 |
|
|
|
 |
 |
|
|
 |
|
||
 |
|
||
 |
|
||
 |
 |
|
|
 |
|
||
BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company
Jump to the BugBlog archives (October 03 and earlier are public archives)
Dec 06Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02
*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.
Adobe | Apple | AOL | ATI | Computer Associates | Cisco | Dantz | EA | General | HP | IBM | Intel | Intuit | | LucasArts |Macromedia | Mandrake | McAfee | Microsoft | Mozilla | Novell | NVIDIA | Open BSD | Opera | Oracle | RealNetworks | Red Hat | Sun Microsystems | Symantec | Ubisoft | Winamp | Yahoo | Zone Alarm
Adobe
Adobe says that sometimes when you try to print from InDesign CS on a Mac OS X computer, you may get this error message
Printing Error: The Adobe Print Engine has failed to output your data due to an unknown problem.
Unfortunately, if the error is unknown, it makes it hard to find the fix. Adobe has four suggestions you can try. See them at http://www.adobe.com/support/techdocs/331427.html.
Adobe says that there is a bug within the Adobe License Management Service that may affect users of Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5 running on the Windows platform. This may allow unauthorized persons to run programs with administrator privileges. Adobe does not explicitly mention whether this can be exploited by a remote user or not. However, a similar bug has also been announced by Macromedia (it appears they have used the same third-party vendor for this "feature") and they say it can only be exploited locally in multi-user environments. Get the software update at http://www.adobe.com/support/techdocs/331688.html.
Adobe Reader 7.0 and 7.0.1, as well as Acrobat 7.0 and 7.0.1, for both Windows and the Mac, have a bug that may allow an XML script, embedded in Javascript, may allow an attacker to discover whether some local files exist or not. That itself is not a threat. However, knowing where a file may be could then be used in some further attack. There's a rather big mitigation involved -- the attacker can only verify whether a file exists if they already know the full path and filename. Adobe already has updates for the Windows version of Reader and Acrobat, at http://www.adobe.com/support/techdocs/331710.html. They say patches for the Mac version are on the way.
Adobe has released a fix for Adobe Reader 7.0 and 7.0.1 and Adobe Acrobat 7.0 and 7.0.1 for the Mac OS X platform. This fixes a previously-disclosed bug for both Windows and the Mac where a malicious PDF file can run code on a computer. Adobe has already updated the Windows version to fix this, and now the Mac fix is at http://www.adobe.com/support/techdocs/331709.html.
When using Adobe Bridge 1.0 on an Apple Mac OS X computer, opening a folder may bring up this error message
There was a problem with the database and "[file name]" was not updated correctly. This may effect searches…
You might be able to see images in the current folder, but you won't be able to browse to other folders. Ultimately, this is a permissions problem, so one workaround is to edit the user account in question so they can administer the computer. Upgrading to Adobe Bridge 1.0.1 will also fix this.
Adobe says that if you try to start Adobe Bridge from within Photoshop, you may get thiss error message
Error 2: photoshop is undefined. Line 1 -> photoshop.invokeBridge (false, false, ");
Assuming you can start Bridge as a standalone application, or from another one of the Adobe Creative Suite programs, then this is strictly a configuration problem. Adobe has a number of detailed workarounds listed at http://www.adobe.com/support/techdocs/331561.html.
When you are exporting an Adobe InDesign CS or CS2 document to a PDF, with PDF compatibility settings of PDF 1.4 (Acrobat 5), PDF 1.5 (Acrobat 6), or PDF 1.6 (Acrobat 7), you may have problems with transparent images. If these images stretch across master pages, they may leave lines in the middle of the spread. See http://www.adobe.com/support/techdocs/328330.html for solutions.
Adobe says that you may see one of these somewhat cryptic error messages in PageMaker 6.5 or 7.0 if you try to export to a PDF file:
Error creating Acrobat printer style
or
Warning the Acrobat printer style does not use the PostScript driver. This will be overridden
or
Could not open Printer Styles file. Invalid function number 8323:0001
They have two fixes. Either re-create the printer styles file, or configure the Acrobat Printer Style so it uses the Acrobat Distiller PPD. See how to do this at
http://www.adobe.com/support/techdocs/328927.html.
Adobe says that if you are running Photoshop CS 2 on a Windows computer, you may run into performance problems. These probably aren't bug-related. It's just that graphics-intensive programs like Photoshop (or lots of games) really press your graphics hardware to the limit, and older hardware might not be up to the task. Adobe has a discussion of the issues at http://www.adobe.com/support/techdocs/331412.html. In general, it may be time to go computer shopping.
Adobe says that if you download the Photoshop or Illustrator tryout files, which come as ZIP files, and you try to install them, you may get a prompt which asks for a serial number. Avoid this by first extracting Photoshop_CS2_ tryout.zip and then double-click on the Setup.exe file, which is within the newly extracted folder. See http://www.adobe.com/support/techdocs/331612.html for more.
Adobe says that a keystroke shortcut for Adobe Photoshop running on a Mac OS X 10.4 computer may conflict with other keystroke shortcuts in the operating system. In particular, the Command-Option combo to select highlights in an image may not work. Adobe has instructions on how to change keyboard shortcuts to change this at http://www.adobe.com/support/techdocs/331722.html.
Adobe says that if you are running a non-English version of Windows XP, you may have problems with the Merge to HDR command in Adobe Photoshop CS2. You may see this error message
Could not complete the Merge to HDR command because a command was not available.
Or
The operation could not be completed. Not enough storage is available to complete this operation.
Adobe has a number of workarounds that include trying to remove any non-Roman text characters, plus some general memory management solutions. See the details at http://www.adobe.com/support/techdocs/331730.html.
Apple
This one may be rare but nasty: if you are going to burn a project in Apple iDVD, and you also happen to have an Iomega REV drive hooked up to your computer, the erase-before-burn function in iDVD may get confused between the REV drive and your DVD-RW drive. As a result, it will erase the contents of your REV disk, and attempt to write the project there. (Hope that wasn't your backup.) Apple says to make sure to eject any REV disk before using iDVD to burn.
Don't believe everything you read, at least according to Apple. They say that the Apple Pages user guide says that you can add the spelling icon to the toolbar. However, if you go to the Customize Toolbar screen you will see that there is no such icon. Apple says that you can't add something that doesn't exist.
Apple says there may be a number of reasons why iTunes for Windows won't recognize audio CDs. (I always blame Digital Rights Management.) They have a list of troubleshooting steps at http://docs.info.apple.com/article.html?artnum=93444. They also have a CD Diagnostics utility available at http://www.apple.com/support/itunes/windows/cddiagnostics/.
