 |
|
|
|
 |
 |
|
|
 |
|
||
 |
|
||
 |
|
||
 |
 |
|
|
 |
|
||
BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company
Jump to the BugBlog archives (October 03 and earlier are public archives)
Dec 06Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02
*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.
Subscription portion of the BugBlog. The first bug of the day listed is always the free bug available to non-subscribers, followed by the subscription-only bugs.
4/30/2005 Disk Utilities May Not Be Compatible with Mac OS X 10.4
Playing with Tiger? If you have upgraded to Mac OS X 10.4, which is the Tiger Release, note that it supports Extended Attributes in the file system. If you try to use older disk utilities with Mac OS X 10.4, Apple says you may either get false errors, or the utility may try to fix things and will wipe out some data instead. Before you use any third-party disk utility, such as Alsoft DiskWarrior, Micromat Tech Tool, and Symantec Norton Disk Doctor, check to make sure you have a version that will be compatible with 10.4. Apple points out that there is a disk utility that is included with the new version.
Macromedia says that if you are using Dreamweaver MX on the new Mac OS X 10.4, you won't be able to use the F12 shortcut key to launch Preview in Browswer. Apple has take that key to launch the Mac Dashboard, so it won't be available in Dreamweaver. You can either give the File, Preview in Browser command in Dreamweaver instead, or you can program another shortcut key in OS X 10.4 for the Dashboard. Do that from the Apple Menu, System Preferences, Dashboard & Expose.
Macromedia says the context-sensitive help in Dreamweaver does not work correctly when running on the new Mac OS X 10.4 operating system. You can click the Help button, but it will always take you to the general Help screen. Macromedia says you will have to use the Help system search function, or the Table of Contents, to find what you need.
If you are using Macromedia Dreamweaver MX 2004 7.0.1 on a computer running Mac OS X 10.4, you won't be able to use the Return key or the Up or Down arrow keys to select a code hint if you first click an option with the mouse. If you want to use the keys, don't do a mouse click first. You will need to use the arrow keys exclusively, according to Macromedia.
When installing new software on a Windows XP computer,
you may see an error message such as
1607:Unable to install InstallShield Scripting runtime
There's actually many different problems that could cause this error
message. This includes mismatches of Installshield DLLs, permissions
problems, another installer program running in the background, or more.
Microsoft has a complete list of what might be going wrong at http://support.microsoft.com/?kbid=888019.
That article also has a list of troubleshooting steps you might take
to fix this.
If you try running one of Microsoft's diagnostic programs
in Windows 2000, XP, or Server 2003, like Task Manager, System Configuration
Utility, System Information or the Registry Editor, you may get this
error message
STOP 0x00000050
or
STOP 0x0000000A
Microosft says you may have come down with the Sdbot virus, which tries
to interfere with Microsoft's troubleshooting software. You should be
able to get rid of this with the Microsoft Malicious Software Removal
Tool. See http://support.microsoft.com/?kbid=897079 for more information.
4/29/2005 Spyware Seven Step Program
No, this isn't for software that wants to kick a spyware addiction. These are the seven things to consider when picking your anti-spyware package, courtesy of the Security Pipeline. The checklist accompanies a story detailing how many big software companies are enrolling in the anti-spyware fight. Read it at http://www.securitypipeline.com/161601251.
4/28/2005 Symantec AntiVirus Had a Bug
Symantec says that the there is a bad component in the Symantec Antivirus products for Windows. It is the portion of the program that looks at archived or encoded products. An attacker may be able to place malicious code within an archived file, and will not be noticed by the initial antivirus scan. However, if the code is extracte from the archive, Symantec says their RealTime virus scan will catch it. They have already fixed this -- it will only be an issue if you updated to a bad version, and then didn't update to a fixed version. Go to http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html to see the versions of the bad builds.
4/27/2005 Lowdown on iPod Batteries
There has been a certain amount of complaining over the performance and battery life of Apple iPods. (Not from me -- I don't have one.) Here's a page that attempts to link to all the information about the topic. Note that its not an official Apple page, although it is pro-Apple. It does link to a number of other articles that I'm sure don't get the Apple seal of approval. Read the whole thing at http://ipodbatteryfaq.com/.
Some laptop computers running Windows are configured to turn off power to the USB bus under some power management schemes. If this happens, and you plug an iPod into the USB port, it might not get recognized by the computer. If this happens, Apple has a way to wake up the USB port. See the details at http://docs.info.apple.com/article.html?artnum=301343.
When updating or restoring your iPod, you might get
this error message:
Can't lock iPod. Please check if any other applications
are using iPod and try again.
While no one may be listening to it, other things could be using it. Apple
says to make sure that iTunes isn't accessing the iPod, and that it isn't being
scanned by anti-virus software. If that doesn't work, check out http://docs.info.apple.com/article.html?artnum=301305 for
more trouble-shooting steps.
Adobe says that if you are using InDesign CS and a jump frame overlaps with a linked frame on a hidden layer, the Next Page Number feature won't work correctly. It will show the wrong page number. This has been fixed in the InDesign 3.0.1 April 2005 update.
If you have an Adobe InDesign CS 3 document with InCopy stories within narrow text frames, any time you open the document you may inadvertantly create a number of extra, empty text frames. Adobe says they have fixed this in the InDesign CS 3.0.1 April 2005 update.
A typo can cause an attack on your computer. If you intend to go to Google.com, but mistakely type in Googkle.com instead, you may end up at a site that launches various type of Trojan horse attacks against your computer, and may try to install spyware or other things. The security researchers at F-Secure have warned about this site, and advise against visiting. Read the story at http://news.zdnet.com/2100-1009_22-5686764.html.
When a Lotus Domino 6.5.4 server has been configured to use negotiated SSL for outbound mail, and it tries to send mail to an SMTP (Simple Mail Transport Protocol) server that happens to be down, the Domino server won't give up. It will continue to try to contact the other server, and will fall into an infintie loop. IBM says a workaround is to take out the "RouterFallbackNonTLS" parameter from the NOTES.INI, or disable the parameter by setting it's value to zero(RouterFallbackNonTLS=0).
If you have a Workspace in Lotus Notes 6, and it sues unstacked icons, when opeing a Calendar bookmark you may get a replica of a mail file rather than the Local mail file. IBM says this won't get fixed in any future updatess of Notes/Domino 6, but may get included in Notes/Domino 7.
If you have a DHCP (Dynamic Host Configuration Protocol) server running on a Windows Server 2003 computer, it may make errors when assigning IP addresses. If a client moves between network segments, it may get assigned the same IP address as another client. This has been fixed in Windows Server 2003 Service Pack 1.
