the NetSchedule API. Microsoft
has a hotfix for this, which will be in a future Windows XP service pack. If
you can't wait for the fix, contact Microsoft Technical Support and ask for
the fix described in Knowledge Base article 841173. Note that you may be charged
for this call.
Installing the Microsoft MS04-011 security patch on a multiprocessor
Windows NT 4.0 computer may trigger a blue screen of death with this error
message:
STOP: 0x00000079 (0x00000002 0x00000002 0x00000000
0x00000000)
This happens if the single processor kernel file, Ntoskrnl.exe, was installed
by the update instead of the multiprocessor kernel, Ntkrnlmp.exe. How could
this mixup happen? Microsoft suggests that it is your fault, if you had manually
updated the Windows NT 4.0 installation to a multiprocessor kernel without
updating the Setup.log file. In any event, there is detailed workaround information
at http://support.microsoft.com/?kbid=841384.
Microsoft says that if a laptop computer running Windows XP has installed audio/video streaming devices that use USB connectors, these devices may not wake up correctly after standby. Microsoft says that a fix for this should be in the upcoming Windows XP Service Pack 2.
If you remove a CardBus Compact Flash (CF) adapter from
a Windows 2000/XP/Server 2003 computer, after performing a file transfer or
editing a file on the Compact Flash card, the computer may get a Blue Screen
of Death with this error message:
STOP: 0x0000007E (0xAAAAAAAA, 0xBBBBBBBB, 0xCCCCCCCC,
0xDDDDDDDD)
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
The hex numbers in parenthesis may differ. Microsoft does not yet have a fix
or workaround.
If you are trying to use Protected Extensible Authentication Protocol (EAP) along with Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP) version 2 on a wireless network, you may have a one to two minute delay when trying to log on using a Windows XP computer. Microsoft says the two techniques may drastically slow down authentication. They have a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 822725. Note that you may get charged for this call.
If you have installed the Microsoft 329909 hotfix for IEEE
1394 devices (Firewire devices, if you want to speak in marketing lingo rather
than computer geek lingo), even if you do a Safely Remove Hardware procedure
for the device, it may not be detected after you wake your system from hibernation
or standby. Even worse, you may get this Blue Screen of Death
STOP: 0x0000008E (0xC00000005, 0x804EF844, 0xF89463FC,0x00000000)
when you put the Windows XP computer into hibernation. Well, since this first
hotfix didn't work, Microsoft has a new one, which will be included in a future
Windows XP service pack. If you need the fix right away, contact Microsoft Technical
Support and ask for the hotfix described in Knowledge Base article 813818. Note
that you may get charged for this call.
Some Microsoft programs have an incompatibility with Compatibility
mode. The problem is with Age of Mythology, Age of Mythology: The Titans,
Encarta Reference Library 2003 1.0, Encarta Reference Library 2004 DVD-ROM,
Flight Simulator 2002, Flight Simulator 2004 – A Century of Flight,
Rise of Nations and Rise of Nations: Thrones and Patriots. The compatibility
mode for these programs won't work in Windows 2000 and XP. If the shortcut
is set for compatibility mode, when you click to start, the application will
crash with a message similar to
appnameappver aclayers.dll modver 00012901.
You will need to right click the shortcut, select Properties, go to the Compatibility
tab, and clear the option that says to run in compatibility mode.
When you try to defragment a NTFS hard drive on a Windows
2000 computer, you may see this error message
Disk defragmenter could not initialize
Microsoft says this will usually only occur on highly fragmented NTFS volumes
when there is more than one Virtual Cluster Number (VCN) for the NTFS drive.
This causes the bitmap for the master file table to be bigger than its allocated
size. Microsoft has a hotfix, which will be in a future service pack. If you
have a highly fragmented drive, you may want to contact Microsoft Technical Support
and ask for the hotfix described in Knowledge Base article 817465. Note that
you may get charged for this call.
If a Windows 2000 computer is running Internet Information Server 5.0, and it has SSL (Secure Socket Layer) enabled, the Lsass.exe process may suck up too much CPU time. The problem happens if the IIS 5.0 website is set up for certificate mapping, and a client makes a request that calls for authentication. For now, Microsoft has no fix or workaround.