If you are using your Apple iPod on a Windows 2000 or Windows XP computer, many conflicts can be traced back to the iPod Service, which either doesn't get loaded or has an incompatibility with another service. The error messages that are displayed will say
iPod Service Error.
Apple says there are four possible fixes for this, which you should try in the order they are listed at http://docs.info.apple.com/article.html?artnum=93716.
Apple says that sometimes your iPod won't get recognized by your Windows computer whenever you connect it via a FireWire or USB port. While this might be a subliminal message from Steve Jobs that you should buy a Mac, there are actually a number of troubleshooting steps that you can take. Go to http://docs.info.apple.com/article.html?artnum=61711 to see them.
Apple says that both iDVD and DVD Studio Pro can make 16:9 widescreen DVDs. However, there might be an incompatibility between some DVD players and the widescreen files, and they may not show up correctly, in a letterbox, on a normal 4:3 TV or video monitor. Apple has some workaround steps available at http://docs.info.apple.com/article.html?artnum=301840.
Apple says that dates might get screwed up when you sync photos between iPhoto and iPod photo. One problem might be that the date at the top of the iPod screen always says Dec 2000; or all the photos on the iPod get placed in the folder /iPodname/Photos/Full Resolution/2001/01/01. To fix this, you will first need to update to iPhoto 5.0.2; then you will need to follow the steps outlined at http://docs.info.apple.com/article.html?artnum=301395.
Apple says there is a conflict between some of their applications, including QuickTime Player, iTunes, iDVD, iMovie, GarageBand, and Final Cut Express, and the Digidesign Core Audio driver. This driver may have been installed along with Pro Tools 6.9. The conflict may keep these applications from opening. Instead they will just bounce in the Dock. See http://docs.info.apple.com/article.html?artnum=301658 for a fix for this conflict.
A particular font on an Apple Mac OS X computer, the Helvetica Fractions font, may cause problems for a number of key applications on the computer. These include Address Book, iChat, Safari and Mail. It may cause overlapping numbers and symbols to appear. If this happens on a Mac OS X 10.3 or later computer, turn off the font in the Font Book. In Mac OS X 10.2.8 or earlier, look for the font in the /Library/Fonts/ or ~/Library/Fonts/ folders, where it may show up as HelveFra or HelveFraBold. Apple says to remove it from these folders, but make sure you leave the regular Helvetica font, which is important.
The Apple Security Update 2005-006 for Mac OS X 10.4.1 tightens up security in two crucial folders. Now both the system cache folder and the Dashboard system widgets folder have secure folder permissions. This takes care of a potential problem where world-writeable permissions were placed on the two folders. This bug does not affect any versions before OS X 10.4. Apple credits Michael Haller for finding this bug.
Apple's Security Update 2005-006 for Mac OS X 10.4.1 fixes a number of bugs in CoreGraphics. One bug that gets fixed will keep unprivileged local users from gaining root privileges. Another fixes a potential denial of service in the way that poorly (or maliciously) designed PDF documents get opened.
A bug in the launchd in Apple Mac OS X 10.4.1 may allow a local user to obtain ownership of arbitrary files, which they can use to gain extra local privileges. This has been fixed in the Security Update 2005-006. Apple credits Neil Archibald for finding this bug.
Apple says that a bug in Mac OS X 10.4 and 10.4.1 may allow unsafe file extensions and MIME types to escape being marked as unsafe in the Apple Uniform Type Indentifier. This has been fixed in the Security Update 2005-006.
Apple says that if you are doing an NFS export in Mac OS X 10.4.1 or Mac OS X Server 10.4.1, and you use a -network or -mask flag to restrict the export, it won't get restricted. Instead, the filesystem will be exported to "everyone". This has been fixed in the Apple Security Update 2005-006. Earlier versions of Mac OS X aren't susceptible to this bug.
Apple says there is a file incompatibility problem between DVD Studio Pro 3 and DVD Studio Pro 4 and the files created by iDVD 5. If you use one of the Pro versions to open up a project file from iDVD 5, you will see this error message
IMPORTING: Error importing iDVD Project.
Apple says that you can import iDVD 4 projects. But you can't open iDVD 1 or 2 projects. (They don't mention iDVD 3 in their Tech Note.) They say there may be updates to this incompatibility mess at http://docs.info.apple.com/article.html?artnum=301385.
Apple says that there are multiple bugs in the PHP package for Mac OS X 10.3.9 (both client and server) and OS X 10.4.1 (both client and server.) These bugs could lead to remote attackers causing denial of service attacks, or they could possibly run their own code on the system. Apple's Security Update 2005-006 fixes this by updating to PHP 4.3.11.
Apple says that a bug in Bluetooth for all versions of Mac OS X 10.3.9 and 10.4.1 may allow files to be accessed during a Bluetooth object exchange that are outside the default file exchange directory. The Apple Security Update 2005-006 tightens up the Bluetooth security to prevent this.
Apple says there is a buffer overflow in the AFP Server which ships with Mac OS X 10.4.1. This overflow could be exploited by an attacker to run arbitrary code. This bug is fixed in the Apple Security Update 2005-006, as is another bug in the way that the AFP Server deals with volumes that are ACL-enabled.
Apple says that if a Mac OS X 10.4.1 computer is being used as a VPN (virtual private network) server, a bug may allow a local user to obtain root privileges. This is because of a buffer overflow in vpnd. This can't be exploited remotely. It is fixed in the Apple Security Update 2005-006.
Your tax dollars are at work: US CERT published a bulletin on 6/8/2005 warning of the danger of malicious Dashboard widgets being installed on Apple Mac OS X 10.4 computer. News of this first broke on 5/8/2005 (and was reported in the BugBlog on 5/10/2005). Better late than never. If you still haven't heard about this, you can always read their bulletin at http://www.kb.cert.org/vuls/id/775661. This was fixed in the Mac OS X 10.4.1 update.
AOL
Nothing this month
ATI
ATI says there are problems installing the Realtek Audio/Marvel Lan driver on a Windows 2000 computer. If you do an ATI driver installation with the ATI Catalyst Suite 5.6, the computer may crash. There is no fix yet.
If you play Blizzard Entertainment's Warcraft III on a Windows XP computer with an ATI graphics card and the ATI Catalyst Software Suite 5.6, you may see corruption when you rotate the display 90 degrees counter-clockwise. There is no fix yet, although I guess you could try turning 270 degrees clockwise.