When using Microsoft Excel 2002, adding a data source
to a pivot table may cause Excel to crash. You may see error message
details similar to the following
Excel.exe 10.0.6501.0 Excel.exe 10.0.6501.0 00597cd9
This has been fixed in the Excel 2002 post-Service Pack 3 hotfix dated
4/5/2005. If you can't wait for a future service pack that has this hotfix,
contact Microsoft Technical Support and ask for the hotfix described
in Knowledge Base article 896996. Note that you may be charged for this
call.
Netscape 6.x and 7.x are vulnerable to a bug in the
GIF image Netscape Extenstion 2. There is a buffer overflow that could
be used to crash the browser. Hostile websites may also be able to use
this to run their own code on your computer. This is similar to a GIF
bug that has already been patched on Mozilla systems. For now, there
is no fix. This has been reported in Netscape by
Juha-Matti Laurio.
Sun Microsystems says that their Solaris 7,8,9, and 10 for both SPARC and I#86 platforms may be susceptible to a bug in the libtiff(3) library. This could be used by an attacker who could send damaging code encased within a .TIFF image file. As a workaround, Sun says to avoid TIFF files unless you trust the source. Fix information for each version of Solaris is at http://sunsolve.sun.com/search/document.do?assetkey=1-26-57769-1.
4/26/2005 Adobe Fixes an InDesign Overflow
Adobe has fixed a buffer overflow in InDesign 3. This overflow enabled an attacker to send a specially formatted PNG file that could crash InDesign. The patched version is the April 2005 release of InDesign 3.0.1.
4/25/2005 Musicmatch Jukebox Fixes an Overflow
There's an update to Musicmatch Jukebox to fix two security bugs. One might cause a buffer overflow, which could be exploited by an attacker to run their own code on your computer. Another bug is an input validation error that a malicious website could use to overwrite your files. Go to http://www.musicmatch.com/download/free/security.htm. Windows XP users can grab the updated version 10; other versions of Windows must be content with the updated version 9. Credit for finding the bugs goes to Robert Fly and Hyperdose, along with Musicmatch.
When using Adobe InDesign CS 3, if you try to insert text just before or after an inline Note, you may have problems. Instead of seeing the I-beam that indicates the text insertion point, your cursor may change to the Note finger icon instead. Adobe has fixed this in InDesign CS 3.0.1. The hotspot for the inline Note is only going to be the top part of the note. To insert text, point towards the bottom half of the note. The I-beam should appear.
Adobe says that InDesign CS 3 may have problems when it is mapping Styles to XML tags. If it is a long document with lots of mappings, InDesign may just give up and crash. Adobe says this has been fixed in InDesign CS 3.0.1 April 2005 update.
If you take an existing Adobe InDesign CS 3.0 file and save it to a new filename, and then try to print it out to PostScript, the Save PostScript File dialog will use the original filename instead of the new filename. As a workaround, type the new name in. As a fix, get the InDesign CS 3.0.1 April 2005 update.
Here's a bit of cultural imperialism from Apple. If a Mac OS X 10.2 through 10.3.9 computer has been localized to a non English language, and you have your Finder preferences set up to "Always show file extensions", then your application and folder names may revert back to English. For now, the only workaround is to turn off that option in Finder. See how to do it at http://docs.info.apple.com/article.html?artnum=107108.
If you do a lot of computer browsing using a wireless hotspot, such as at a coffee shop or in an airline terminal, you may want to read some of the security information given at the Security Pipeline at http://www.securitypipeline.com/161501322. They say that really sophisticated hackers are going to tend to target people at the airline club, rather than the local Starbucks, figuring the users at the airport are going to be executives checking in to the corporate network.
Microsoft fixes a number of graphics problems in the Office XP hotfix of 4/4/2005. Without the hotfix, if you insert a bitmap image that has both a foreground and background image, the background image may get split and rotated. Also, grayscale images going to color printers may not print, and blank picture frames may show up instead of .tif images with CMYK profiles. If you want this hotfix, you need to contact Microsoft Technical Support to ask for the hotfix described in Knowledge Base article 4/8/2005. Note that you may get charged for this call. This is a post-Service Pack 3 fix.
Microsoft Internet Explorer 6 on a Windows XP Service
Pack 2 computer may have problems with a webpage that has a frameset.
If the left frame runs a script domain property is explicitly defined
in a cross-frame script, you may see this error message
Problems with this Web page might prevent it from being displayed properly
or functioning properly.
This problem may also happen if the cumulative security update for Internet
Explorer MS04-025 is installed without Service Pack 2. Microsoft has
a Registry Edit and a hotfix that will take care of this. See the details
at http://support.microsoft.com/?kbid=889407.
The online Microsoft Knowledge Base needs some updating, as of 4/25/2005. If you go to http://support.microsoft.com/kb/824721 it will show a long list of bugs, referenced by earlier Knowledge Base articles, that are fixed by Windows Server 2003 Service Pack 1. However, if you go to look at any of the individual articles to see the bugs, there's no indication that they are fixed by the service pack. You are still told to contact Microsoft Technical Support to get a hotfix, or wait for the next service pack. You aren't told that the service pack is here.
Red Hat has updated packages for OpenOffice for Red Hat Enterprise Linux 4 and the Red Hat Desktop 3 and 4. These packages fix a buffer overflow bug in OpenOffice (covered in the 4/20 BugBlog). Get the update at https://rhn.redhat.com/errata/RHSA-2005-375.html.
Red Hat has an updated Mozilla package for Red Hat Enterprise Linux 4 and the Red Hat Desktop 4. This Mozilla update brings the browser up to the Firefox 1.0.3, or Mozilla Suite 1.7.7, package released earlier in April to fix a number of security bugs. Get the update at https://rhn.redhat.com/errata/RHSA-2005-383.html.
4/23/2005 iSync Overflow Could Sink Mac OS X
Apple has a security update to fix a buffer overflow in iSync. This bug could be exploited by local users so that they could run their own commands as root on the local system. The update is for iSync 1.5 on Mac OS X 10.2.8 and Mac OS X 10.3.x. Apple credits Braden Thomas for finding this bug.
Adobe says that if you open up the Tabs palette in Adobe InDesign CS, and the palette is blank, you will need to re-create the InDesign preference files. Go to http://www.adobe.com/support/techdocs/330533.html to see how to do this.
Adobe says that if you try to paste Illustrator objects into some other program, including Adobe Photoshop, it won't work correctly. The object may be really small and not have any fills that it should have. According to Adobe, the problem is probably because you have picked Either PDF or PDF And AICB in the Clipboard preferences. You should change that so that AICB Only is picked. See http://www.adobe.com/support/techdocs/331393.html for details.
