 |
|
|
|
 |
 |
|
|
 |
|
||
 |
|
||
 |
|
||
 |
 |
|
|
 |
|
||
BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company
Jump to the BugBlog archives (October 03 and earlier are public archives)
Dec 06Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02
*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.
Subscription portion of the BugBlog. The first bug of the day listed is always the free bug available to non-subscribers, followed by the subscription-only bugs.
7/30/2004 Extra -- Critical Patch for Internet Explorer
Microsoft has released a critical update for Microsoft Internet Explorer, running on Windows NT/2000/XP/Server 2003. Released on a Friday afternoon, instead of their normal Second Tuesday of the month, probably means there's some nasty exploits fixed in this cumulative update. They do say, however, that while this is a cumulative update that replaces MS04-004, it does not include any of the hotfixes released since MS04-004, which was originally released in February. Install the new patch, and you remove all those hotfixes. Because of that, they also have an update rollup at http://support.microsoft.com/?kbid=871260 that includes the hotfixes, plus all these new fixes. I'm sure Microsoft has a reason to approach this in such a complicated way. (Like maybe they secretly want us to all switch to Mozilla, so they won't have to support IE any more!) In any event, full information is at http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx.
7/30/2004 Windows XP and IMAPI CDs
Microsoft says that some third-party Image Mastering API (IMAPI) CD-burning software may create CDs or DVDs that Windows XP has trouble reading. Although the disks have data, when you insert them into the drive Windows XP treats them like a blank disk. Judging by the keywords in the Microsoft Knowledge Base, this is one of the bugs that will be fixed in Windows XP Service Pack 2. (Since SP2 is still pre-release, things may change at the last moment.)
7/29/2004 Two More Certificate Bugs in Mozilla
Mozilla.org says there are two more bugs in the way that Mozilla and Firefox handle security certificates. One bug spoofs the way the lock icon appears in the browser's status bar. This could make it appear that you are dealing with a secure site, when you really aren't. Thus it can be a tool in a "phishing" exploit. (However, there could be other clues that could tip you off that something is wrong - such as the URL showing the actual malicious site.) The second bug could be used to cause error messages any time you go to a secure site, but could not be used in a "phishing" expedition. Mozilla.org has developed fixes, but haven't yet decided how to distribute them. You can follow along with the developer's discussion on fixing this at http://bugzilla.mozilla.org/show_bug.cgi?id=253121.
Apple says that iDVD 4 will only be able to burn DVD-R disks. It doesn't support DVD+R, DVD+RW, DVD-RW, and DVD-RAM discs. (Neither did earlier versions of iDVD.)
ISS (Internet Security Systems) found a bug in the CheckPoint VPN-1 Server. They say that an attacker can trigger a buffer overflow in the ASN.1 decoding library, which will allow them to inject their own code, or in the words of CheckPoint "this compromise could allow further network compromise." You can get a patch for this bug at http://www.checkpoint.com/techsupport/alerts/asn1.html.
IBM has an iFix for WebSphere Portals for Multiplatforms 5.0 and 5.02. This iFix actually takes care of a number of bugs, including with db2restart, problems with lookasides, and NullPointerExceptions. Get the fix at http://www-1.ibm.com/support/docview.wss?uid=swg24007523&rs=260.
Macromedia says that if you save a .fla file from the Macintosh version of Flash 7.0.1, and there were swapped characters in that file, the swap will be reversed if you open the .fla file in Flash 7.2.
Microsoft says that Windows Server 2003 Service Pack 1 will be coming out in 2005. It had been expected in 2004, but just like other Microsoft releases (Windows XP Service Pack 2 and Longhorn both come to mind) it is being delayed. Hey, maybe they are just waiting till they get everything right…
NVIDIA's ForceWare 61.77 driver adds compatibility with Microsoft DirectX 9.0c.
If you are playing Sierra's Ultra:Homeworld2 on a Windows XP computer with a NVIDIA GeForce FX 5959 graphics card and their 61.77 or earlier driver, you may end up with slow performance if you use antialiasing. NVIDIA says this is due to a bug in the game. You can get a fix for this at ftp://ftp.sierra.com/pub/sierra/homeworld2/ updates/homeworld2_update_en_10_11.exe .
If you play Maxis SimCity 4 on a Windows XP computer with a NVIDIA GeForce FX 5950 graphics card, you may get smearing on the screen if you turn on 2xQ antialiasing. NVIDIA says they have fixed this in the ForceWare 61.77 driver.
7/28/2004 Update Flash to Get Updated Help
Macromedia says that all further updates to the Help system in Flash will be in the new Flash 7.2. If you don't upgrade from Flash MX 2004 or Flash MX Professional, you won't be able to get any Help updates.
Apple points out that if you are using your iPod for Windows, not all FireWire connections on Windows computers are powered. This means you iPod won't charge up when its connected to your computer. One way to tell -- if the FireWire port on your computer only takes a four-pin cable, it isn't powered. You will need to use the Apple iPod Power Adapter for a charge.
The number of new infections of the MyDoom virus (blogged on 7/27) have tailed off. However, it appears that many of the computers that were infected have launched, under instructions from the virus writers, denial-of-service attacks against Microsoft web sites. If you are getting a slow response from microsoft.com, this may be why.
The 7.2 update fixes a backward-compatibility problem for Macromedia Flash MX 2004 and MX Professional 2004. Before, if you pasted Flash MX 2004 content into a Flash MX file, you might crash Flash.
If you are updating Macromedia Flash MX 2004 to version 7.2 on a Macintosh computer that has multiple Ethernet ports, you may get prompted to re-activate Flash MX 2004.
If you are going to send a Flash document via email, Macromedia says that you should save it first. If you don't, it may get sent out with the wrong file extension.
Macromedia says that if you try to run an English version of Flash MX 2004 on a Windows computer set to languages such as Italian, French, German or Spanish, after updating to Flash 7.2 you may end up with duplicate sets of folders for Local Settings and Application Data, one set in English and the other in the other language. To avoid this, Macromedia says to completely uninstall the existing Flash application, including a manual deletion of the duplicated folders. After that, run the new version 7.2 installer.
You will only be able to install Macromedia Flash MX 2004, or the Flash 7.2 updater, on a Windows 2000/XP computer if you have an Administrator account. An Administrator should also be the one to activate the product, so that it is activated for all users of that computer.
If you install Windows XP Service Pack 2, you may not be able to print or do a print preview of a Web page that has an ActiveX object. The new Local Machine Zone Lockdown will block the print functions. To loosen the security, you will need to do a Registry edit. Since this feature is still not officially released, you may want to hold off on that until the final documentation comes out.
When upgrading from a Windows 2000 computer on a network to a Windows XP computer, you may notice that some network resources are slower than before. Microsoft says this is because the Windows XP Server Message Block (SMB) redirector component does not cache path information from long file names. This means that the Windows XP computer has to send out two SMB packets in places where a Windows 2000 computer only needs to send one. A workaround is to try to use the old 8.3 naming format, like the old DOS days. Microsoft also has a hotfix, which will be in a future service pack. If you can't wait for this fix, you can contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 834350. Note that you may get charged for this call.
If you Windows XP computer is set up for Fast User Switching, there's a chance it may crash when the computer begins the hibernation process. Microsoft says they have a hotfix for this, which will be in a future service pack. If you can't wait for the fix, then contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 834202. Note that you may get charged for this call.