ATI says that if you want to install the new Catalyst Software Suite 5.6 on a Windows XP computer, you will need to have the Microsoft .NET Framework Version 1.1 installed. If it isn't there, the ATI Control Center won't start correctly.
If you are running FutureMark's 3DMark05 testing software on a Windows XP comptuer with an ATI Radeon X700 Pro graphics card for a long period of time, Windows XP may eventually lock up. ATI says they have fixed this in the Catalyst Software Suite 5.5 update.
If you play NCSoft City of Heroes on a Windows XP computer with an ATI Radeon Xpress 200 series graphics card, the characters might appear corrupted. (I assume that is visual corruption, and not in their underlying moral values.) This has been fixed in the ATI Catalyst 5.5 update.
Cisco
Cisco says that a bug in their VPN 3000 Concentrator may let an attacker determine which group names are configured and valid. This happens only if users have a pre-shared key (PSK) for group authentication for remote VPN (Virtual Private Network) access. This information has been publically disclosed in a Security Advisory by the NTA Monitor. Cisco has an update to fix this at http://www.cisco.com/warp/public/707/cisco-sn-20050624-vpn-grpname.shtml.
Computer Associates
Nothing this month
EA
Nothing this month
General
Microsoft has a security advisory that talks about a phishing scheme that involves having multiple, overlapping browser windows, some of which don't display their origin. They point out that this could affect browsers in general (it's not just us!) and could be used to get users to input sensitive information to malicious sites. Read the whole thing at http://www.microsoft.com/technet/security/advisory/902333.mspx.
A survey by the Conference Board, the same group that checks on Consumer Confidence each month, say in their latest Consumer Internet Barometer that consumers are buying less online because of their concerns about Internet theft and security. Read the whole thing at
http://www.conference-board.org/economics/consumerBarometer.cfm. Also think about what may happen when you give your credit card to a waiter or waitress and they carry it back to the desk to process your bill.
Britney Spears was elated to learn she had regained the top spot on the charts, until she heard it was the chart listing the Top Celebrities associated with malware delivered by email. According to Panda Software researchers, she edged out Bill Gates. Rounding out the top five were Jennifer Lopez, Shakira, and Osama Bin Laden.
Spammers may be able to use something called "hostile profiling" to verify first that they have a valid email address, and secondarily to see what kind of interests the person owning that email address might have. They do this by seeing what kinds of websites an address may have been used for registration. Learning this may allow them to design spam or phising schemes that may be more effective. Read the whole article at http://www.pcworld.com/resource/article/0,aid,120886,pg,1,00.asp.
There have been many reports in the tech news media that virus writers may be working on a superworm. This might be a variation of the Mytob worm that not only infects your machine, but also turns off your security software, too. Researchers at Sophos and Trend Micro talk about the possibilities at http://www.computerworld.com/securitytopics/security/story/0,10801,102220,00.html.
A number of new variations of the Bagle worm have started to travel the Internet. The chief purpose of the worm now seems to be the harvesting of email addresses. While there seems to be a high volume of mail generated by these, it seems aimed at particularly naïve computer users. It comes with no subject line or body text, and the message has a zipped file attachment. (Almost reminds you of the cartoon where Bugs Bunny or other hero leaves the ticking time bomb, wrapped as a present, on the bad guy's doorstep.) If you persist in opening such highly suspicous material, at least make sure your virus signatures are up to date. Read more at ComputerWorld at http://www.computerworld.com/securitytopics/security/virus/story/0,10801,102143,00.html.
A poll commissioned by the makers of the Opera web browser finds that in a survey of online users in the United States, a bare majority of 51 percent realize that their choice of browser can affect their vulnerability to viruses and spyware. The rest, I guess, use Microsoft Internet Explorer.
Security researchers at Panda Software say that a tool that calls itself SpywareNo, may actually be one of the newer types of malicious software called "ransomware." This software will lock up or encrypt the files on your computer, and you have to pay the bad guys money to get a key to unlock your data. Read more about it at http://www.crn.com/nl/security/showArticle.jhtml?articleId=163702367.
Hewlett Packard
Nothing this month
IBM
IBM says that if you have the Lotus Notes 6.5.2 client (or higher) running with instant messaging and working with the IBM Lotus Instant Messaging and Web Conferencing (Sametime) server, they may interact badly. Both the client and server may see CPU time spike to close to 100 percent, and the Stmux and StCommuntity processes on the Sametime server may get really busy. As a workaround, logging off the Notes instant messaging client should restore things to normal. For a permanent fix, see http://www-1.ibm.com/support/docview.wss?uid=swg21209709.
IBM says that if you try to do a Find in a Lotus Approach text field, and you are searchinf for something that begins with the letters "if", you will get an error as soon as you type the two letters, because Approach will think you are trying to do some sort of IF/THEN operation within the dialog. Avoid the error by butting the search text within quotes, or use the Find Assistant.
IBM says that support for a scroll wheel wireless mouse is not available in Lotus 1-2-3, although it works in other Lotus SmartSuite applications. According to IBM, a a Logitech scroll wheel wireless mouse will not scroll, nor will a IBM scroll wheel mouse with a Microsoft PS/2 Port Mouse driver on a USB port. IBM does have some unofficial workarounds that may work -- but they emphasize that they are unofficial and "as-is". If you want to try them, see
http://www-1.ibm.com/support/docview.wss?rs=479&context=SSKTYF&dc=DB520&uid=swg21153806.
Intel
Nothing this month
Intuit
Lavasoft
Nothing this month
LucasArts
Nothing this month
Macromedia
Macromedia says that the eLicensing software included with Studio, Flash, Freehand, Dreamweaver, Fireworks, Director, Captivate, and Contribute, as well as the Macromedia Studio MX Suite, has a bug that can be exploited by a local user. According to Macromedia, local users may be able to exploit this and raise their privileges to that of the Local System. If you run these products in multi-user environments, get the patch at
http://www.macromedia.com/devnet/security/security_zone/mpsb05-04.html. Since Macromedia acknowledges Adobe, AutoDesk and Macrovision in their announcement, it probably indicates that this is the same bug (also in the 6/11/2005 BugBlog) that affects Adobe, and that it probably originated with licensing software from Macrovision.
If Macromedia Dreamweaver crashes when you try to do site-related functions, or crashes when it opens, the problem may be either a corrupted Dreamweaver site cache file (.dws file) or a corrupted site definition either in the Windows Registry or the Macintosh Site Prefs file. (This problem closed down the BugBlog for about a day last month.) Macromedia has a number of steps that will allow you to isolate the site cache that may be causing the problem, and shows ways to clean things up at http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=5989f7f4.