Moving text or extending a selection in Microsoft Word 2003 by using the function keys may not always work correctly, according to Microsoft. In particular, the F2 Move Text function may not always work correctly. This has been fixed in the Word 2003 post-Service Pack 1 Hotfix Package released March 28, 2005. This will be in a future Office service pack. If you can't wait for the service pack, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 895409. Note that you may get charged for this call.
Microsoft says that if the ClientMan program is installed
on a Windows XP Home Edition computer, it may cause problems, generating
this error message
msvc32i MFC Application has encountered a problem and needs to close.
Microsoft says that you should download a ClientMan removal tool and
use it. See the details for this at http://support.microsoft.com/kb/829785/.
Microsoft says that computer running Windows Server 2003 Service Pack 1 will have compatibility problems with Computer Associates Brightstor ARCserve Backup 11.0. However, there are no problems with Brightstor ARCserve Backup 11.1, so an upgrade may be in order.
4/22/2005 Windows 2000 Bug in Windows Explorer
Security researchers at GreyMagic say that Windows Explorer in Windows 2000 has a serious bug in the Web View preview pane. An attacker may be able to construct a file that hides damaging code inside a document. It could be triggered when someone browses the file via Windows Explorer's web view. The GreyMagic advisory is at http://www.greymagic.com/security/advisories/gm015-ie/. A story in eWeek says that Microsoft has confirmed this, although not via a Knowledge Base posting. That story is at http://www.eweek.com/article2/0,1759,1788600,00.asp. As a workaround, Windows 2000 users can go to Windows Explorer and give the Tools, Folder Options, Use Windows Classic Folders.
4/21/2005 Buffer Overflow on Real Player
RealNetworks has fixed a bug in almost all versions of their RealPlayer and RealOne Player on Windows, Mac, and Linux platforms. The bug caused a buffer overflow that may have allowed an attacker to run their own code on the victim's computer. Go to http://service.real.com/help/faq/security/050419_player/EN/ to get your update.
4/20/2005 Long Awaited Fix for Windows Media Player
Microsoft has patched Windows Media Player 9 and Windows Media Player 10. This update fixes a number of bugs, including one where the Windows Digital Rights Management can be fooled into redirecting the user to a hostile web page. This security problem was widely publicized earlier in 2005. Couriously, the fix was released after Microsoft's normal Patch Tuesday for security fixes. Get your fix at http://support.microsoft.com/kb/892313/.
Apple iDVD 5.0 lets you create menus by adding folders to an existing menu. However, if you go to map view, and change the theme of a submenu, and then try to undo the change, you may not be able to get out of map view and get back to the main project window. They don't say if you will be stuck there for eternity, or if a reboot sets you free. They do say that this has been fixed in iDVD 5.0.1.
Microsoft says that there is an incompatibility between Windows Server 2003 Service Pack 1 and NetIQ AppManager 6.0. If you try to use the Web Console to add computers, the domain list will have a bunch of blank records. Microsoft says to check with NetIQ at http://www.netiq.com/support/ for an update.
The Mozilla Foundation says that there is a bug in the way that Javascript in Firefox 1.0.2 and the Mozilla Suite 1.7.6 handles regular expression string replacement. A hostile website could exploit this to capture data from visitors to the site. The hostile website has no control over what gets captured -- they would have to sift through the data and hope something valuable is in there. This lessens the usefulness of this attack. It has been fixed in Firefox 1.0.3 and the Mozilla suite 1.7.7.
Oracle has a Critical Patch Update for most versions of the Oracle Database, the Oralce Application Server, the Oracle Collaboration Suite, and E-Business Suite. Since they haven't figured out how to construct their bulletins in HTML, you can see the details in this PDF file at http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf.
OpenOffice.org has released a security update for OpenOffice 1.1.4. This is to fix a security bug in all previous versions of OpenOffice, for all platforms, including Windows, Mac, Linux, and Solaris. The problem is a heap overflow that is possible when a DOC file is opened, which may allow attackers to trigger some hostile code. Get the patch at http://download.openoffice.org/1.1.4/security_patch.html.
The PHP Group has released the PHP 4.3.11 update, to fix 70 non-critical bugs, plus a number of security bugs in the unserialize(), swf_definepoly() and getimagesize() functions and the exif and fbsql extensions. Get all the details, plus the link to the update, at http://www.php.net/release_4_3_11.php.
Red Hat has a kernel update for Red Hat Enterprise Linux 4 and the Red Hat Desktop 4. This update fixes a couple of bugs that local users could exploit to trigger a denial of service attack, and possibly to run their own code on the server. The entire list of bugs, plus links to the download, is at https://rhn.redhat.com/errata/RHSA-2005-366.html.
4/19/2005 Bug in McAfee Internet Security Suite
Researchers at iDefense say there is a bug in the McAfee Internet Security Suite 2005. The problem is with lax permissions on who can make changes to files in the McAfee application. A local attacker without Administrator permissions may be able to substitute a file with malicious code, or otherwise change things. According to iDefense, McAfee has acknowledged the bug and is providing fixes through their automated updating service. McAfee also says this only affects "an extremely small subset" of their users. Read the original security bulletin at http://www.idefense.com/application/poi/display?id=233.
Apple says that the Mac OS X 10.3.9 update fixes a number of bugs in Finder. One could fragment files, but still leave them usable, if you copy more than one file at a time. Another bug could actually damage a file if they are copied to a FAT16 or FAT32 volume.
When using Stickies in Mac OS X 10.3.8 and earlier, there is a bug that could cause Stickies to crash when creating a new one. Another bug may cause them to be invisible. These bugs have been fixed in Apple Mac OS X 10.3.9.
After installing Windows Server 2003 Service Pack 1, you may not be able to successfully run Hewlett-Packard Insight Manager 4.0. Instead, Microsoft says you may only see error messages. Microsoft says to look to HP for an update. They also say you may learn more by reading http://support.microsoft.com/?kbid=887741.
The Mozilla Foundation says that the pop-up blocker in Firefox 1.0.2 and in the Mozilla Suite 1.7.6 may allow a security breach. After the pop-up is blocked, if a user goes to unblock the pop-up, any Javascript within it may be run at elevated privileges and then could install hostile code. This has been fixed in Fireforx 1.0.3 and the Mozilla Suite 1.7.7. As a workaround, don't unblock pop-ups unless you really trust them.
Sun Microsystems says their Sun Java System Web Server 6.0 Service Pack 7 running on Windows may be open to a denial of service attack. A remote user may be able to attaci and cause the server to lock up. This has been fixed in Sun Java System Web Server 6.0 Service Pack 8 and later. They also say that Sun Java System Web Server 6.1.x is not vulnerable.