Microsoft says the if you use the Multilingual User Interface Pack for Windows XP, you should still download the English language version of Service Pack 2 (SP 2). However, this will install an upgrade to Windows Media Player, which will be in English. You will then need to get the Windows Media Player 9 Series MUI Pack from the Microsoft Download Center. Note that this is for the pre-release version of Windows XP SP2.
If you have installed Windows XP Service Pack 2, and you use MSN 9.0, you will need to upgrade to MSN 9.00.0011.1200. If you don't, you may have problems with your Favorites, Composing E-mail, and Adding a Member.
Novell has released iChain 2.2 Support Pack 3 version 2.2.126. This update fixes a memory leak in ACLCHECK.NLM, plus takes care of bugs that were causing abends in LOCNLM32.NLM and PROXY.NLM. Get the update in ic22sp3.exe at http://support.novell.com/servlet/tidfinder/2969313.
Sun Microsystems says there is a bug in the way the Solaris Volume Manager handles malformed probe requests. A local user may be able to take advantage of this to launch denial of service attacks against a Solaris 9 system. There are patches for Solaris 9 for both SPARC and Intel hardware at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57598.
7/27/2004 MyDoom Hits Search Engines and Email
The MyDoom mass-mailing worm has come back in a big way. The latest variation will send emails to any addresses found on an infected computer. (Here at the BugBlog, four incoming infected emails were intercepted by Norton AntiVirus yesterday.) It also manages to tie up search engines such as Google, Yahoo, Lycos, and AltaVista with queries. If you are already infected, you can get a removal tool from Symantec at http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.m@mm.html, or from McAfee at http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=127033. Needless to say, make sure your AV signatures are up-to-date.
If you have an Apple Mac OS X 10.2.2 computer, a number of Hewlett Packard printers may slow down your system once they are installed. The longer they are connected, the worse the problem becomes, sometimes resulting in a kernel panic. The printers are the HP Photosmart, HP PSC (printer/scanner/copier) software, and the Officejet D or G Series All-in-One. You can fix this problem by upgrading to Mac OS X 10.2.3 or later.
If you install Windows XP Service Pack 2 Release Candidate 2, it will disable any Hewlett Packard LaserJet 8150 printers attached to this system. Microsoft says you will need to reinstall the printer driver after installing the service pack. (This refers to the Release Candidate, and the bug may not be present in the final version of SP2.)
Microsoft says that if you have a stand-alone Distributed
File System (DFS) root on a Windows Server 2003 computer, you may not
be able to open it as a Web folder. Try it, and you will get the error
message:
Internet Explorer cannot open the webfolder, would you like the default
view instead?
Microsoft has a hotfix for this problem, which they will include in a
future service pack. If you can't wait for your fix, contact Microsoft
Technical Support and ask for the hotfix described in Knowledge Base
article 842130. Note that you may get charged for this call.
Microsoft says there is an incompatibility between Windows Server 2003 and Executive Software Diskeeper Administrator Edition. If you try to use Diskeeper, you may get an access violation in Lsass.exe. Microsoft says this will happen if the computer is configured to audit logon events. Microsoft has a hotfix for this problem, which they will include in a future service pack. If you can't wait for your fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 838971. Note that you may get charged for this call.
Novell has a Post-SP3 Update A for the Novell Client 4.83. This update fixes a bug in LOGINW32.DLL that would sometimes prevent Windows Explorer from loading. Get the update in 483psp3_pka.exe at http://support.novell.com/servlet/tidfinder/2969354.
Novell notes that their Client 4.83 for Windows NT/2000/XP is a "mature" product, and they will stop supporting it on 11/30/2004. If you are still using it, starting thinking about an upgrade to Novell Client 4.9.
7/26/2004 ClearType Gets Blurry
While Microsoft ClearType for Microsoft Word 2003 Reading Layout mode is supposed to give you a better display of text on LCD monitors, it may also give you a more blurry view on some CRT monitors. (Microsoft doesn't specify which types, but I would guess they are the older ones.) If it seems to be giving you a blurry display, you can turn it off. However, you need to do that via a Registry edit, there is no simple Word Preference that can turn it on or off. To see how, go to http://support.microsoft.com/?kbid=822509.
Mandrakesoft says there is a bug in SWAT, the Samba Web Administration Tool, that ships with Mandrake Linux 9.1, 9.2, 10.0, and Corporate Server 2.1. In version 3.02 and later there is a buffer overrun that may allow remote attacks via SWAT, the ldapsam passdb backend, and winbindd. This has been fixed in Samba 3.0.5.
Microsoft says that when you use the Windows Small
Business Server (SBS) 2003 Active Directory Users and Computers snap-in,
you may get an error message when going to the Dial-in tab. The error
message will be similar to
Dial-in page error.
Could not load the Dial-in profile for this user because: Access is denied.
According to Microsoft, the problem is because the Local Service account
doesn't have the correct Registry permissions. See http://support.microsoft.com/?kbid=842695 for information on how to edit the Registry to fix this.
In Microsoft Outlook 2003, if you set up a shortcut
in your Favorites folder to go to a form in a public folder, you may
end up with trouble. They say every time the form loads, it is treated
as a new instance of the form, instead of the same form, and it will
take up even more space in the cache. It may also cause this error message
to be displayed
The object could not be found.
Also, Outlook may crash if it opens multiple items in the folder. Microsoft
says the solution is avoidance. Don't use the Favorites folder to go
to a public folder. Go to Outlook's navigation pane and use the Folder
Options list instead.
Red Hat has an updated Samba package to fix the buffer overflows in the Samba Web Administration Tool (SWAT) 3.0.2 through 3.0.4This buffer overflow may be exploited by a remote attacker. This updated package also fixes a bug that was preventing users from changing passwords if they had applied Microsoft's KB 828741 patch. The new package is Samba 3.0.5 and you can get it at https://rhn.redhat.com/errata/RHSA-2004-259.html for Red Hat Enterprise Linux 3.
Sun Microsystems says that there is a security hole in the Sun Java System Portal Server Software 6.2. The problem is in the Calendar Server, and happens if Admin Proxy Authentication is turned on and Calendar access is made using the "Portal" communication channel instead of the "Unified Web Client" or the "Calendar Web Client". This is fixed on SPARC hardware with un Java System Portal Server Software 6.2 with patch 116856-10 or later, and on Intel with Sun Java System Portal Server Software 6.2 with patch 117757-09 or later.
7/24/2004 Change Tracking Gets Lost in Word 2003
If you are using the Track Changes feature in Microsoft Word 2003, and you turned it on by using the Tools, Protect document command, it may turn off if you use another Word 2003 feature. Microsoft says that clicking Insert voice on the Reviewing toolbar, and then inserting a voice command, may turn off Track Changes. The only workaround may be to go back and turn Track Changes off, and then turn it back on. For details, see http://support.microsoft.com/?kbid=820588.
Apple has a firmware update for their AirPort Dual Ethernet. The 4.0.9 update "improves reliability" although Apple doesn't specify in what way. You can get it at http://www.apple.com/support/downloads/airportdualethernetupdate.html.
If an Apple AirPort Express is added in client mode to a network, but instead of connecting just flashes its amber status light, the problem may be that the network is protected via an Access Control List (ACL). You will need to add the MAC address labeled "AirPort ID" to the ACL on the base station. This is done using the AirPort Admin Utility, and may need to be done by the network administrator.