Mandrake/Mandriva
Mandriva (the company formerly known as MandrakeSoft) has an updated gdp package for Mandrake (or is it Mandriva) Linux 10.x and Corporate Server 2.1 and 3.0. This fixes a security bug that may allow an attacker to run their own code -- as long as they can trick a user into loading an executable file. Get the details at http://www.mandriva.com/security/advisories?name=MDKSA-2005:095.
Mandriva has released a new SpamAssassin (SA) version to fix a denial of service bug. The version of SA that ships with Mandriva Linux 10.1 and 10.2 can be tripped up by a carefully constructed email message that will cause SA to consume up to 100 percent of CPU time. Get the new version at http://www.mandriva.com/security/advisories?name=MDKSA-2005:106.
Mandriva has an updated openssl package for Mandriva/Mandrake Linux 10, 10.1, 10.2, Coroporate Server 2.1 and 3.0. This fixes a bug that may allow a cache timing attack, which can be exploited by a local user to steal cryptographic keys, which could then be used to possibly decipher communications encrypted with RSA, DSA, and DH. Mandriva credits Colin Percival for finding this bug.
McAfee
A sharp-eyed BugBlog reader sent along the following item from the InfoWorld Gripe Line. Apparently, if you want to download McAfee's latest security updates, you need to go Internet Explorer's Security settings and lower your security. This and a whole lot more McAfee gripes are available at http://weblog.infoworld.com/foster/2005/06/07.html.
Microsoft
Microsoft has released 10 security bulletins this month; the most critical one is a Cumulative Security Update for Internet Explorer. Most versions of IE are affected, and there are fixes for all the currently supported systems, including Windows 2000, XP, and Windows Server 2003. In addition to containing all the previous fixes, the fix that is described in MS05-025 has two new fixes. One is for a bug in the PNG Image Rendering function. A remote attacker may be able to exploit this to run their own code on your system. A bug in the XML redirect operation may lead to information disclosure. Get the update for your version of IE at http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx. Microsoft considers this a Critical Update. Microsoft credits Mark Dowd of ISS X-Force, Mark Litchfield of Next Generation Security Software Ltd., Thor Larholm of PivX Solutions, Inc, and the UK National Infrastructure Security Co-ordination Centre (NISCC) for finding these bugs.
As we come up to the second Tuesday of the month, better known as Microsoft Patch Tuesday, eWeek has published a story that shows how Microsoft develops their security patches. A Microsoft spokesman points out that they do a full audit of the software code, rather than rushing out a patch, because they feel it is better to do a complete job. Read the whole thing at http://www.eweek.com/article2/0,1759,1825805,00.asp.
Microsoft says that Internet Explorer 6 with Service Pack 1 or 2, running on a Windows XP computer, may have problems dealing with a page that has an HTML dialog box that has been modified using Dynamic HTML. Click inside this box, and Internet Explorer may crash. Microsoft has a hotfix for this, which will be in a future service pack. If you run into this situation often and can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 898050. Note that you may get charged for this call.
If you had trouble getting to your Hotmail account over the past weekend, it may have been because Microsoft took part of the MSN website offline to fix some bugs. The problem was at http://ilovemessenger.msn.com/. There was a cross-site scripting bug that may allow someone to steal Hotmail-related cookies, which would give the attacker access to the account. This is the second problem with part of the MSN site in about a week; earlier, there had been a hacking attack against the South Korean portion of MSN. See
http://news.zdnet.com/2100-1009_22-5734448.html for more.
Microsoft says that a bug in HTML Help could allow a remote attacker to take complete control of a Windows 2000, XP, or Windows Server 2003 system. The complete control could only happen if the user who falls into the trap was logged on with full administrative rights. Also, a number of earlier security patches from Microsoft could help limit the damage. Nevertheless, users should go to http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx to get the patch for their systems. Microsoft considers this a Critical Update. Microsoft credits Peter Winter-Smith with Next Generation Security Software Ltd. and eEye Digital Security for reporting the HTML Help Vulnerability for finding this bug.
Microsoft says that a bug in Server Message Block (SMB) within Windows 2000, XP, and Windows Server 2003 may allow an attacker to take complete control of a system. To do so, however, an attacker will need to be able to authenticate on the system. Microsoft considers this a Critical Update. In addition to the fix, which is at http://www.microsoft.com/technet/security/bulletin/MS05-027.mspx, Microsoft has a number of workarounds, including firewall configurations listed in the bulletin. Microsoft credits Qualys for finding this bug.
Microsoft says that their Office applications may have problems if you are trying to use an .art file in a document. These files are compressed graphics downloaded from AOL, and may not display as thumbnails, may display with reduced quality, or just may not open. Microsoft has three workarounds for the problem. Save the file in a different format, turn off image compression in AOL, or install the AOL Image Support Update. See http://support.microsoft.com/kb/899726 for details on all three.
Microsoft says that Outlook Express may have problems if it recieves a meeting request from Microsoft Outlook, and the message contains a URL leading to the subject of the meeting. The URL won't work correctly if the subject of the message has special or extended ASCII characters such as ?<>[]{}&). The only workaround is not to use those characters.
Microsoft says that if you use the Microsoft Business Solutions Customer Relationship Management (CRM) version 2.0 API to build a program that runs in the background to add contacts to Microsoft Office Outlook 2003, your computer may run very slowly and your mouse cursor may be unresponsive. Microsoft has a fix for this in the Microsoft Office Outlook 2003 post-Service Pack 1 hotfix of 4/28/2005. This will be distributed in a future Office service pack. If you need the fix right away, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 896986. Note that you may get charged for this call.
If you have a Microsoft Windows XP Media Center Edition 2005 computer connected to a TV via an S-video connection or composite video connection, you may have problems switching between live TV and a recorded program. Instead of switching, your screen may just go black. If that happens, Microsoft says you will need to close and then restart the Media Center.
Microsoft says that while running the Setup program for any of the programs in Office 2003, you may see this error message
Error 1919. Error configuring ODBC data source
What this error message should really say is "Hey, you have some keys missing from the Registry!" It's possible to replace those missing keys -- in fact there are a number of ways to do it. Microsoft explains them all at http://support.microsoft.com/kb/818954.
Changing the name of an account in the User Accounts portion of the Windows XP Control Panel may not prevent someone from logging on using the old account name. According to Microsoft, there are actually two names. There is the Full Name of the account, and there is the user name. Only the former gets changed. See http://support.microsoft.com/kb/897083 for details on how to change both.