4/18/2005 Windows Server 2003 Service Pack Breaks Microsoft Apps
Microsoft says that after you install Windows Server 2003 Service Pack 1, you will have some compatibility problems with Microsoft Application Center 2000 Service Pack 2. Applications may have problems connecting to a server when a cluster is created. Microsoft says to see http://support.microsoft.com/?kbid=329473 for workaround information.
When using Mac OS X 10.3.6 through 10.3.8, if you have the Speak Total option turned on, or the Speak Button is pressed, then the Calculator Window may not appear. Apple says they have fixed this in Mac OS X 10.3.9.
If you are using Safari in Apple Mac OS X 10.3.8 or
earlier, visiting certain websites may cause a
Bad Server Response
alert. Apple says that some websites where this may happen include msnbc.om,
mail.yahoo.com, and ticketmaster.com. They say this has been fixed in
Safari in Mac OS X 10.3.9.
Now they tell us. Three days after the 4/15 IRS deadline, the US Government Accountability Office says that lax controls at the IRS may make it possible for outsiders to browse through citizen's tax returns. The GAO also says that the IRS might not be able to tell when this is happening. (Well, it's not like we have sensitive financial data in our returns.) Read the whole thing at http://www.computerworld.com/securitytopics/security/holes/story/0,10801,101166,00.html.
Once you have installed Windows Server 2003 Service Pack 1, Microsoft says you may have compatibility problems with the Microsoft Internet Security and Acceleration (ISA) Server 2004 Standard Edition. The problem will be with Virtual Private Network (VPN) Management. You will need to install the ISA Server Service Pack 1 to fix this. Get it at http://www.microsoft.com/downloads/details.aspx?familyid=69c5d85c-5c80-473c-9cb4-60dda75d568d.
There is a possible bug in Mozilla Firefox 1.0.2 and the Mozilla Suite 1.7.6 in the way that some Javascript objects aren't properly validating things. Theoretically, this could be used by an attacker in some sort of attack, although the Mozilla Foundation says that no conceptual proofs of these attacks have surfaced. This has been fixed in Firefox 1.0.3 and Mozilla Suite 1.7.7. Mozilla credits Georgi Guninski for finding this bug.
The Mozilla Foundation says that a search plug-in could be designed to steal either cookies or page contents, and then use this information in some sort of cross-site scripting attack. All search plug-ins aren't a threat -- this has to be deliberately coded in by attackers. This has been fixed in Firefox 1.0.3 and Mozilla Suite 1.7.7. Mozilla credits Michael Krax for finding this.
4/17/2005 Apple Patches Safari Bug
The Mac OS X 10.3.9 Update fixes a security bug in Safari. Without the update, in both the Mac OS X client and server, a hostile website may be able to combine some HTML and Javascript to run hostile content in the local domain. Apple credits David Remahl for finding this problem.
Apple says their Mac OS X 10.3.9 Update takes care of some problems in the kernel. There was some syscall emulation functionality in the kernel that had a heap overflow. This bug could be exploited to trigger a kernel panic and thus a denial of service. Apple says that this buggy function wasn't even being used, so it got thrown out of version 10.3.9.
IBM says that if you are using the Lotus SmartCenter
to add addresses, you may find that those that begin with the letter "M" don't
get accepted and thus saved. There is no error message. They say the
problem is probably a corrupte Address.TXT file, though they don't say
why it's only the Ms that bear the brunt of the problem. See
http://www-1.ibm.com/support/docview.wss?rs=479&context=SSKTYF&dc=DB520&uid=swg21087101 for the steps needed for a fix.
Make sure you have enough computer resources to install Windows Server 2003 Service Pack 1. If you don't quite have enough, you will still be able to start the Windows Server 2003 SP1 installation, and all the files will be extracted. However, you won't see any installation screen or wizard to guide you through the installation steps. However, if you go to the Task Manager, you will see that two of the installation files are running, Update.exe and WindowsServer2003-KB889101-SP1-processor-language.exe. See http://support.microsoft.com/?kbid=889101 for details on how to free up resources.
Microsoft says that once you have installed Windows Server 2003 Service Pack 1, you may not be able to use the Microsoft Outlook Web Access to get mail in a user mailbox that is on an Exchange cluser. Microsoft has an update to fix this. Get it at http://go.microsoft.com/fwlink/?LinkId=37488.
Microsoft says that once you have installed Windows Server 2003 Service Pack 1, you may have compatibility problems with Citrix Metaframe Xpe FR3. You may not be able to connect to the server with remote clients. Microsoft's only advice is to check with Citrix at http://www.citrix.com.
4/16/2005 Firefox Fixes Favicon Flaw
The Mozilla Foundation has patched a critical bug in Firefox and in the Mozilla Suite. A malicious webpage may be able to play tricks with the favicons function, which is what adds the little website logo to your address bar or bookmarks list. As a result, they may have been able to run a script that would run malicious content on your computer. This is fixed in Firefox 1.0.3 and Mozilla Suite 1.7.7. The Mozilla Foundation credits Michael Krax for finding this bug.
Microsoft says that after you install Internet Explorer 6 Service Pack 1, you may break a custom pluggable protocol handler, so that it can't set or retrieve cookies from websites. Microsoft has a hotfix to fix the bug introduced by their service pack. This hotfix will be included in a future service pack, but if you need it right away, go to http://support.microsoft.com/?kbid=827644 to see how to contact Microsoft to get the fix, plus get info on a Registry edit that must also be done.
Microsoft says that after you install Internet Explorer 6 Service Pack 1, when you try to print pages the total number of pages displayed in the print queue may be incorrect. Microsoft has a fix, which will be in the next Internet Explorer 6 service pack. If you can't wait for that, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 889333. Note that you might be charged for this call. You will also need to read that article, at http://support.microsoft.com/?kbid=889333, to see the Registry edit that you also need to do.
The Mozilla Foundation has fixed a bug in Firefox 1.0.2 and earlier that may allow for atacks via the Firefox sidebar. There are some missing security checks when a website uses the _search target to open links in the Firefox sidebar. This could be used to install some malicious programs on your computer, or to steal data, and thus has been labelled a critical bug. This has been fixed in Firefox 1.0.3. The Mozilla Foundation credits Kohei Yoshino for finding this bug.
A flaw in the way that Mozilla Firefox or the Mozilla Suite uses some privileged user interface code may be exploited by hostile websites. The website, through some innocent behavior like clicking a link or opening a menu, might be able to do a DOM property override and then do their damage. Apparently, there are some exploits circulating about this bug. It has been labelled critical by the Mozilla Foundation. It has been fixed in Firefox 1.0.3 and the Mozilla Suite 1.7.7. The Mozilla Foundation credits moz_bug_r_a4 for finding this bug.