Do not use Windows Compatibility Mode to set up Microsoft
Office 2003 to run under Windows 98 / Windows Me compatibility. According
to Microsoft, this configuration isn't supported, and may trigger one
of a number of error messages that may look like
Winword.exe 11.0.5604.0 Mso.dll 11.0.5606.0 00059890
Outlook.exe 11.0.5510.0 Mso.dll 11.0.5606.0 00059890
Excel.exe 11.0.5612.0 Mso.dll 11.0.5606.0 00059890
If you want to run Office 2003, you need Windows 2000/XP.
C Net is running a story saying that Nokia has finally
fixed a security flaw in their Bluetooth enabled cell phones. This fix
is for the flaw described as "blusnarfing" in which an attacker
may be able to read, modify, or copy information from the address books
or calendars on these phones. Nokia said in a statement that they have
fixes for the Nokia 6230, 6650, 6810, 6820 and 7200 phones, although
the statement didn't say where the fix was. You can read the story at
http://news.com.com/2100-1002_3-5279854.html?tag=cd.top.
Sun Microsystems says that a sample applications that shipped with the Sun Java System Web Server 6.1 (which they used to call Sun ONE Web Server 6.1) may be used as a way to launch a cross-site script attack. Sun says this has been fixed in the un Java System Web Server 6.1 Service Pack 2 and later.
7/23/2004 Don't Mix and Match iPod Software, Hardware
Not all iPod software goes with all iPod hardware. According to Apple the iPod software 3.0, released on 7/15/2004, is for iPods that have a Click Wheel. However, iPod 3.0 software won't work with the original scroll wheel iPod, the touch wheel iPods, or the iPod mini. And you shouldn't mix the older iPod 1.1 or 2.2 software with the Click Wheel iPods.
7/22/2004 Cisco ONS Edge Optical Transport Platform Loses Its Edge
Cisco says that their Cisco ONS 15327 Edge Optical
Transport Platform, the Cisco ONS 15454 Optical Transport Platform, the
Cisco ONS 15454 SDH Multiplexer Platform, and the Cisco ONS 15600 Multiservice
Switching Platform are all susceptible to maliciously designed IP packets.
Receiving these packets may cause the control cards to reset, which could
be used to mount a denial of service attacks. Cisco does point out that
these components are often isolated from the Internet, which lessens
their vulnerability. However, fixed versions of the software and workaround
information are all available at
http://www.cisco.com/warp/public/707/cisco-sa-20040721-ons.shtml
7/21/2004 A Bugfix Release for OpenOffice
OpenOffice 1.1.2 is available for downloading for free, or course, from the OpenOffice.org website. The final release is identical to the 1.1.2 Release Candidate 3. An extensive list of the bugs fixed in this release is at http://download.openoffice.org/1.1.2/release_notes_1.1.2.html. In most cases, the fixes are minor or limited to a particular platform.
Intel says that if you have a Windows 98/ME/2000/XP computer that uses an Intel 82852/82855 Graphics Controller, you will probably not be able to play URU Ages Beyond Myst. Intel says they have been told by URU they don't support the Intel graphics controller. At this point, there's no workaround.
Microsoft says that if you either install or remove
the Live Meeting add-in for Microsoft Outlook, Symantec Norton AntiVirus
may get suspicious and trigger this alarm:
Alert: Malicious Script Detected; Object: Windows Script Host Sheet (or
Shell) Object; Activity: Regwrite (or RegDelete); Your Computer is stopped
and must do something; File: MsiExec.exe
According to Microsoft, this happens because the add-in is modifying
the Registry. They advise you to modify the Norton AntiVirus configuration
before and after dealing with this add-in. For details on how to do this,
see http://support.microsoft.com/?kbid=871026.
According to Microsoft, there are incompatibility problems
between Windows XP Service Pack 2 and McAfee Virusscan Professional 6.
If you install the McAfee product onto a XP SP 2 computer, you may get
this error message:
Webscanx.exe has encountered a problem and needs to close.
This bug is with the pre-release version of XP 2. Microsoft says to look
to McAfee for an update.
Microsoft says there are incompatibilties between Windows
XP SP2 and NetZero. If you try starting NetZero on a computer where you
have upgraded to the XP service pack, you may see this error message:
NetZero has encountered a problem and needs to close. We are sorry for
the inconvenience.
This bug is with the pre-release version of XP 2. Microsoft says to look
to NetZero for an update at http://www.netzero.net.
Microsoft says that once you install one of their Systems Management Server 2003 Advanced Client hotfixes, you may have problems either installing future hotfixes, or you may at least get conflicting error messages over whether the new hotfixes have been installed. The hotfixes that you may have problems with include 831198, 831648, 832862, and 836606. For more details on how to manage this situation, see http://support.microsoft.com/?kbid=840864.
Red Hat has their own updated PHP packages for Red
Hat Enterprise Linux 3 to fix the security bugs discovered by Stefan
Esser. You can get the updates at
https://rhn.redhat.com/errata/RHSA-2004-392.html.
7/20/2004 A New Phishing Attack That Works on IE and Firefox
A British researcher, with a website named zapthedingbat.com, demonstrated a new cross-site scripting technique that may allow more phishing attacks. In this case, script from the attacker is injected onto a web page belonging to an online bank or other site where sensitive information can be discovered. This attack appears to work with both Internet Explorer with Windows XP Service Pack 2 (Release Candidate 2) installed, as well as Mozilla Firefox 0.9.1. You can read more about this at eWeek at http://www.eweek.com/article2/0,1759,1624771,00.asp.
There is a fix for the Apache web server's mod_ssl module, which is used for Secure Socket Layer connections. Because of a bug in the way mod_ssl deals with hostnames, a remote attacker may be able to use a modified HTTPS request to mount an attack and run their own code. You can get an updated module that fixes this at http://www.modssl.org/source/mod_ssl-2.8.19-1.3.31.tar.gz. It will probably also be available through your Linux vendors.
Apple has updated AppleWorks for OS X to version 6.2.9. It fixes some compatibility problems with mice that have scroll wheels, plus problems using web-based templates when there are proxy servers. It is also supposed to clear up some unspecified printing problems. Get the update at http://www.apple.com/support/downloads/appleworksformacosx.html.
IBM says that in their Websphere Portal 5.0.0 and 5.0.2,
two or more threads may be able simultaneously reload the same registry.
This may make overwork the database servers, and may actually cause the
Portal to freeze. IBM has a fix for this. Get it at
http://www-1.ibm.com/support/docview.wss?uid=swg24007436&rs=260.
If you are using a version of Windows XP that uses the Input Method Editor (IME), and you have also installed and then uninstalled the Microsoft 831144 Hotfix (for the Divide-by-zero error in the .NET Framework 1.0) you may have problems opening up the Windows Control Panel. When you try to open it, the Control Panel may lock up, and you won't be able to get at any of the applets inside. Microsoft has a hotfix to cure the problems created by their earlier hotfix. It will be in a future Windows XP service pack, but if you have fallen victim and want your Control Panel back, you should contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 843551. Note that you may get charged for this call.
Some types of digital cameras and other removable media show up as drives with in My Computer within Windows XP. However, Microsoft says that there may be sporadic problems getting these devices recognized. Sometimes they show up, sometimes they don't. They have traced this to a problem in the AutoPlay function. They have a fix for this called Autofix.exe, which you can download from the Microsoft Download Center. (Search for the keyword autoplay.)