Microsoft says that while you can write a program to clear the history in Microsoft Internet Explorer 6 (using the ClearHistory method), it might not clear the browsing history for your current day. This might be due to some interference by Windows Explorer. If you really need to clean up your history file, then contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 897169. Note that you may be charged for this call (and Tech Support may want to know what you are hiding!)
If you have an Adaptec Snap Server installed on your network, and then you install Microsoft Security Update MS05-011 on Windows XP clients, those clients may not be able to save, rename, or copy files from that server. Microsoft says you will need to get a fix from Adaptec at http://www.adaptec.com for this.
Microsoft says that if you are using Windows XP Media Center Edition 2005, and you aren't able to switch to the inset window from either the keyboard or the remote, but you can with the mouse, you need to change one setting. Go to the Media Center Settings, General, More Program Options and make sure Control the Media Experience is checked.
Microsoft says that the Caller ID function may not work on a Windows XP Media Center 2005 computer. This is because the Universal Modem driver that gets installed is not TAPI compliant, and doesn't support Caller ID. Essentially, you are going to need a better driver for whatever phone you have hooked up. See http://support.microsoft.com/kb/897084 for some general information.
Microsoft says there is a bug in the way that some Windows systems handle Web Client requests that may allow an attacker who has valid logon credentials, and who can log on locally, to take complete control of a computer system. This affects Windows XP Service Pack 1, and Windows Server 2003. However, the latest service packs for these two systems do fix this bug. If you are still vulnerable, get the patch at http://www.microsoft.com/technet/security/bulletin/MS05-028.mspx. Microsoft credits Mark Litchfield with Next Generation Security Software Ltd. for finding this bug.
There is a bug in the Microsoft Exchange Server 5.5 Service Pack 4. It is in the Outlook Web Access, and it may allow an attacker to trick another user into running a hostile script that would do a cross-site scripting attack. As a result, the attacker may be able to access any data on the Outlook Web Access server the the victim could see. System administrators should get the patch for this at http://www.microsoft.com/technet/security/Bulletin/MS05-029.mspx. Microsoft deems this an Important update. They credit Gaël Delalleau working with iDEFENSE for finding this bug.
Microsoft has a Cumulative Security Update for Outlook Express 5.5 and 6 on Windows 2000; Outlook Express 6 on Windows XP Service Pack 1; and Outlook Express 6 on Windows Server 2003. This bug may allow an attacker to take complete control of a computer, if they can convince the user to connect to a NNTP (News) Server. This patch also has all previously released patches for Outlook Express. Get it at http://www.microsoft.com/technet/security/Bulletin/MS05-030.mspx. Microsoft considers this an Important update. They credit iDEFENSE for finding this bug.
Microsoft says that there is a bug in Microsoft Windows Interactive Training and Step-by-Step Interactive Training that may allow an attacker to take complete control of a Windows 2000, XP or Windows Server 2003 computer. This includes these versions of Windows with the up-to-date service packs. Note that these training packages are not part of the default installation of Windows. The problem is in the way the training packages handle bookmark links. An attacker could create a file that holds a link that leads to a malicious website. Users should get the updates, which Microsoft labels Important, available at http://www.microsoft.com/technet/security/bulletin/MS05-031.mspx. Microsoft credits iDEFENSE for finding this bug.
There is a bug in the Microsoft Agent Software for Windows 2000, Windows XP and Windows Server 2003. This bug could be exploited by a hostile website that lures visitors to a particular page, and then gets them to do certain actions. Microsoft says that if you disable ActiveX controls you can prevent this kind of attack. If you really do want ActiveX (and maybe you shouldn't) then go to http://www.microsoft.com/technet/security/bulletin/MS05-032.mspx to get the patch. Microsoft only feels this is a moderate update.Microsoft credits Michael Krax for finding this bug.
Microsoft says that the Telnet client in Windows XP, Windows Server 2003, and Microsoft Windows Services for UNIX 3.5 on any platform, has a bug that may allow a remote attacker who is hosting a malicious Telent server to read the session variables. This information may be useful in future attacks. Microsoft calls this a Moderate update, which you can get at http://www.microsoft.com/technet/security/bulletin/MS05-033.mspx. Microsoft credits iDEFENSE for finding this bug.
Microsoft says there are two bugs in their ISA Server 2000. They may be used by an attacker to poison the server's cache, which can be exploited as a way of increasing the attacker's privileges. System administrators may want to get the patch at
http://www.microsoft.com/technet/security/Bulletin/MS05-034.mspx. Microsoft credits Steve Orrin of Watchfire and Han Valk for finding these bugs.
Very unusual installations of Microsoft Office may cause the Microsoft Script Editor to malfunction. In this case, they say that unusual means that you have installed one (or more) Office applications in a separate location from another installation of Office. This means you will have two or more copies of the Script Editor, and two or more copies of some key DLL files. This may cause the Script Editor to crash the first time you use it. See instructions at http://support.microsoft.com/kb/898789 for cleaning this up.
Microsoft says that if you have to restart Windows XP two or more times, and there are print jobs in the queue, then temporary print job files may get deleted. This will be accompanied by
Error Printing
messages. Of course, if you are doing multiple restarts of Windows, you may have more problems than just a possibly corrupted print queue. Go to http://support.microsoft.com/kb/883304 for workaround information.
Microsoft says that if a Windows XP Service Pack 2 computer uses Microsoft Internet Explorer to browse an HTML webpage that has a script that references HTML Component (HTC) files and XML files, the script won't run. This will happen if the webpage references those files that are in a Local Machine zone. Microsoft has four different workarounds that you can use in this situation. Check out which one is best for you at http://support.microsoft.com/kb/899291.
Microsoft says that if some other program installed on a Windows XP computer assigns itself as the default application for .TIF files, this may interfere with the ability of the Windows XP Fax Console to view faxes that have been received or sent. This may cause the error message
The fax document cannot be displayed because your operating system does not have a default viewer for fax documents (.tif files).
To fix this, you will need to reassign the .tif file to the Windows Picture and Fax Viewer. See http://support.microsoft.com/kb/900963 for details on how to do this.
Microsoft says that if you have a Windows XP computer with a high performance PC Card (PCMCIA), such as a high-speed CardBus USB host controller, after you wake it up from hibernation it may lose its high speed, and may run noticeably slower. Microsoft says this is because the device will not use bursting after it wakes up. The only workaround is to restart the computer (which loses the time-saving advantage of hibernation.)