There is a bug in the plugin-finder of Mozilla Firefox 1.0.2. Depending on the way an attacker may configure their webpage, instead of finding a plugin you may find some malicious script that could run hostile code on your computer. This has been fixed in Firefox 1.0.3. The Mozilla Foundation credits Omar Khan for finding this bug, and Doron Rosenberg for finding a variation.
4/15/2005 Adobe InDesign Decides to Quit
While running Adobe InDesign CS on a Mac OS X 10.2.x
or 10.3.x computer, the program may crash with one of these uninformative
error messages:
Adobe InDesign is shutting down. A serious error
was detected, please restart.
Or
InDesign has unexpectedly quit.
Adobe has two possible solutions to this. The first, if applicable, is to update
to Mac OS X 10.2.8 or later. If you've already done that, then they suggest
re-creating the InDesign preferences file. See http://www.adobe.com/support/techdocs/330125.html for
help on how to do that.
4/14/2005 Some Massive Identity Theft Numbers
Two different data brokers, ChoicePoint Inc. and LexisNexis, have testified before Congress that possibly "hundreds of thousands" of US residents have had their data compromised. That's not the greatest news to read the same week you e-filed your tax return. Also "Even if Social Security numbers were not for sale on the Internet, the reality is Social Security numbers have been compromised in many ways for such a long period that it's laughable that either government or commercial enterprises [use them]... as identifiers for maintaining security of databases." Read the whole thing at http://www.computerworld.com/securitytopics/security/story/0,10801,101058,00.html.
4/13/2005 Bug in Windows Shell
Microsoft says there is a bug in the Windows Shell that may allow a remote attacker to run their code on your computer. However, for this to happen, you would have to open up an attachment that was sent to you via email. This affects Windows 2000, Windows XP, and Windows Server 2003. (It has been fixed in Windows Server 2003 Service Pack 1.) Microsoft says that the exploit happens through unregistered file name extension types. If a system is configured to block unknown names, it should help prevent this vulnerability. Microsoft only deems this an Important, not a Critical Update. You can get the updates at http://www.microsoft.com/technet/security/bulletin/MS05-016.mspx. Microsoft credits iDEFENSE for finding this bug.
Apple says their computers are for people who think differently. However, they aren't for people who install differently. They say that if you have installed iLife, you should not move or rename any of the applications from the default Applications folder. If you do, you may get one of any number of error messages when you try to start an iLife application.
Apple says that if you import a layered image from Adobe Photoshop into Apple Final Cut Pro, and then later make some changes to one of the layers back in Photoshop, it may cause distortions in the way the image appears in Final Cut Pro. When the image is first imported, Final Cut Pro figures out how to deal with each layer. If layers are then changed, Final Cut Pro might get confused. See http://docs.info.apple.com/article.html?artnum=301150 for more information.
IBM says that if you are using Lotus Notes, and have set up a repeating Calendar entry with alarms, after a certain point the alarms may stop working some of the time. This will happen even if you have the Notify Me option turned on. This has been fixed in Lotus Notes/Domion 6.5.4.
Microsoft says that after you install the hotfix for the Windows Shell described in Security Bulletin MS05-016, for the vulnerability in the Windows Shell on a Windows XP Service Pack 2 computer, the hotfix will be listed in the Add/Remove Programs applet in the Control Panel. However, the "Installed on" date will not be added, and the fix will not appear in the correct chronological order. Instead, Microsoft says you should be able to find it at the top of the Windows XP Software Updates list.
Microsoft says that there is a bug in their Microsoft Message Queuing (MSMQ) service that may allow an attacker to completely take over your computer. However, this component is not installed by default in any Windows system -- it's something you have to add separately. Also, this is not the Microsoft Instant Messaging client, it is something different. If you do have it installed, you want to get the fix for this at http://www.microsoft.com/technet/security/bulletin/MS05-017.mspx. Microsoft credits Kostya Kortchinsky with CERT RENATER for finding this bug.
Microsoft has a security patch for the Windows kernel in Windows 2000, Windows XP, and Windows Server 2003. This will patch four different bugs that may allow someone to elevate their privileges on your computer, or cause it to crash. None of the bugs can be exploited remotely; the attackers need to be able to log on locally. There are also workarounds for some of the bugs. You can get the patch at http://www.microsoft.com/technet/security/bulletin/MS05-018.mspx. Microsoft credits John Heasman with Next Generation Security Software Ltd., Sanjeev Radhakrishnan, Amit Joshi, and Ananta Iyengar with GreenBorder Technologies, and David Fritz of iDefense for finding these bugs.
Microsoft says that after you install the hotfix for the Windows Shell described in Security Bulletin MS05-018, for the vulnerability in the Windows kernel on a Windows XP Service Pack 2 computer, the hotfix will be listed in the Add/Remove Programs applet in the Control Panel. However, the "Installed on" date will not be added, and the fix will not appear in the correct chronological order. Instead, Microsoft says you should be able to find it at the top of the Windows XP Software Updates list.
Microsoft says that after you install the patch for Security Bulletin MS05-019, for the vulnerabilities in TCP/IP, onto a Windows 2000 Service Pack 3 computer, you may see network performance deteriorate. The network throughput may only be about a quarter of what it used to be. This is because the patch changes a setting in the default TCP receive window. Microsoft has a Registry edit that will help speed things up again. Go to http://support.microsoft.com/kb/890345/ to see the details and to see important safeguards when editing the Registry.
Microsoft says that when you install the Cumulative Security Update for Internet Explorer that is in security bulletin MS05-020, the installer checks to see if some files on the computer have already been updated by a previous Microsoft hotfix. The installer only does a partial job, however. It will check for hotfixes that have been released since Microsoft Security Bulletin MS04-038, which was released 10/12/2004. In some cases, if you haven't consistently been applying the IE cumulative security fixes but have just been applying some of the hotfixes, you may lose a few of the updates. Check out http://support.microsoft.com/kb/890923 to see what may happen if you've done this.
Red Hat has an updated package for GAIM, the multi-protocol instant messaging client that is included in Red Hat Enterprise Linux 3 and 4, as well as in the Red Hat Desktop 3 and 4. There are a number of bugs in the GAIM client that a remote attacker may be able to exploit, which would cause GAIM to crash. Get the update at https://rhn.redhat.com/errata/RHSA-2005-365.html.