7/19/2004 Latest Version of Bagle Mounts Bigger Attack
The latest reincarnation of the Bagle or Beagle virus has been turning up with greater frequency starting around 7/16 or so. It comes in via an email attachment, and then attempts to turn off security software processes such as firewalls and antivirus programs. It then harvests email addresses and then contacts a number of compromised web servers in Germany. (According to one story, this list of web servers is up to 141.) After the virus infects your computer, it will email a copy of itself to all the email addresses it can find on your hard drive. You can read Symantec's summary at http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.ab@mm.html.
Mandrakesoft has an update for both the freeswan and super-freeswan packages packages for Mandrake Linux 9.1, 9.2, 10.0 and Corporate Server 2.1. This update fixes a bug in the way these two handle X.509 certificates, that may allow an attacker to impersonate a valid certificate. Mandrake credits Thomas Walpuski for finding this bug.
Mandrakesoft has an updated PHP package for Mandrake Linux 9.1, 9.2, 10.0, and Corporate Server 2.1. This plugs a hole in that may be used by a remote attacker to run their own code via a memory_limit request termination. This bug was found by Stefan Esser. He also found a bug in the way strip_tags() works in PHP, but only with Microsoft Internet Explorer and Apple Safari browsers.
If a composite USB device (a device with more than one interface descriptor) doe not have sequentially numbered interfaces, it will confuse Windows XP. Actually, it is the Usbccgp.sys driver that gets confused, and may not be able to start the device when it is connected to the computer. Microsoft has an updated driver to fix this. It will be in a future Windows XP service pack, but if you have one of these devices you may want to contact Microsoft Technical Support to ask for the update, which is described in Knowledge Base article 814560. Note that you may get charged for this call.
There is a setting in Windows XP Group Policy that is supposed to Remove Properties from the My Documents context menu. This can be used, in theory, to keep users from mucking around with their settings on their My Documents folder. However, even if this Group Policy is set, users can still get to the My Documents Properties dialog by pressing ALT ENTER while highlighting My Documents in Windows Explorer. Microsoft has a hotfix, for both 32-bit and 64-bit Windows XP. It will be in a future service pack, but you can get it earlier by contacting Microsoft Technical Support and asking for the hotfix described in Knowledge Base article 843549. Note that you may get charged for this call.
Novell has a TCP update for NetWare 6.5. It fixes two bugs, one that caused IP fragmentation on NFS gateways, and one that caused an abend in TCPIP.NLM with the BorderManager 3.8 Proxy Server. You can get the update in tcp654j.exe at http://support.novell.com/servlet/tidfinder/2969023. There is a similar update for NetWare 6 at http://support.novell.com/servlet/tidfinder/2969022, and go to http://support.novell.com/servlet/tidfinder/2969021 for NetWare 5.1.
7/18/2004 Mac OS X 10.3.4 Handles Long URLs in Mail
Apple says that the Mac OS X 10.3.4 update fixes a problem that the Mail reader has with long URLs in emails. As most people know, a URL that wraps to a second or third line may not work when clicked. Instead, the URL gets chopped at the line break. However, Apple says that this has been fixed in 10.3.4.
7/17/2004 Dreamweaver Markup Tool Gets Marked Down
Dreamweaver MX 2004 has a handy Validate Markup tool that looks for invalid XHTML code on a web page. Unfortunately, it misses a number of items, such as missing DTDs, ALTs, and image height or width attributes. Macromedia says this happens in both Dreamweaver MX 2004 7.0 and 7.0.1.
Intel says that if your computer has an 82915G Express
Chipset, when you try to play Microsoft Halo Combat Evolved, you may
get this error message
We are sorry, but you computer's video hardware is below the recommended
minimum spec for this game. If you wish to upgrade your computer, please
contact your computer manufacturer for any necessary assistance.
Intel says that if you select either Continue Anyway or Continue in Safe
Mode, you will be able to play the game as long as the game graphics
settings are left in their default configuration.
Macromedia says that while Dreamweaver MX 2004 will seem to install without complaints on a Macintosh computer running a UFS (Unix File System), you probably won't be able to get it to run. They say they didn't design or test for UFS, and that Dreamweaver doesn't like using local or remote folders on a UFS partition.
When using Macromedia Dreamweaver MX 2004 to connect
via FTP to an IBM AIX server, you may have problems if you try to access
files or folders that are older than the current calendar year. You may
see this error message
An FTP error occurred - cannot get remote folder information.
Access Denied. The file may not exist, or there could be a permission
problem.
Macromedia says that Dreamweaver misinterprets the date information and
gets confused. There is a Dreamweaver extension to fix this. You can
get it at http://download.macromedia.com/pub/dreamweaver/extensions/ftp_update.mxp.
Mandrake has an update racoon package for Mandrake Linux 10.0. This update fixes a bug that could allow a Denial of Service attack by a remote attacker. It also fixes a flaw in the way that X.509 certificates are handled.
Microsoft says that there is a cosmetic bug that affects the way the Outlook Express setup screen appears on some Windows XP and Windows Server 2003 computers. Background colors may be wrong when you get to the screen that asks for your choice in ISPs. Microsoft says that Outlook Express will still install correctly.
7/16/2004 Already a Patch for one of Microsoft's July Security Patches
There is already a hotfix for the security patch released with Microsoft's MS04-024 bulletin, released on 7/13/04. This patch, which is officially labelled Security Update 839645, may trigger sharing violations on network shares, may increase network traffic, and may give confused ToolTips. If you installed the new security patch and started to get these problems, you may may want to contact Microsoft Technical Support and ask for the hotfix, which is described in Knowledge Base article 871242. Note that they may charge you for this call.
Hopefully, if you were affected by this you would have heard by now. Intuit says that some computers were stolen from one of their offices, the one that makes the ItsDeductible tax preparation software. An Intuit spokesperson said that the PCs contained personal data, including credit card details, from customers who purchased ItsDeductible between December 2002 and November 2003. Intuit also said they have contacted all these customers.
Macromedia says that if you upgrade your Macintosh from OS X 10.2.8 to 10.3, you may not be able to get Dreamweaver MX 2004 to run. Sometimes, the application icon bounces on the dock, but it won't run. Other times, you will be continually prompted for a Macintosh administrator password. Fix information is at http://www.macromedia.com/support/service/ts/documents/mac_archive_install.htm.
Connections between PHP and MySQL which worked when using Macromedia Dreamweaver MX, may not work when upgrading to Dreamweaver MX 2004. Macromedia says to make sure your version of PHP is compatible with MX 2004. You will need PHP 4.1.1 and higher, 4.2.x or 4.3.x.
Microsoft says that in Windows Media Center Edition 2004, if you change the drive in which you Record On, and then switch back to the original location, Windows may delete any saved recordings at the original spot. This will happen if the new drive had less available free space than the original drive, and you have selected the Keep setting of Until Space is Needed. Microsoft has a hotfix for this available at http://windowsupdate.microsoft.com/. Download Windows XP Media Center Edition 2004 Hotfix KB838358.
If you are using a HP LaserJet 5000 printer on a Windows XP computer, you may end up with blank pages in between printed pages of a document. This will happen if you change the paper size or orientation during a document, and the printer's duplex option is turned on. Microsoft has a new printer driver for this printer, which will be included in the next hotfix. If you can't wait, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 828511. Note that you may get charged for this call.