If you have a Windows 2000 server, and over sixty percent
of the server users have disconnected from the server, you may have the server
crash with a blue screen of death, with this error message
STOP: 0x0000001E (0xC0000005, 0xBEBCE80E, 0x00000001,
0x0000000C)
KMODE EXCEPTION NOT HANDLED SFMSRV.SYS.
Microsoft has a hotfix for this, which will be in a future Windows 2000 service
pack. If you need it right away, contact Microsoft Technical Support and ask
for the fix described in Knowledge Base article 835465. Note that you may get
charged for this call.
If for some reason a service pack is not completely installed
on Windows XP, the computer may still run but Microsoft Task Manager may crash.
If you look at the error report, you will see this
taskmgr.exe 5.1.2600.1106 ntdll.dll 5.1.2600.1217
00000342
Microsoft says you will need to either reinstall the old service pack, or install
a newer one, to fix this.
Microsoft's DirectPlay, a technology that allows game play across different types of networks, has a security bug that may allow an attacker to launch a denial of service attack. This affects Windows 98/ME/2000/XP/Server 2003. Since your important, work-related data should be all saved and closed before you start goofing off playing games, this shouldn't be a big threat. If you play games over a network, you probably want to get the fix. The different versions of Windows all have patches linked from http://www.microsoft.com/technet/security/bulletin/ms04-016.mspx.
Microsoft says that if you add two or more routing filters to a network adapter on a Windows XP computer, you may cause Netsh.exe to lock up, with an access violation error message. They have a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 843048. Note that you may get charged for this call.
While it may be physically possible to connect a Firewire (IEEE 1394) disk drive to two Windows XP computers, Windows XP may not like it. If you go to Windows Explorer, you may see a red question mark over the drive's icon. Microsoft says that only the last computer to detect that drive will be able to access it. There is no workaround. Microsoft only suggests unplugging one of the computers from the drive. (There are other ways of cobbling together a cheap network, but this doesn't seem to be it.)
If your Windows XP computer sometimes locks up after logging
on, when the message "Applying local settings" is displayed, you
may need to check the Dr. Watson log file for an error message something like
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Description: The messenger service failed to start due to the following error:
The pipe state is invalid.
(To be able to check this, you may need to log on in safe mode.) Microsoft has
a hotfix for this, which will be in a future Windows XP service pack. If you
can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix
described in Knowledge Base article 823830. Not that you may get charged for
this call.
If you have Microsoft Windows XP Hotfix Q328310 installed on a computer, and then you try to install the Creative Sound Blaster Audigy 2 Update, your computer may freeze. According to Creative, you will have to uninstall this hotfix, which you can probably do via the Control Panel's Add/Remove Programs applet. After you install the Audigy update, you can reinstall the hotfix. You may need to download it again from http://support.microsoft.com/default.aspx?scid=kb;en-us;328310.
After installing Microsoft Windows XP Service Pack 1, you may find that the F10 key may no longer work as a shortcut to the menu bar in the active program windows. (The menu itself works if you get there via mouse.) Microsoft has a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 819024. Not that you may get charged for this call.
If your Windows XP computer will suddenly only play DVD movies full-screen in only one color, the problem may be another program interfering with the DVD player. Look for a semi-transparent program window in the upper left part of your Windows XP desktop -- one program that may do this is the Input Method Editor input bar. Either close this program, or move it from the upper left corner.
If a Microsoft Word document has paragraph styles with extended characters in the name, the extended characters will turn up missing if you import the document into Adobe InDesign 3.0. The data will still be there, but the style names will be missing the characters. Adobe says this has been fixed in InDesign CS 3.0.1.
Mozilla
If you are using Mozilla 1.7 on a Fedora Core 2 computer, you may be getting long delays in resolving hostnames. The problem is that IPv6 is turned on by default in Fedora Core 2, and it slows things down. According to Mozilla, most users probably don't need this, and say you should turn it off in the kernel.
If you are running Mozilla 1.7 on a Windows computer, and keep it minimized for several hours, you may have a real long delay when you finally restore the browser. Mozilla says you can work around this by setting config.trim_on_minimize preference to false.
Mozilla 1.7 fixes a bug that was causing problems with CSS (Cascading Style Sheets) backgrounds in table elements. It also adds support for the CSS 3 opacity property. Mozilla.org aslo says that dyanmic style changes are handled better in this verson.