Red Hat says that there is a bug in the way that their dhcp package for Red Hat Enterprise Linux 2.1 logs error messages. If a DNS server with a bad attitude sends specially configured DNS replies, it could crash the dhcp package, resulting in a denial of service attack. It may also be possible for the attackers to run their own code on the computer. You can get the updated dhcp package at https://rhn.redhat.com/errata/RHSA-2005-212.html.
Sun Microsystems says that all current versions of Solaris appear to be vulnerable to ICMP attacks against TCP. This threat is discussed in draft papers from the Internet Engineering Task Force, and from CERT. At this point, they don't have any fix or workaround, but you can see what Sun does know at http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1.
4/12/2005 Critical Update for Windows TCP/IP
Microsoft has patched TCP/IP in most versions of Windows to fix five separate bugs that may allow remote attackers to crash your computer or possibly take it over completely. This affects Windows 2000 Service Packs 3 and 4, Windows XP Service Packs 1 and 2, and Windows Server 2003. Earlier versions of Windows (98, ME) are affected, too, but Microsoft says its not critical for them. This has already been fixed in Windows Server 2003 Service Pack 1, which was released last week. You can get patches for your version of Windows at http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx. Microsoft credits these people for finding these bugs: Song Liu, Hongzhen Zhou, and Neel Mehta of ISS X-Force; Fernando Gont of Argentina's Universidad Tecnologica Nacional/Facultad Regional Haedo; and Qualys.
Another month, another cumulative security update for Microsoft Internet Explorer. (I guess that's not quite fair -- there wasn't one in March.) This one fixes three new bugs in IE, plus includes fixes for all the previous bugs. The new ones are a DHTML Object Memory Corruption bug, a URL Parsing Memory Corruption bug, and a Content Advisor Memory Corruption bug. These affect Windows 2000, Windows XP SP1 and 2, Windows Server 2003, and also Windows 98, 98 SE, and ME. Remote attackers may be able to exploit these bugs to run their code on your computer, so this is a Critical Update. Get links to the updates at http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx. Microsoft credits Berend-Jan Wever working with iDEFENSE, 3APA3A and axle@bytefall working with iDEFENSE, and Andres Tarasco of SIA Group for finding these bugs.
Microsoft has issued a security update for Exchange Server 2000 SP 3, Exchange Server 2003, and Exchange Server 2003 SP 1. A remote attacker may be able to connect to the SMTP port on an Exchange server, and then issue commands that may either crash the server or run their own code on the machine. System administrators can find the links to update their version of Exchange at http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx. Microsoft credits Mark Dowd and Ben Layer of ISS X-Force for finding this bug.
Microsoft says that users of MSN Messenger 6.2 are vulnerable to a bug that may let a remote attacker take complete control of your computer. Yu can download a fix, or read some workaround information, at http://www.microsoft.com/technet/security/bulletin/ms05-022.mspx. This bug does not affect MSN Messenger 7. Microsoft credits Hongzhen Zhou for finding this bug.
Microsoft says there are two buffer overruns in Microsoft Word 2000, 2002, and 2003, as well as in Microsoft Works Suite 2001, 2002, and 2003. Either one of these buffer overruns could be exploited by a remote attacker, and could result in them taking control of your computer. Get links to updates at http://www.microsoft.com/technet/security/bulletin/ms05-023.mspx. Microsoft credits Alex Li for reporting this bug.
4/11/2005 MS Word Gives Nightmare to Dreamweaver
Microsoft Word's Track Changes feature may behave unexpectedly with Macromedia Dreamweaver or Contribute. If you import parts of a Word document into one of Macromedia's web editing programs, and that document has been set up to track changes, text that was deleted in the Word document may show up in Dreamweaver, no matter whether the settings for Display for Review or Track Changes is later turned off. Macromedia suggests some safeguards at http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=7d45cde; since this is part of a broader problem (what might be hidden in a Word document) they also point to Microsoft's help at http://office.microsoft.com/en-us/assistance/HA010983881033.aspx.
4/10/2005 Review of Cargo Magazine
Getting away from the usual bug coverage, here's a review of Cargo Magazine.
4/10/2005 Upgrade Upsets an iPod
Upgrade your iPod photo from version 1.0 to 1.1, and it might go a little goofy on you. Apple says that some transitions won't work, you may see a black screen during a slide show, and that colors may not appear correctly. Apple says that the colors may look like "abstract art" instead. Fix this by connecting the iPode to iTunes 4.7.1 after you do the upgrade. iTunes will update the photo library so that it will appear correctly. If you can't do that, Apple says restoring the iPod 1.1 software may also work.
Researchers at the security company Aladdin Knowledge Systems recently did a comprehensive study of sex-based websites (really -- they did it only for research!). Their study found up to eighty percent of the sites were being used to upload spyware, worms and Trojans. As one BugBlog reader -- who pointed out the article to me -- said "ONLY 80 percent?" Read about the study at http://www.techworld.com/security/news/index.cfm?NewsID=3431.
Macromedia says that their ColdFusion 6.1 Updater 1, when configured for the ColdFusion MX for JRun4 option, may create compiled java .class files under the web server root, in a place where end users can download them. This may lead to an information disclosure. Go to http://www.macromedia.com/devnet/security/security_zone/mpsb05-02.html to get the fix.
Microsoft says the audio volume level in Windows XP Media Center Edition 2005 computers may work unevenly if you have a Creative Labs Audigy sound card, and your edition of Windows XP Media Center is not an upgrade edition. At levels 1 through 16, you will only get small increases in volume, but get really big increases in levels 17 through 25. Microsoft has a Registry edit that will allow you to even this out. See the details, plus important cautions when editing the Registry, at http://support.microsoft.com/?kbid=896481.
There's an incompatibility between some of the Microsoft Windows XP Media Center Edition remote control buttons, and Microsoft IntellitType 4.11 or earlier. Install IntelliType, and the Back, Stop, Mute, and Skip buttons may not work. Get the remote back in working order by upgrading to IntelliType 5.0 or later. You can get that at http://www.microsoft.com/hardware/downloads/default.mspx.
Novell has an updated for the SuSE Linux 8.2, 9.0, and 9.2 kernel, as well as the SuSE Linux Desktop 1.0, and the SuSE Linux Enterprise Server 8. This fixes a bug in the Bluetooth network stack that allows a local user to possibly elevate their privileges.
4/8/2005 April's Patch Tuesday Will Be Busy
Microsoft has given advance notice that Tuesday, April 12 will be a busy day for people concerned with computer security. They will be releasing five security bulletins for Windows, at least one of which will have a Critical Rating. There will be one Critical bulletin for Microsoft Office, one Critical Bulletin for Microsoft Messenger, and one Critical Bulletin for Microsoft Exchange. They will also release an update of the Microsoft Windows Malicious Software Removal Tool via the Windows Update and the Download Center. After their release, they will be covered in the BugBlog and/or the BugBlog Plus.