There is a bug in both Mozilla 1.6, 1.7, and 1.7.1 for Windows and Linux, and Mozilla Firefox 0.8 and 0.9.2. These browsers can be tricked into downloading a bad root security certificate that may prevent you from accessing a secure web site. You will know if you have a bad certificate if you look in your certificate store and see one with an error code -8182. You can see how to look for and get rid of the bad ones at http://secunia.com/advisories/12076/. Secunia credits Marcel Boesch for reporting this.
7/14/2004 Bug Tracking Software Has Its Own Bugs
There are a number of security bugs in Bugzilla, the bug tracking software developed by Mozilla.org. In Bugzilla 2.16, there is an SQL injection bug, plus some problems of insufficient data validation, and problems of unprivileged access to names of restricted products. These bugs have all been fixed in Bugzilla 2.16.6. Get the update plus details at http://www.bugzilla.org/security/2.16.5/.
Apple has released Xserve RAID Admin Tools 1.3.1 If fixes a bug that was preventing metadata from being updated correctly, and a bug that was keeping the "All On" button from working.
When using Mac OS X Server 10.3.3 and earlier, when
you use the Disk Utility's Repair Disk Permissions feature, you may disable
or disrupt mailing lists because the permissions at /usr/share/mailman
get changed. Apple says that if you've done this, you should be able
to get things back to normal by giving this command
# sudo /usr/share/mailman/bin/check_perms -f
They also say they have fixed this so it won't happen in Mac OS X Server
10.3.4 and later.
If you are running the 3DMark 2003 Benchmark Troll's Lair with an ATI RADEON graphics card with the Catalyst 4.7 software suite, you may notice dark triangles distorting the screen image. ATI says they do not yet have a fix for this.
If you are playing EA Sports Tiger Woods PGA Tour 2004 with an ATI graphics card with any version of the ATI Catalyst software suite since Catalyst 3.8, you may see a slight decrease in performance. (Sort of like the decrease in performance shown by the real-life Tiger?) ATI does not yet have any fix or workaround.
If you are playing City of Heroes on a computer with an ATI graphics card and the ATI Catalyst Suite 4.3 or higher, you may find that parts of the game have flashing textures that really shouldn't be there. ATI has no fix or workaround yet.
Novell has updated SecureLogin 3.51 to fix a number of bugs. If you install this patch, sl351009.exe which you can get from http://support.novell.com/servlet/tidfinder/2968830, and you want to manage it from ConsoleOne, you must also install all the updated snapins that come with this patch.
Novell says that their BorderManager 3.8 Support Pack 2 has a problem with stress. (Don't we all.) In particular, if you have the Firewall configured with logging turned on, it may stop working correctly if it has been "stressed for a long time."
PHP 5.0.0 has been released. For a complete list of bugs that have been fixed in this scripting language for web development, both the release candidates and the final versions, see http://www.php.net/ChangeLog-5.php#5.0.0.
Sun Microsystems has released the Sun Java System Connector for Microsoft Outlook Release Notes Version 6 2004Q2. It fixes a bug that may cause CPU utilization to spike to 100 percent when doing a send or receive. It also changes the installation procedure so that someone who is a Power User can install the package.
7/13/2004 Registry Error Trips Up MS Small Business Server Update
If you try to install Microsoft Small Business Server
(SBS) 2000 Service Pack 1 on a SBS computer for the first time, you may
see this error message
Service Pack 1 can only be installed on Small Business
Server 2000.
According to Microsoft, a bad value may have been recorded in your Registry
at HKEY_LOCAL_MACHINE\Software\Microsoft\BackOffice, that prevents the installation
of the service pack. You can edit the Registry to fix this, but it is important
to read the procedures and safeguards involved at http://support.microsoft.com/?kbid=839502.
Microsoft says the Task Scheduler in Windows 2000 (Service
Packs 2,3, and 4), Windows XP, and Windows XP 64-Bit Edition (Service
Pack1) have a bug in the Task Scheduler that may let a remote attacker
run code on your computer. Windows NT computers are not vulnerable unless
you have install Internet Explorer 6.0 SP 1. Apparently Microsoft let
the bug get in that, too. Microsoft notes that if a user is logged on
to the computer with Administrative privileges, "an attacker who
successfully exploited this vulnerability could take complete control
of an affected system". You can find links to the various patches
at
http://www.microsoft.com/technet/security/bulletin/MS04-022.mspx.
Microsoft credits Brett Moore of Security-Assessment.com, Dustin Schneider,
and Peter Winter-Smith of Next Generation Security Software Ltd. for
reporting the issue.
Microsoft is patching two more holes in Microsoft Internet Explorer 5.5 Service Pack 2 or Internet Explorer 6 Service Pack 1. One is in the HTML Help portion of the ill-fated browser, and the other is in showHelp, and is being discussed in the black-hat community. This will affect any Windows computer that has these two versions of IE installed. Both holes may allow a remote attacker to totally take over a computer. You can get the fixes at http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx. Microsoft credits Brett Moore of Security-Assessment.com for alerting them.
Microsoft has a patch for Windows 2000 SP2, SP3, and SP4. This will fix a bug in the Utility Manager that may allow a locally logged-on user to escalate their priveleges and gain complete control of a system. Microsoft deems this to be an Important, not Critical, update because it will be one of your own users, not a remote attacker, doing this. You can get the fix at http://www.microsoft.com/technet/security/bulletin/MS04-019.mspx. Microsoft credits Cesar Cerrudo of Application Security Inc. for alerting them to this.
Microsoft says there is a bug in POSIX that affects both Windows NT and Windows 2000. (POSIX is the Portable Operating System interface. The IX at the end means its roots are in UNIX.) The bug may allow a local user to escalate their priveleges to gain full control over the computer. You can get the fix at http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx. Microsoft thanks Rafal Wojtczuk working with McAfee for alerting them to this.
Microsoft says there is an IIS (Internet Information Server) buffer overrun vulnerability in Windows NT 4.0 that could allow a remote attacker to take control of the Windows NT computer. Note that Microsoft issued this fix even though NT 4.0 has officially passed out of support. (Gee, Microsoft is so nice!). If you are still using NT, get the fix at http://www.microsoft.com/technet/security/bulletin/MS04-021.mspx.
Microsoft says that a bug in the Windows Shell in Windows
NT/2000/XP/Server 2003 may allow a remote attacker to run their own code
on the computer. Microsoft says that "significant user interaction
is required to exploit this vulnerability" so it is an Important
Update, not a Critical One. You can download the fixes from
http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx.
Microsoft says that Outlook Express 5.5 SP2, 6.0, and 6.0 SP1 are vulnerable to a denial of service attack that can be transmitted via a malformed e-mail header. You can get the update at http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx. This is a cumulative update, so it will contain all the previous fixes for Outlook Express 5.5 and 6.0.
7/11/2004 Microsoft Word, MSN Messenger and Shell: Attacks
Security researcher Jesse Ruderman reports that Microsoft Word and MSN Messenger are both susceptible to the security weakness in the Windows "shell:" functionality. A carefully constructed link in a Word document or MSN message may trigger an attack. (This weakness is similar to the one in Mozilla reported July 8 and patched July 9.) As of yet, there seems to be no report or fix from Microsoft, although something may be released soon. A limited report is available at the Secunia web site at http://secunia.com/advisories/12042/. As a workaround, be very hesitant about following links in either Microsoft Word or MSN Messenger.