Microsoft says that versions of the Samba server earlier than 3.0.12 may truncate the size of the return buffer to 255. This may cause problems with certain Windows XP client computer functions, and may lead to an access violation in Lsass.exe on the client. Microsoft has two workarounds -- you can either upgrade the Samba server to 3.0.12 or later, or you can install a hotfix on the clients. This hotfix isn't publically released yet, so you will have to contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 896725. Note that you may get charged for this call.
Microsoft says that if you use Windows Explorer on a Windows XP computer to format a removable media device such as a memory stick, a secure digital card, or a Compact Flash card, there is always a chance that it will be formatted with a file system that is not recognized by the hardware that uses the media device. That means that the CF card won't be recognized by the digital camera to which it belongs. This often happens when the formatting gets switched from FAT to FAT32, or vice versa. Microsoft has a hotfix for Windows XP that ensures that it will keep the current file system during a formatting. It will be in a future Windows XP service pack, but if you can't wait for the fix contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 898456. Note that you may get charged for this call.
If you are doing an Automatic TV Signal Setup in Windows XP Media Center Edition 2005, and your TV tuner adaptor has multiple auxiliary input ports (such as coacial, s-video, and composite) then Windows XP may not be able to do the automatic setup because it is unsure of where the video signal is. Microsoft says you will need to do a manual setup. Instructions for this are at http://support.microsoft.com/kb/897090.
Microsoft says that if you install the MS05-012 Security Update on a Windows XP Service Pack 2 computer, you may see an error message
Generic Host Process for Win32 Services Error
when you start your computer. Microsoft has a hotfix for this, which can be downloaded from http://support.microsoft.com/kb/894391.
Microsoft says that if you install the MS05-012 Security Update, you may have problems seeing the attachment names in Rich Text email messages. This will happen if there are bouble-byte character set (DBCS) characters, or if the filename has more than 32 characters. Microsoft has a hotfix for this, which can be downloaded from http://support.microsoft.com/kb/894391.
The Microsoft Internet Explorer 6 Content Advisor feature might cause the browser to crash with this error message
Exception Information
Code: 0xc0000005
This may happen if the Content Advisor is turned on, you go to the Content Advisor General tab and select the option Users can see sites that have no rating check box, and then you click a hyperlink to open a form. Microsoft has a hotfix for this, which will be in a future service pack. If you can't wait for the fix, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 897166. Note that you may be charged for this call.
If a Portable Network Graphics (PNG) file contains one or more IDAT chunks of zero length, you may not be able to see the images in Microsoft Internet Explorer 6 or Internet Explorer 6 Service Pack 1. Only a blank box will appear. As a workaround, you can use the Windows Picture Viewer for these files. If you really need to see them in IE, Microsoft has a hotfix. It will be included in a future service pack, but if you need it right away, contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 897242. Note that you may be charged for this call.
If you are running Windows Server 2003 on some Dell PowerEdge servers, you may be having Registry problems. Even if you aren't having problems now, Microsoft suggests that the problems are lurking in the background. The problem situation is a Dell PowerEdge with Windows Server 2003 factory-installed, and with one of these disk-drive controllers: Mraid35x.sys; Perc2.sys; A320raid.sys; Aac.sys; Symmpi.sys; Cercsr6.sys; Aarich.sys; Fasttx2k.sys. You can get a hot-fix for this, along with more details, at http://support.microsoft.com/kb/898792.
If you use Microsoft Outlook Express (OE) and haven't applied the MS05-030 Cumulative Security Update, you better do it soon. Examples of how to exploit the vulnerabilities in OE are circulating on underground hacking sites. At this time, you can only fall victim if you visit a newsgroup controlled by the hackers with the OE newsreader. Read about the details of this problem at http://news.zdnet.com/2100-1009_22-5761537.html. Get the patch from Microsoft at http://www.microsoft.com/technet/security/Bulletin/MS05-030.mspx.
Microsoft says that when running the Sysprerp utility on a Windows XP computer, and you create a custom Registry key and subkey, there may be situations where the permissions get applied incorrectly, which may cause this error message when you try to view the key
The permissions on <RegistryKeyName> are incorrectly ordered
If this is something you are likely to do (and for most of us, it isn't) see http://support.microsoft.com/kb/899182.
Microsoft says that on Windows XP Service Pack 2 computers, if you have installed the Microsoft MS04-038 or the MS05-025 Cumulative Security Updates for Microsoft Internet Exploarer, you may have a small problem playing some Windows Media High Definition Video (WMV HD) DVD disks in Microsoft Windows Media Player. You can click a chapter with your mouse, but that chapter won't play. Microsoft says that if you press Enter, the chapter will play. Also, if you are using Windows XP Media Center Edition, you can use the remote control to play the chapter.
After you install the MS05-026 Security Update to fix some bugs in HTML Help, Microsoft says that some HTML Help features may not work anymore. This would include some Tables of Contents in HTML Help, plus some other custom features that may have been written in HTML Help applications. Microsoft has some Registry Edits at http://support.microsoft.com/kb/892675/ that may help system administrators restore some of these custom applications.
According to Microsoft, some of the "features" that are in the HTML Help ActiveX Control may actually just be security holes, including one that enables cross-frame navigation. After you install Security Update MS05-026, applications written to use these features may not work. (That's probably a good thing.) However, Microsoft does have some information available for developers at http://support.microsoft.com/kb/896905/ that will help you evade the new security -- if it's for a good cause, of course.
Microsoft has a hotfix for Word 2002 to fix a bug in the way that multi-level outlines are numbered. While a list template or a list style is numbered and punctuated correctly, the format is not retained in a cut and paste. If you try to change the formatting in the outline, Word may crash. See the details to the problem at http://support.microsoft.com/kb/901031, as well as information on how to get the hotfix.
While a USB 1.1 video device should work correctly if you plug it into a USB 2.0 port on a Windows XP computer, it may not work if you plug it into a USB 2.0 hub that is connected to the computer. Microsoft says it may cause garbled or no video image. Microsoft says to skip the hub and connect the device directly to the computer.
Microsoft says that if you are recording live TV in Windows XP Media Center Edition 2005, and you press the Suspend or Hibernate button on the remote control, you will first see a warning message that asks if you really want to stop. If you change your mind and click Cancel in the dialog, and then later press Suspend or Hibernate again, you won't get the warning and the recording will be stopped immediately. If you don't want this to happen, Microsoft says you have to avoid the indecision in the first place.