Apple says that if you try to install iTunes for Windows, the installation may not work and you may end up with either Error 1406 or Error 1402 messages. If this happens, you still should be able to install iTunes, but you've got some work ahead of you. Apple says you must "thoroughly remove" any iTunes installations, and clean up temporary files. See http://docs.info.apple.com/article.html?artnum=93865 for the details. If you are still having problems, Apple has some suggestions, on that same webpage, for doing some Registry cleanup.
Cisco says that their Internetwork Operating System (IOS) 12.2T, 12.3 and 12.3T may have bugs that occur when processing Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server. A remote attacker may be able to exploit these bugs and gain unauthorized access to a network. Go to http://www.cisco.com/en/US/products/products_security_advisory09186a008042d519.shtml for fix information.
There are a number of bugs in Lotus Notes/Domino 6.x, that may lead to buffer overflows that crash the server or that could inject code into the HTML header which could lead to other problems. These have been fixed in Lotus Notes and Domino release 6.5.4 or 6.0.5. A bulletin at the Secunia website credits Mark Litchfield, NGS Software; Ollie Whitehouse, Symantec; and Juan C Calderon for finding and reporting the bugs.
According to a story on the Security Pipeline, Microsoft has acknowledged that the fix distributed with Microsoft Security Bulletin MS05-002 may cause problems with Windows 98, 98 SE, and ME computers. This security bulletin fixed bugs in curson and icon handling, but it may also have the unintended effect of slowing down Internet Explorer running on one of these versions of Windows. Microsoft says they have "been able to confirm these reports and are currently working on a resolution." If you remove the patch, the slowdown stops. However, you are then left vulnerable to the original problem. Read more at http://www.securitypipeline.com/159907285.
Some bad guys have started an email campaign using emails faked to look like they came from Microsoft. The emails will contain links to a site that looks like, but isn't, the Windows Update site. Once there, you will be lured into installing some bogus files that will infect your computer with the Troj/DSNX-05 Trojan horse. ZD Net talks with some security experts from Sophos at http://news.zdnet.com/2100-1009_22-5660042.html that may help you tell the fake Microsoft missives from the real ones. In particular, Microsoft does not send update notices in HTML formatted email.
4/7/2005 Print Preview Breaks Access 2002
If you do a File, Print Preview command in Microsoft Access 2002, and then go to the OfficeLinks list and click Publish It with Microsoft Word, you may break both the Open and Design options for your Microsoft Access objects. Microsoft has a hotfix for this, which will be in a future Office service pack. Can't wait for the fix? Contact Microsoft Technical Support and ask for the Access 2002 post-Service Pack 3 hotfix package dated 3/3/2005. Note that you may get charged for this call. More information about the fix is at http://support.microsoft.com/?kbid=895469.
4/6/2005 More disguises for Trojan Horse Programs
The Internet Storm Center has issued a warning about Trojan horse programs hiding within Web "postcards". You may get an email message that says something like "You have received a virtual postcard from a family member" with a link. Clicking the link will install the Trojan. Another set of threats may come masqerading as a greeting card from a legitimate card company such as Blue Mountain or American Greetings. (That's just great -- now I'll have to go back to buying snail-mail cards.) Read more about this at http://www.computerworld.com/securitytopics/security/story/0,10801,100874,00.html
Apple says that if you are using Pages and you have added the printer icon to the toolbar, it may appear faded and it won't wake up when you click it. To fix this, upgrade to Pages 1.0.1. Get this at http://www.apple.com/iwork/pages/download/. If you don't want to upgrade right now, you can still print, but you have to use the menu's File, Print command.
According to a story in ComputerWorld, security threats transmitted through instant messaging has increased 250 percent in the first quarter of 2005, compared to the first quarter of 2004. You can read more about that at http://www.computerworld.com/securitytopics/security/story/0,10801,100874,00.html. Also note that the Chod.B file, since April Fool's Day, has been coming in on messages pretending to be from Microsoft or Symantec, warning about security threats.
US CERT has issued a vulnerabilty note about Linux kernels with Bluetooth support. A bug in Bluetooth may have a local root vulnerability. This may allow a local attacker to run damaging code, or at least elevate their privileges. This has been fixed in the Linux kernels 2.4.30-rc2 and 2.6.11.6. Individual vendors should be releasing their own packages with this fix soon.
There's a new report about a bug in the Quake 3 engine from iD software. If an attacker connects to an online game server and intentionally sends a message that's too big, it might crash the server. This could affect the games Call of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Wars Jedi Knight and Jedi Knight II, and Wolfenstein: Enemy Territory. There's fix and workaround information at http://aluigi.altervista.org/adv/q3msgboom-adv.txt.
MandrakeSoft has issued their updates for Mandrake Linux 10.x, Corporate Server 2.1, and 3.0, to fix the TELNET bug problems that are widespread in Unix and Linux systems. See the fix information at http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:061.
Microsoft says that although you can go to your printer driver's properties and select a particular paper size, that choice will be over-ridden by any paper size that may be set in Microsoft Word. So a Word document is going to be printed with Word's choices, even if you've just made a change at the printer driver level. Microsoft says this is by design -- they want you to make the choices in Word.
Don't forget -- Microsoft has set April 12 as the date when you can no longer block Windows XP Service Pack 2 from coming in via Automatic Updates. According to at least one "expert study", only 24 percent of corporate IT departments have installed the service pack on the desktop.
If you are using Microsoft Windows Media Player 10
to play content on a secure web site (one where the URL starts with https://)
you may see this error message
A security problem occurred
and you won't be able to get the content to play. Microsoft says that
if this happens, you should download this content from the secure server
to your local computer. Then play the content from there.
Microsoft says that if you upgrade to Windows XP Media Center Edition 2005, you may break Windows Media Player 10. It either won't start, or it won't be able to play back files. Microsoft says this may have happened because some files weren't upgraded correctly, or the Digital Rights Management (DRM) license migration utility wasn't run. If you are having these problems, Microsoft has a fix available at http://support.microsoft.com/?kbid=884373.
Novell has released Novell Secure Login 3.51 Support
Pack 2. This support pack has a number of bug fixes for various password
functions, clears up some typos, and has a fix for a bug affecting long
URLs in SecretStore mode. Get the update at
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971137.htm.
Novell has issued a new release for the Novell Client 4.91 NWFS.SYS. According to their Knowledge Base, the release on 4/4/2005 is the same as the 3/22/2005 release, except the documentation was incomplete. A number of items that were fixed had been left off the fix list. So if you installed the update two weeks ago, you don't have to worry about this version.