7/10/2004 Lotus Notes 6 May Allow Attack
There is a bug in Lotus Notes 6.0.x and Notes 6.5.x that may allow attackers to remotely execute code on a Notes workstation. The bug was discovered by Jouko Pynnonen, in association with iDEFENSE, and their full report is at http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities. This bug has been patched in Notes 6.0.4 and in 6.5.2. There are also workarounds to prevent it if firewalls are used to prevent Internet sharing.
7/9/2004 Fast Fix for Mozilla Flaw
A security flaw that affects all browsers on the Windows operating system was announced on July 7. A bug in the shell: external protocol handler may allow attackers to use this as a way to run their own code on the system. Within 24 hours, the Mozilla Foundation at Mozilla.org released fixes for Mozilla 1.7, Firefox 0.91, and Thunderbird 0.7. Users of these programs should go to http://www.mozilla.org/security/shell.html and either download a patch that will make a configuration change to protect their system, or download full program updates (Mozilla 1.7.1, Firefox 0.9.2, Thunderbird 0.7.2) that also fixes this bug.
If you are using an ATI 8500 All-In-Wonder Card with the ATI Catalyst 4.6 software, you may notice some hesitation in DVD playback at the start of a movie when you use the ATI DVD player on Windows XP. This has been fixed in the ATI Catalyst 4.7 update.
If you are using an ATI graphics card with the ATI Catalyst 4.6 suite, a floating-point exception error in a D3D (Direct 3 Dimensional) game or application may actually crash Windows XP. Once you upgrade to the ATI Catalyst 4.7 suite, you may still have floating-point errors, but ATI says they shouldn't bring down Windows XP.
Microsoft says that if you are having problems clicking an Outlook calendar hyperlink in an email, the problem may be due to file associations. The iCalendar file type, .ICS, should be associated with Outlook 2003, so that when you click a link to those files, Outlook opens. Sometimes, however, .ICS files get associated with Microsoft Internet Explorer, and the email invitations open up in IE. If you don't know how to change file type associations, see http://support.microsoft.com/?kbid=867840.
If you try to import a .DWP (Web Part Description)
file into Microsoft FrontPage 2003, you may get this error message:
The Web part or Web form control on this Web part page cannot be displayed
or imported because it is not registered on this site as safe.
Apparently, a mismatch between how the Web Part assembly is named in
the .DWP file and how it is named in the server's Web.config file SafeControls
list. They need to be an exact match. See http://support.microsoft.com/?kbid=835590 for information on how to make sure they match.
If you have a very fast network connection, even a
user with sufficient permissions may get this error message when trying
to access a Microsoft Commerce Server Business Desk (BizDesk):
You do not have sufficient permissions to use Microsoft Commerce Server
Business Desk. Please contact your system administrator.
Microsoft has a hotfix for this, which will be in a future Commerce Server
service pack. If you get this error frequently, you may want to contact
Microsoft Technical Support and ask for the hotfix described in Knowledge
Base article 843274. Note that you may get charged for this call.
7/8/2004 Lovgate Virus Picking Up Steam
The Lovgate virus/mass-mailing worm is getting more attention from anti-virus researchers, who are seeing more instances of it. While the worm, which targets Windows computers, doesn't destroy your data, it does tend to copy itself into .exe files that it finds, which means those files, which may be your word processing applications, spreadsheets, games, etc, won't work any more. You can see more from Symantec at http://securityresponse.symantec.com/avcenter/venc/data/w32.lovgate.ab@mm.html or from McAfee at http://vil.nai.com/vil/content/v_126568.htm.
Apple says that when you use Final Cut Pro 4 or Final Cut Pro HD 4.5, with 10-bit high precision rendering, then you probably won't be able to render clips with motion blurs and drop shadows. When you start to render, the dialog will appear and then disappear. Apple has a couple of workarounds, depending upon the clip contents. See http://docs.info.apple.com/article.html?artnum=93871 for details.
ATI says that if you are playing Need for Speed Underground with an ATI RADEON 8500 Series graphics card, and the Catalyst 4.5 - 4.7 software suite, the headlights will not light up the road ahead. There is not yet any fix for this bug.
ATI says their Catalyst 4.7 software suite update fixes a problem when launching EVE Online. With earlier versions of their software, ATI RADEON 8500, 9100, or 9200 graphics cards may have had a VPU recover error just before seeing the terms and conditions screen.
Lotus has an updated Meeting Room Scheduler SmartMaster for Lotus Approach for Windows 9.8.1. This fixes a problem when scheduling one meeting that ends at 2:00 pm, and another meeting for the same room that begins at 2:00 pm. You can get this fix at ftp://ftp.software.ibm.com/software/lotus/fixes/SmartSuite/App_SchedSM.zip.
Microsoft says that there is a conflict between Symantec WinFax PRO 10.02 or Symantec WinFax 10.02 Basic Edition and Microsoft Outlook 2002. Install the Symantec products, and Outlook may lock up when you open an email message. Microsoft says that you can get a fix from Symantec for this. To avoid having to print a 250 character URL, please go to http://www.symantec.com/techsupp/winfax/winfax_1002_tasks.html and search for Symantec document 2001110911391704.
7/7/2004 Terminal Server Interferes with MS Office Clipboard
Microsoft says that if you connect to a Windows Server 2003 server that
is running either Terminal Server or Remote Desktop for Administration,
you may lose the ability to copy and paste items in Microsoft Office
2003. While you can copy to the clipboard, you may not be able to paste,
and you will see this error message
Cannot empty clipboard.
Microsoft has a hotfix for this, which will be in a future Windows Server 2003
service pack. If you can't wait for the fix, contact Microsoft Technical Support
and ask for the hotfix described in Knowledge Base article 840872. Note that
you may be charged for this call.
Apple says that on the Mac OS X Server, the Server Assistant is very sensitive to version numbers. If you want to connect remotely to a Mac OS X Server 10.3.4, you will have to use Mac OS X Server Admin Tools 10.3.4, and not an earlier version.
Microsoft says that in Commerce Server 2002 if a category property is marked with a "Store data for analysis" attribute, these properties will not be exported to the Data Warehouse, although they should. Microsoft has a hotfix for this, which will be in a future Windows Server 2003 service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 842635. Note that you may be charged for this call.
If you are using Microsoft FrontPage 2000, and you
open a web site that has been published to a computer running Windows
2000 Service Pack 4, you will instead get this error message:
An error occurred accessing your FrontPage web files.Authors - if authoring
against a web server, please contact the webmaster for this server's
site.
Microsoft released a hotfix for the FrontPage 2000 Server Extensions
on 6/15/2004 that fixes this. If you want the fix, you either need to
wait for the next service pack, or contact Microsoft Technical Support
and ask for the hotfix described in Knowledge Base article 838018. Note
that you may be charged for this call.
After Microsoft's 7/2/2004 emergency patch for Internet Explorer, a computer researcher publicized yet another way to break through IE's defenses. You can read about Jelmer Kuperus's findings at ZD Net at http://zdnet.com.com/2100-1105_2-5259374.html. A Microsoft spokesman says that more fixes will be coming.