Restoring a certificate to a smart card in Mozilla takes a long time (no exact definition of "long" by Mozilla.org) because smart cards are somewhat slow. Mozilla.org says that there is no feedback given during the restoration, so that it may seem that nothing happened.
Mozilla 1.7 for the Mac OS X now has IPv6 support turned off by default. Mozilla.org says this is because on the Mac there is no way to disable IPv6 DNS lookups. If there are broken DNS servers or home routers, this could then lead to severe slowdowns if IPv6 is on. While it's off by default, you can turn it on by setting the pref network.dns.disableIPv6 to false.
Novell
Some functions of the Novell GroupWise 6.5 Windows client are not available on the GroupWise Cross-Platform client. Things you will have to do without, according to Novell, include: Spell checking; Rules; Categories; Viewers for attachments; Remote mode to support modem connections; S/MIME (encryption and digital signatures); Document management. They say that they may get added in future releases.
If you have the Novell GroupWise 6.5 Support Pack 2 Cross-Platform client installed on a Macintosh, and you also have Microsoft Office or Internet Explorer installed on the Mac, you may not have new messages displayed in bold in the mailbox. According to Novell, you will need to disable user fonts, or update your Java Virtual Machine to JVM 1.4.2 Update 1 or later, to bring back the bold.
If the Novell GroupWise 6.5 Support Pack 2 Cross-Platform
client is installed on a Red Hat Enterprise Linux 3 or Red Hat Advanced Server
3, you may see error messages similar to
floating point exception.
To fix this, Novell says to give this command before you start the POA or MTA:
export LD_ASSUME_KERNEL=2.4.0
If you are using the NFS Gateway for Novell NetWare 6.5, you may be having problems getting the JVM (Java Virtual Machine) 1.4.2 to handle lengthy commands correctly. Novell has released an updated JSOCK that should fix this. Get jsocknfs.exe at http://support.novell.com/servlet/tidfinder/2969105.
Novell has an update for LOGINW32.DLL for the Novell Client 4.9 Post-SP 1. This fixes a bug that prevented the eDir Admin user from unlocking workstations that are using smart cards. This update is in a bundle of other client patches that you can find at http://support.novell.com/servlet/tidfinder/2968980.
Novell says that on Netware 6.5 SP1a servers, the CIFS server (Common Internet File System) may not like password that have the "&" and "§" characters in them. The CIFS server may also not re-register WINS information. Novell has an update to fix this. Get the file 65cifs1b.exe at http://support.novell.com/servlet/tidfinder/2968989.
Novell says that you may have problems if you try to run
their ConsoleOne 1.3.6 on their newly acquired Novell SuSE Linux 9.1. The
problem is that the Java runtime engine JRE 1.4.0 that comes with ConsoleOne
is not compatible with the newer Linux kernels, including the one in 9.1.
Because of this incompatibility, you may see this error message
JVMDG217: Dump Handler is Processing a Signal - Please
Wait. /usr/ConsoleOne/bin/ConsoleOne: line 95: 3927 Segmentation fault.
As a workaround, don't install the JRE package when you install ConsoleOne. Too
late? If you already installed JRE, remove it. Novell says that ConsoleOne will
then try to substitute another JRE that is provided by the system.
If you have upgraded from SUSE Linux OpenExchange Server
4.0 to 4.1, you may either be getting LDAP errors, and you may also not be
getting email delivery. This error message may also pop up
Connection to LDAP server failed.
Novell says that after you do the upgrade, you need to run the script at /usr/share/doc/packages/impaweb32/tools/update40.sh
-a
that will fix these issues. You may also want to read more about this at
http://support.novell.com/servlet/tidfinder/10093158.
Novell has "refreshed" (guess that's a synonym for "fixed") their Security Update 4 for eDirectory for the Netware, Windows, Linux, and Unix platforms. It needed refreshed because the Netware script was preventing installation on Netware 6.0 Support Pack 4 or NetWare 5.1 Support Pack 7 servers.
Opera
GreyMagic Software has discovered a flaw in the Opera web
browser which may allow a "phishing" expedition. (Phishing is when
you trick someone to go to a fake web site and surrender important information,
like credit card numbers.) Opera 7.5 allows very wide shortcut icons, and
a site can construct a very wide icon with text that makes it look like a
URL. Opera released an updated Opera 7.51 that fixes this. Read the full details
at
http://security.greymagic.com/security/advisories/gm007-op/.