Microsoft says that if you try to capture video from an analog video camera or VCR via the TV tuner card on a Windows XP Media Center Edition computer while the Media Center Reciever service is running, you may see this error message
The Device is in Use
Microsoft says you will need to stop this service before captuing the analog video. Details on how to do that are at http://support.microsoft.com/kb/902165.
If you are an administrator for a Microsoft Windows Server 2003 computer, you may be unsure whether you want to install Service Pack 1 before you do additional testing. Microsoft has a blocking tool that will keep the service pack from coming in via Automatic Update or Windows Update, similar to the blocking tool they had for Windows XP Service Pack 2. You can get it at http://www.microsoft.com/windowsserver2003/evaluation/news/bulletins/ws03sp1blockertool.mspx. If you don't, the service pack will be coming automatically on 7/26/05. (Coming automatically if you have Auto updates configured, that is.)
If you unplug a USB display device from a Windows XP computer, the device might still be shown in Device Manager. Microsoft says this is because the video-port based drivers weren't unloaded. The only way to unload these drivers is to restart the computer.
Microsoft says that in Windows XP Media Center Edition 2005, once you use the Optional Setup you may not be able to reset font sizes to their previous settings. However, there is a workaround via the Display Properties dialog box. See http://support.microsoft.com/kb/902164 for details on how to do this.
While other versions of Windows get a service pack, Microsoft seems to empahsize that Windows 2000 is coming to the end of its life cycle by releasing Update Rollup 1 for Windows 2000 Service Pack 4, rather than releasing Service Pack 5. You can get it from Windows Update or from http://support.microsoft.com/kb/891861; the latter also shows which previously released security bulletins are included in the rollup.
Microsoft says that when they re-release a security update or a hotfix, any corresponding Registry entries are not updated. They say this is planned. Security, and the way that these updates work, are not affected. They also say that Microsoft Windows Update and Microsoft Baseline Security Analyzer (MBSA) do not use Registry entries to look for installed fixes, so they are not affected. While they don't say it, third-party patch management tools that might use these Registry entries could be affected. See Microsoft's explanation at http://support.microsoft.com/kb/901168.
Microsoft says that their MS05-033 Security Bulletin, which tightens security on the Telnet client, adds a new Registry key, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\TelnetClient\AllowedEnvVariables, that can be used to specify extra environment variables to a Telnet client is allowed to disclose. See more about this new Registry entry at http://support.microsoft.com/kb/900934. Read more about the bulletin at http://support.microsoft.com/kb/896428.
Microsoft says that copying a file greater than four gigabytes to another folder may not work in Windows XP. You may run into problems if you are copying or dragging the file to a Windows Explorer folder or desktop, and the data comes from a CFSTR_FILECONTENTS clipboard format through an IStream interface. If you often copy big files, you may want to get a hotfix from Microsoft. Contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 898068. Note that you may get charged for this call. An alternative is to wait for the next Windows service pack.
Microsoft says that there is a bug in the way that the Windows XP Out of Box Experience handles password confirmation. The Setup Wizard asks you to set an Administrator Password, and then Confirm it. You can also skip this step. But if you type the Administrator password, change your mind and click the Skip button, the Administrator password will be set to the one you entered once and didn't confirm. (Hope you remember it, and didn't make a typo.) The only fix is to be careful during the Out of Box experience. Either skip this step altogether, or do the confirmation. Don't change your mind halfway through.
If the backspace key suddenly stops deleting text in Microsoft Word 2002 or 2003, it may be because a number of separate factors interact badly. If the Tools, Track Changes option is turned on, and on the Reviewing toolbar the Display for Review list is set for either Final view or Original view, the Backspace key may get disabled. As a workaround, you need to reverse one or more of these choices. See http://support.microsoft.com/kb/901124 for details.
While in Microsoft Word 2002 with Service Pack 3 installed, saving a document as a webpage may not work correctly if the document contains one or more tables, and there is an image that is in multiple cells of the table. Open up one of these pages in Microsoft Internet Explorer, and the images may be missing. Microsoft has a hotfix for this, which will be in a future Office 2002 Service Pack. If you run into this error a lot, you may want to contact Microsoft Technical Support to ask for the hotfix described in Knowledge Base article 899908. Note that you may get charged for this call.
Mozilla
Researchers at Secunia say that Mozilla 1.7.x and Firefox 1.x are vulnerable to a seven year old bug that would allow cross-site frame injection. This may let a malicious website spoof the contents of a trusted site. There is no fix yet; one obvious solution is not to mix up the browsing of a trusted site along with untrusted ones. In other words, don't browse a whole bunch of porn sites and then jump over and do your online banking. See the details at http://secunia.com/advisories/15601/.
Nortel
Security researchers at NTA report that Nortel Networks VPN (virtual private networks) routers have a bug that may allow attackers to launch a denial of service attack. Apparently, it would only take a maliciously-designed packet of only 300 bytes to crash a router -- so it won't take much bandwidth to cause serious problems. Nortel has a fix; you can read the NTA report at http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/index.htm and then follow the link for the patch.
Novell
Novell has a post Support Pack 3 interim release for BorderManager 3.8. This bundles up a number of fixes for BorderManager. It includes a couple of fixes for the Firewall Wizard, including one that will let it work with German browsers. It also fixes PROXY.CFG so that it is no longer case-sensitive. Get the update at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971295.htm.
Novell has updated TCP and IP in NetWare 6.5. The new packages include all the previous fixes for TCP and IP, as well as a new one that makes sure ARP responds to requests correctly. Get the update at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971698.htm.
Novell has released the 491_nwgina_1.exe patch file for the Novell Client v4.91 for Windows 2000 and XP. This fixes a bug that prevents the Fax application from appearing when you have installed the 4.9 Support Pack 2 or later client. Get the fix at http://support.novell.com/servlet/tidfinder/2971361.
Novell says that if you change your domain password in the Novell Client 4.91 for Windows XP and 2000, and then find that you can't access any of your encrypted files, this might be caused by a bug in NWGINA.DLL. This has been fixed in the 491_nwgina_1.exe patch file. Get the fix at http://support.novell.com/servlet/tidfinder/2971361.
Novell says there is an incompatibility between iFolder 2.1.3 and Windows Server 2003, which will prevent it from being installed on the server. This has been fixed with the patch ifolder213_iis.exe. Get it at http://support.novell.com/servlet/tidfinder/2969743.