4/5/2005 JavaScript Bug in Mozilla
There is a bug in the JavaScript engine of Mozilla Firefox 1.x and also Mozilla 1.7. This bug may allow heap memory to be exposed; this memory may contain sensitive information that could lead to further attacks. You can read the workings of Mozilla.org as they fix this at https://bugzilla.mozilla.org/show_bug.cgi?id=288688; apparently, part of this bug stretches back to 1997. They have a fix, but it has not yet been released. The bug was reported by Secunia at http://secunia.com/advisories/14820/ from Russian sources.
Adobe says there is a bug in both Acrobat 7.0 and the Acrobat Reader 7.0 for Windows. If a PDF file is created with an invalid count value in the root page node, it could crash Acrobat when they try to read it. According to Adobe, it won't be possible for the attacker to run hostile code after the crash; you could lose work, however, as well as time. To fix this, upgrade to version 7.0.1 of Acrobat at http://www.adobe.com/support/downloads.
Apple says that iDVD 5 supports these languages: Japanese, French, German, Dutch, Italian, Spanish, French Canadian, Simplied Chinese, Korean, Traditional Chinese, Swedish, Danish, Norwegian, and Finnish, as well as English. If you try running iDVD on a language that isn't supported, it may crash if you try to burn a DVD, or if you save a project as a disk image. The only workaround is to make sure you are working in a supported language.
Cisco says that their VPN 3000 Concentrators can be
crashed via an attack using SSL (Secure Socket Layers). This attack can
be used for denial of service attacks, but not to steal data or run hostile
code. They have a free update to fix this. Go to
http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml for the details.
Microsoft says that Internet Explorer running on a
Windows XP Service Pack 2 computer may crash on webpages that have scripts
that use the removeNode function. It will give you an error message with
blaming Mshtml.dll, with details something like
Iexplore.exe 6.0.2900.2180 Mshtml.dll 6.0.2900.2180 00052d7d
As a workaround, you can avoid the offending webpage. If you don't want
to do that, you can contact Microsoft Technical Support and ask for the
hotfix described in Knowledge Base article 892052. Note that you may
get charged for this call.
Microsoft says that if you install Office 2003 along with the Spanish proofing tools, and then install an Office 2000 program along with Spanish proofing tools, your Office programs may crash when you try to do a Spelling and Grammar check. Microsoft says you will need to reinstall Office 2003 to fix this. See the details at http://support.microsoft.com/?kbid=896146.
4/4/2005 Adobe Acrobat Discloses File Existence
Adobe Acrobat 7.0 and earlier, and the Adobe Reader 7.0 and earlier have a bug in the way they interact with an Internet Explorer ActiveX control. If this control is invoked directly by a webpage, an attacker may be able to learn whether certain local files exist. This will only happen on a computer that is running Microsoft Internet Explorer. According to Adobe, the file contents are not exposed. This has been fixed in the Adobe Acrobat and Acrobat Reader 7.0.1 update.
Installing Adobe Acrobat 7.0 Professional or Standard on a Windows XP computer may cause problems with Microsoft Word XP or 2003. According to Adobe, you may not be able to save macros, preferences or custom settings in Word. These are usually stored in the the Word template normal.dot, but Acrobat gets in the way. Adobe has some workaround suggestions at http://www.adobe.com/support/techdocs/331465.html.
Apple says that you may screw things up if you "improperly" disconnect your iPod from your computer. When is it improper? Don't disconnect during an update or a restore, while syncing music, or while in disk mode. Most people won't do that intentionally, but things can always get dropped or jostled, especially if you are hooked up to a port on a keyboard. If this happens, see http://docs.info.apple.com/article.html?artnum=300561 for ways to recover.
Lotus says that if the default font in Notes 6.0 on a Windows 2000/XP computer is set to MS Sans Serif, you wonlt be able to make text boldface. Lotus says they know about this bug, but don't plan to fix it. So pick a new default font.
A timing issue with Microsoft Windows XP may prevent a USB mouse, connected to the computer via a USB 2.0 hub, from being recognized when the computer boots up. If the mouse isn't recognized, the first thing you should do, once the computer is running, is to unplug the mouse and then plug it back in. If that doesn't work, Microsoft says to reboot. If that still doesn't work, they say to plug the mouse right into the computer, bypassing the hub. See more at http://support.microsoft.com/?kbid=893711.
Sun Microsystems says that in Solaris 2.x, 7, and 8, there may be situations where an unprivileged local user could use an Xview application that will corrupt a system or user file when it exits. This will happen when the exiting XView application has a text subwindow that owns the clipboard selection. The basic workaround, which you can read about in detail at http://sunsolve.sun.com/search/document.do?assetkey=1-26-27525-1, is to make sure some other application has control of the clipboard.
If you go to http://blogs.pcworld.com/techlog/archives/000591.html, you will see a very telling example that maybe, just maybe, not everything on the Internet is on the up and up. At the very least, it shows you one place you shouldn't go to look up a name and phone number.
You probably would realize this on your own, but how often do we get to work celebrity names into the BugBlog? If you receive an email saying "Watch Angelina Jolie and Brad Pitt cought (sic) on TAPE! SEXY CLIP! WATCH IT!" you will probably be suspicious. (If nothing else, the spelling mistake is a clue.) There is a .ZIP file attached to the email, which will launch the Ahker-F virus which will send messages to your email contacts, try to disable your computer's security software, and attack Microsoft's security update web site.
eEye Digital Security has made a preliminary announcement about two problems with Microsoft Internet Explorer and Outlook. Both are problems in default installations of Windows NT/2000/XP that may allow remote attackers to run their code, with minimal user interaction. No other details have been released while Microsoft is working on a fix. One potential workaround is to use Mozilla.
Microsoft says that their investigation has shown that no Microsoft products or platforms are vulnerable to the TELNET bug that has affected a number of UNIX and Linux-based systems. (Somewhere Steve Ballmer is smiling today.)
Novell has released a TELNET patch for all their versions of SuSE Linux. This fixes the buffer overflow bug in TELNET, found by iDefense, that may allow a malicious server to run code on a TELNET client. They say that this needs to be patched on all versions of SuSE Linux.
If you are having problems activating Symantec Norton
AntiVirus 2005 (or other Symantec products) there is a troubleshooting
page for you at
http://service1.symantec.com/SUPPORT/INTER/emeacustserv.nsf/eedocid/20040324164239925?
Open&src=&docid=20041001101742925. One of the things
they blame is parental controls. The good news is, you can activate your
product by phone. The bad news is, this may re-occur months after a successful
activation.