Oracle
Oracle says there is a bug in their Ebusiness Suite Release
11i, 11.5.1 through 11.5.8, and in their Oracle Applications 11.0, All Releases.
This bug may let an attacker, who Oracle says would need to be "knowledgeable
and malicious", run unauthorized procedures on the SQL database. You
can find patch information at
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id
=NOT&p _id=274375.1
Real Networks
NGSSoftware says that a bug in RealNetworks RealOne Player 2, RealPlayer 10 and RealPlayer Enterprise may allow malicious users to run their own code on your computer. If you carefully construct one of Real's media files (.RA, .RM, .RV or .RMJ) you can cause heap corruption that will allow the rogue code to be executed. If you use these products, check out http://service.real.com/help/faq/security/040610_player/EN/ for fix information. You can read the original security bulletin at http://www.nextgenss.com/advisories/realra.txt.
Red Hat
Red Hat has updated libpng packages for Red Hat Enterprise Linux 3. These fix a security threat that may allow an attacker to use a specially constructed PNG (Portable Network Graphics) file to crash a computer and possibly execute their own code. Get the update at https://rhn.redhat.com/errata/RHSA-2004-249.html.
Red Hat says that because of some bugs in ISAKMP parsing, they have upgraded packages for tcpdump, libpcap, and arpwatch in the Red Hat Enterprise Server 2.1 and 3 and the Red Hat Desktop 3. These upgrades patch security holes opened up by the bugs. Get the updates at https://rhn.redhat.com/errata/RHSA-2004-219.html.
Red Hat says that a previous update to kernel-utils for Red Hat Enterprise Linux 3 and the Red Hat Desktop 3 left out the dmidecode for IA64. A new package, with the missing code replaced, is at https://rhn.redhat.com/errata/RHBA-2004-231.html.
Sun Microsystems
Sun Microsystems says that Solaris 9 running on both SPARC
and Intel platforms, with patch 112908-12 or 115168-03 installed, may have
a problem with kerberos clients. Passwords will be logged in as clear text,
so that any local user who can see the log files will be able to learn other
user's passwords. Sun has fix information at
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587.
Sun Microsystems says that Solaris 7,8, and 9, on both SPARC and Intel hardware, has a hole in the Basic Security Module, or BSM. This bug may allow a local unprivileged user to panic a Solaris system and cause a denial of service attack. Patch information to fix this is at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57497.
Symantec
Symantec has upgraded the number of flaws that their Vulnerability Assessment 1.0 searches for. The new list includes an Apache buffer overflow, the Opera Web Browser Address Bar Spoofing, and a large number of new vulnerabilities in Microsoft Internet Explorer and Outlook Express.
Wild Tanget
NGSSoftware says that the WildTangent Web driver 4.0 has
a number of potential buffer overruns that may allow a remote attacker to
run their own code on the server running WildTangent. This has been fixed
in WebDriver 4.1, which you can download at
http://www.wildtangent.com/default.asp?pageID=webdriver_download
Zone Labs
Zone Labs has come out with ZoneAlarm Pro 5.0.590.043. This version fixes incompatibilities with Norton Antivirus email scanning, and also fixes an incompatibility with the McAfee Security Center. Problems that were causing timeouts in SSH were also fixed, along with what they term "routine maintenance items" and "system stability issues." They don't mention whether they fixed the problems with local machine web hosting that was causing incompatibilities with web designers using Macromedia ColdFusion or Microsoft ASP.
The 5/15 BugBlog noted a problem that Zone Labs ZoneAlarm Pro 5 caused when upgrading Macromedia ColdFusion. The problem appears to be bigger. Many web developers use a testing web server on their local computers - to test pages, especially dynamic pages, before posting them to the public. ZoneAlarm Pro 5 seems to cause massive interference with this procedure, both with Macromedia ColdFusion users (like the BugBlog) and also people using Microsoft Internet Information Server/ASP. The Zone Labs user forums have messages from many different users who are having problems connecting to the local host, or 127.0.0.1. If you are a web developer, don't upgrade to ZoneAlarm 5. The exact same installation/configuration that doesn't work on a compute with ZA 5, works perfectly with ZA 4.5.
The ZoneAlarm 5 incompatibility with running local web servers has been confirmed by Zone Labs technical support. They advise moving back to ZoneAlarm 4.5