Novell says that iPrint NW may have problems in the Novell Distributed Print Services (NDPS) when printer agents are in a printer pool. This may cause an ABEND in NDPSGW.NLM. This has been fixed in the first Post-Consolidated Support Pack 12 patch for iPrint on NetWare. You can only install this on a NetWare 6.5 Support Pack 3 server. Get it at http://support.novell.com/servlet/tidfinder/2971430.
NVIDIA
Nothing this month
Open BSD
Nothing this month
Oracle
Nothing this month
RealNetworks
RealNetworks has updated most of their software, to take care of four bugs that may allow attackers to take over your computer. One bug allowed an attack via an MP3 file, another via a RealMedia file, a third via an AVI file, and a fourth which could be used in combination with some versions of Internet Explorer which could allow an attack via an HTML page which could trigger a RealMedia file to play automatically. If you use RealPlayer, RealOne Player, RealPlayer Enterprise, Rhapsody 3 on Windows, Mac or Linux, check out the chart at http://service.real.com/help/faq/security/050623_player/EN/ to see if you are vulnerable. (There are more problems on the Windows platform.)
Red Hat
Red Hat has an updated freeradius package for Red Hat Enterprise Linux 4. This fixes a buffer overflow and an SQL injection vulnerability in the free RADIUS server. You can get the updated packages at https://rhn.redhat.com/errata/RHSA-2005-524.html.
Red Hat has an updated RealPlayer for Red Hat Enterprise Linux 3 and 4, and the Red Hat Desktop 3 and 4. This update fixes the security bugs in RealPlayer reported in the 6/26/ BugBlog. These bugs were cross-platform (affecting Windows, Mac, and Linux) and this takes care of the Linux version.
Red Hat has a critical update for the HelixPlayer media player that can be run on Red Hat Enterprise Linux 4 and the Red Hat Desktop 4. This fixes a buffer overflow in the way that HelixPlayer handles SMIL files, which may allow an attacker to run their own code. Get the update at https://rhn.redhat.com/errata/RHSA-2005-517.html.
Red Hat has an updated telnet package for Red Hat Enterprise Linux 2.1, 3, and 4. The previous version had a bug that a malicious server could exploit as a way to gather information from the client computer. Red Hat credits Gael Delalleau for finding this bug. Get the update at https://rhn.redhat.com/errata/RHSA-2005-504.html.
There is a kernel update for Red Hat Enterprise Linux 4 and the Red Hat Desktop. It fixes a number of bugs including: a bug in the auditing code that can be exploited locally for a denial of service attack; a raw devices bug that can also be exploited locally; plus a number of other unspecified bugs. Get the update at https://rhn.redhat.com/errata/RHSA-2005-420.html.
Red Hat has an updated gnutls package for Red Hat Enterprise Linux 4. This update squashes a denial of service bug in the GnuTLS library in versions earlier than 1.0.25. Remote attackers could mount the attack via a malicious TLS handshake that could crash the service. Get thue update at https://rhn.redhat.com/errata/RHSA-2005-430.html.
Red Hat has an update Open SSL package for Red Hat Enterprise Linux 2.1, 3, and 4, as well as the Red Hat Desktop 3 and 4. There is a bug that may allow a cache timing attack that may let a malicious local user steal portions of cryptographic keys. Red Hat credits Colin Percival for finding this bug. There is also a bug in the way that temporary files are created. Get the update at https://rhn.redhat.com/errata/RHSA-2005-476.html.
Red Hat has patched a security hole in the GnuTLS package for Red Hat Enterprise Linux 4. The GnuTLS library is used for the Secure Sockets Layer (SSL v3) and Transport Layer Security (TLS v1) protocols, and the bug may let a remote attacker tie up the computer in a denial of service attack over a prolonged TLS handshake. Get the patch at https://rhn.redhat.com/errata/RHSA-2005-430.html.
Sun Microsystems
Sun Microsystems has released their version of the Telnet patch for Solaris 7-10 on both the SPARC and x86 platforms. This fixes the cross-product, cross-OS bug in Telnet that may allow a remote attack. Get your Solaris fix at http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1.
Sun Microsystems says there are security bugs in two Perl modules, Safe.pm and CGI.pm, that may ship with Solaris 8 and 9, on both the SPARC and Intel platforms. Sun has info on how to check whether these modules are present, and patch information, at http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1.
Sun Microsystems says that Solaris 10 has a bug in the C library that may allow local unprivileged users to up their own security levels. This can be fixed with a patch for both SPARC and x86 from http://sunsolve.sun.com/search/document.do?assetkey=1-26-101740-1.
There is a bug in the Sun Microsystems Sun ONE Application Server 6.5 SP1 Maintenance Update 6 that could be explited to disclose files on the system. Sun says there is no workaround, nor any way to see if someone has used this bug. It has been fixed in the Sun ONE Application Server 6.5 SP1 Maintenance Update 7 or later.
Symantec
Symantec says that a bug in pcAnywhere (all versions earlier than 11.5, both Consumer and Enterprise) makes the systems vulnerable to a local attack. A non-privileged local user might be able to manipulate Caller Properties so that the next time a system is restarted they might be able to gain unauthorized Local System privileges. Symantec has fixes for this available at http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html.
There is a password vulnerability in Symantec Brightmail AntiSpam 6.0. The password for the quarantined spam is actually stored in an non-secure way, and if you upgraded to Brightmail AntiSpam 6.0 without doing a clean install, your database might be remotely accessible. This has been fixed in Brightmail AntiSpam 6.0.2. See the details at http://securityresponse.symantec.com/avcenter/security/Content/2005.05.31a.html.
Ubisoft
Nothing this month
Veritas
Veritas says there is a buffer overflow bug in NetBackup for NetWare Media Servers 4.5, 5.0, and 5.1 that may allow remote attackers to crash the server. They have updates available to fix this at http://seer.support.veritas.com/docs/277485.htm. They credit iDEFENSE for finding this bug.
Veritas has patched a number of bugs in Backup Exec 9.0, 9.1, and 10.0 for both Windows and NetWare servers. These security bugs were discovered by iDefense and NGS Software. Get links to each update at http://seer.support.veritas.com/docs/277429.htm.
Winamp
Nothing this month
Yahoo
Nothing this month
Zone Alarm
Zone Labs says that a bad upgrade in the daily Program Advisor update on 6/9/2005 caused at least 50,000 users to experience crashes. The update was released at 7:00 pm PT, which means that most of the affected people were in Asia. By the time morning struck in the US, and PCs were turned on and updated, the problem was fixed. Read the details at http://download.zonelabs.com/bin/free/securityAlert/24.html.