NGSSoftware says that there is a buffer overflow in
MySQL 4.1 and earlier, that may allow a user to bypass the MySQL password
mechanism. They also say that MySQL AB fixed this bug in version 4.1.3,
and the most recent builds
of version 5.0. You can read the details at
http://www.nextgenss.com/advisories/mysql-authbypass.txt
If you are installing Novell NetWare 6.0 Support Pack
5 on Dell computers, there may be some updated drivers for you from Dell,
including pedge3.ham, perc2.ham,
dellsbd.nlm and associated .xdi files. Novell says the latest drivers
will either be at http://www.dell.com (that's really narrowing it down)
or the latest certiried Storage drivers may be at http://developer.novell.com/devres/storage/drivers/index.html.
Novell says that if you upgrade to Novell NetWare 6 Support Pack 3 or later, the upgrade moves an HP Hot-Plug driver from the DOS partition to sys:. Novell says that may be enough to lose hot-plut functionality. Novell says as a workaround, copy cpqsbd.nlm from sys:system\drivers.new directory to sys:system, then load it to resume Hot-Plug functionality.
Adobe has an Acrobat 5.0.10 plug-in update that fixes a bug that may allow malicious code to be run from a PDF document. This fix is for the full Acrobat program. Adobe says the flaw is theoretical at this time, there haven't been any confirmed exploits. There is no fix for the Acrobat 5 reader. Instead, Adobe says users should do the free update to Adobe Reader 6, which doesn't have the bug.
If you are trying to hook up to Verizon BroadbandAccess on a Mac OS X computer with an Express Network PC Card, you may be having problems. Apple has a Verizon BroadbandAccess Support 1.0 package at http://www.apple.com/support/downloads/verizonbroadbandaccesssupport.html that will support that card.
Intel has a new driver for their 845G, 845 GL, 865G, 845GE, 845GV, and 915 Express Chipsets. The new driver revision 6.14.10.3847 fixes up some compatibility problems with the InterVideo WinDVD 5.0 and 5.0.26 DVD players that may cause either the system to hang or video corruption. A number of other fixes are also detailed at ftp://aiedownload.intel.com/df-support/7506/ENG/Relnotes.htm.
Microsoft says that if you install the 811948 Hotfix (for Serial Bus Protocol 2 devices) on a Windows XP computer that has a TV tuner installed, you may lose the TV Tuner icon from the My Computer window. Microsoft has a hotfix to take care of the bug introduced by the previous hotfix. It will be in a future service pack, but if you can't wait for the fix you should contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 831736. Note that you may get charged for this call.
Microsoft says that using Fast User Switching on a Windows XP computer may cause the screen resolution to change unexpectedly. Microsoft has a hotfix for this, which will be in a future Windows XP service pack. If you can't wait for this fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 832295. Note that you may be charged for this call.
Red Hat has brought out their updated httpd package to fix the announced buffer overflow in the Apache web server's mod_ssl. The fix is for Red hat Enterprise Linux 3, and you can get it at https://rhn.redhat.com/errata/RHSA-2004-342.html.
7/5/2004 How to Exorcise an iDisk Ghost
Apple says that you may have problems disconnecting an iDisk properly. A "ghost" iDisk (that's their term) may stay with the computer, even after removing the iDisk and rebooting the computer. Here's what you need to do to exorcise (that's their term again) the ghost: Restart the computer, but don't access the iDisk; at the Go menu, choose the Go to Folder; when a window appears type /Volumes/ and click Go. When a new window appears, look for any volumes with the generic names username, username-1, etc. Get rid of them by dragging them to the Trash icon, and then Empty Trash. It may help to chant "The power of Steve Jobs commands you" while doing all this, but it is not necessary.
Microsoft says that if an IEEE 1394 video device uses two or more isochronous descriptors for its video stream, and is connected to a Windows Xp or 2000 computer whose processor is under a heavy load, the video stream may not synchronize correctly. Instead, the image may roll onscreen. Microsoft has a hotfix for this, which will be in a future Window XP/2000 service pack. If you can't wait, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 840136. Note that you may get charged for this call.
You may lose the ability to change a Windows XP laptop's LCD display contrast or backlight if you do the following: start the laptop without a connected CRT monitor; connect a CRT monitor; switch the display from the LCD to the CRT and back again. Microsoft says this is because of a conflict in the Windows XP video port component. They have a hotfix, which will be in a future Windows XP service pack. If you do a lot of this switching, you may not want to wait for the fix. You will need to contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 843617. Note that you will get charged for this call.
If you are going to install Novell NetWare 6.0 Support Pack 5 on a server running Novell BorderManager, you will have to reboot the server after the Support Pack is installed. Novell says you will have to do this even if during the Support Pack installation you chose the option not to reboot.
If you are running Novell's ConsoleOne 1.3.5, and then install Novell NetWare 6.5 Support Pack 5 and upgrade the Java Virtual Machine to JVM 1.4.x, you will disable ConsoleOne. Novell says you will have to upgrade ConsoleOne to 1.3.6, which you can get at http://download.novell.com.
Novell NetWare 6.5 Support Pack 5 includes security updates for PKI, NMAS, and NTLS. This includes a fix for the OpenSSL security vulnerabilities in CERT Advisories CAN-2003-0543 (VU#255484), CAN-2003-0544 (VU#380864), VU#686224, and VU#732952.
7/2/2004 Sending Email in Outlook May Corrupt Registry; Microsoft Release Quick Registry Fix
Sending emails in Microsoft Outlook
2003 may end up corrupting your Registry. It can happen in this way:
Right click on something, select Send To, and select Mail Recipient
(this assumes, I guess, that Outlook is your default email application,
but they don't specify this); wait at least 24 hours; send a second
email message in the same way. After doing this, when you open Outlook
2003 or the Outlook 2003 Add-In Manager, you may see this error message:
Error in registry for extension "Exchange Extensions;?".
The syntax or format of the registry entry is incorrect. Check the registry settings
and compare the registry for this extension to other extensions in the registry.
Microsoft has fixed this in the Outlook 2003 hotfix package of 3/2/2004. However,
to get that hotfix, you either need to wait for the next service pack, or contact
Microsoft Technical Support and ask for that hotfix. Note that you may get charged
for this call.
If you have Apple's Final Cut Pro HD as well as a Panasonic AJ-HD1200A digital camcorder, Apple says you should get the latest version of the DVCPROHD components (1.1). This fixes the QuickTime components, but isn't a full update of Final Cut Pro. You can get this at http://www.apple.com/support/downloads/dvcprohdcomponents.html.
IBM says that their WebSphere Portal Version 5.0.0.0,
running on all platforms, may have problems during an ACL (access control
list) migration. The migrate-user-customizations task may fail. IBM has
a fix for this, which you can get at
http://www-1.ibm.com/support/docview.wss?uid=swg24007310&rs=260.
Microsoft seems to have rushed out (just before the holiday weekend) a patch for one of the many problems currently afflicting Internet Explorer. If you go to http://support.microsoft.com/default.aspx?kbid=870669, you will see information on an automated update to disable ADODB.Stream, one of the many current flaws in IE. They also give information on how to patch manually, via a Registry edit. Doing this may make IE slightly safer, but it doesn't make it safe.
Microsoft says that if you have an application built from the Microsoft .NET Framework version 1.1 running for what they term a "short time", a thread in the thread pool may get corrupted. One thread may become deadlocked, CPU usage will shoot up to around 80 percent, a thread may keep making manual events, and a wait thread fires repeatedly on an AutoResetEvent event. What this means is the computer is going to drastically slow down. Microsoft has an update for this, which will be in a future Microsoft .NET Framework 1.1 service pack. If you can't wait for that, contact Microsoft and ask for the fix described in Knowledge Base article 828698. Note that you may get charged for this call.
Red Hat has a kernel update for Red Hat Enterprise Linux 3. If fixes a security bug, found by SuSE, that may let users make changes to file group IDs that they shouldn't be allowed to make. Get this update at https://rhn.redhat.com/errata/RHSA-2004-360.html.
7/1/2004 Unreal really has a bug
A bug in the Unreal Engine may allow buffer overflows and attacks on servers. The Unreal Engine is used in the following games, which may be affected: DeusEx (build 1.112fm and earlier); Devastation (build 390 and earlier); Mobile Forces (build 20000 and earlier); Nerf Arena Blast (build 1.2 and earlier); Postal 2 (build 1337 and earlier); Rune (build 107 and earlier); Tactical Ops (build 3.4.0 and earlier); TNN Pro Hunter; Unreal 1 (build 226f and earlier); Unreal II XMP (build 7710 and earlier); Unreal Tournament (build 451b and earlier); Unreal Tournament 2003 (build 2225 and earlier); Unreal Tournament 2004 (before build 3236); Wheel of Time (build 333b and earlier); X-com Enforcer. According to security researchers Secunia, this bug has been fixed in Unreal Tournament 2004 (build 3236 and later). They give credit to Luigi Auriemma for finding this bug. See http://secunia.com/advisories/11900/ for the details.
The Apache Software Foundation has a patch for the Apache httpd versions 1.3.26, 1.3.27, 1.3.28, 1.3.29 and 1.3.31. This takes care of a buffer overflow in the mod_proxy feature, a bug discovered by Bulgarian bug hunter Georgi Guninski, who says that, even with this bug "still apache much better than windows". You can read his report at http://www.guninski.com/modproxy1.html.
Apple says the DVD Studio Pro 2 User's Manual states that the program will accept closed caption files with both a .cc and a .scc file extension. In reality, DVD Studio Pro may not accept the files with .cc. In that case, Apple says to change the extension to .scc.
Microsoft says that you may crash Excel 2000 when you
programmatically create a query using MSQuery. This will happen if the
query has a parameter query. After Excel crashes, you may see these details
in the error message
Excel.exe 9.0.0.8229 Excel.exe 9.0.0.8229 001fba15
This is fixed in the Excel 2000 Post-Service Pack 3 hotfix package. This
fix will be in a future Office 2000 Service Pack, but if you do these
sorts of queries you may want the fix right away. To get it, you will
need to contact Microsoft Technical Support and ask for the Excel 2000
post-Service Pack 3 hotfix package of 6/18/2004. Note that you may get
charged for this call.
A damaged smart tag may prevent a Microsoft Word 2003
document from being opened. You may try to open a document that you know
is there, but get this error message
The document name or path is not valid. Try these suggestions.
- Check the file permissions for the document or drive.
- Use the File Open dialog box to locate the document.
If the document has smart tags, that may be the problem. Microsoft has
a hotfix which you need to install and activate, via a Registry edit,
to fix this. See the details at http://support.microsoft.com/?kbid=837016.
In Microsoft Office 2003, your Officer Assistant characters
may turn up missing. (Sounds like a feature, not a bug, to me.) After
starting an Office program, you may get this error message
There are no Office Assistant character files present on the system.
Please run Setup in maintenance mode and install at least one character.
This may happen, according to Microsoft if Office 2003 is installed on
a computer that also has Office 2000 or Office XP installed, and you
start an application from one of the earlier versions first. Then after
starting and quitting an Office 2003 program, the characters will be
gone any subsequent time you start an Office 2003 program. As of now,
there is no workaround.
6/30/2004 Adobe Tightens Acrobat Security
Adobe has an update for both their full Acrobat program and the Acrobat Reader. The Acrobat 6.0.2 update include "Security update to further restrict malicious code execution" although they are not forthcoming about the details. (The real bad guys probably already know how to break in to a PDF, but they don't want the script kiddies to know, too.) The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
It's not just the BugBlog saying you should use Mozilla instead of Microsoft Internet Explorer. Now, US-CERT suggests you may want to use a different web browser, too. (They don't specify Mozilla.) As they say at http://www.kb.cert.org/vuls/id/323070, "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser." Of course, it won't give you total security (IE is deeply embedded in Windows systems) and some sites function correctly only with IE. (Microsoft has an excuse, of course, but what about all you other sites? You need to test for cross-browser compatibility.)
Adobe Acrobat and Adobe Reader 6.0 may have problems with some XML Data package (XDP) files. If they are not based on XML forms they might not be understood and correctly sent to XML agents. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In Adobe Reader 6.0, any hidden fields created with Adobe Designer 6.0 may cause the screen readers to fail. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In both Adobe Acrobat and Adobe Reader 6.0 , the XML Forms Architecture plug-in may have compatibility problems with JavScript-based intelligence. This has been fixed in the Acrobat and Adobe Reader 6.0.2 update. The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.
In Adobe Acrobat 6.0 for both the Windows and Mac OS, bar-encoded forms may not generate 2D bar codes correctly. This has been fixed in the Acrobat 6.0.2 update. The Windows and Mac versions are at http://www.adobe.com/support/downloads/main.html.
Creative has an updated driver for the Creative Disc Maker or Creative CD Burner. These programs may have been included with the Sound Blaster Audigy 2 ZS Platinum Pro. The new driver update 1.00.03 supports some of the newer CD-RW drives.
The Juniper JUNOS Packet Forwarding Engine (PFE) has a memory leak with some IPv6 packets. An attacker may be able to use this knowledge to send many of these packets to the Juniper router and creating a denial of service attack by using up all the memory. For a fix, see https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search.
The Internet Storm Center (ISC) says that a new Trojan program may install itself via a pop-up ad on Microsoft Internet Explorer, and then aims to steal keystrokes used to log on to nearly 50 different Internet banking sites, including Citibank, Barclays Bank and Deutsche Bank. A news story about this is at ZD Net at http://zdnet.com.com/2100-1105_2-5251981.html, and the technical details are available from the ISC at http://isc.sans.org/presentations/banking_malware.pdf.
Microsoft says that if a laptop computer running Windows XP has installed audio/video streaming devices that use USB connectors, these devices may not wake up correctly after standby. Microsoft says that a fix for this should be in the upcoming Windows XP Service Pack 2.
If you are using Mozilla 1.7 on a Fedora Core 2 computer, you may be getting long delays in resolving hostnames. The problem is that IPv6 is turned on by default in Fedora Core 2, and it slows things down. According to Mozilla, most users probably don't need this, and say you should turn it off in the kernel.
If you are running Mozilla 1.7 on a Windows computer, and keep it minimized for several hours, you may have a real long delay when you finally restore the browser. Mozilla says you can work around this by setting config.trim_on_minimize preference to false.
Sun Microsystems says that Solaris 9 running on both
SPARC and Intel platforms, with patch 112908-12 or 115168-03 installed,
may have a problem with kerberos clients. Passwords will be logged in
as clear text, so that any local user who can see the log files will
be able to learn other user's passwords. Sun has fix information at
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587.
Sun Microsystems says that Solaris 7,8, and 9, on both SPARC and Intel hardware, has a hole in the Basic Security Module, or BSM. This bug may allow a local unprivileged user to panic a Solaris system and cause a denial of service attack. Patch information to fix this is at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57497.