BugBlog Home
BJK Research Home
BJK Research Home

BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company

 

Jump to the BugBlog archives (October 03 and earlier are public archives)

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

 

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

BugBlog

Subscription portion of the BugBlog. The first bug of the day listed is always the free bug available to non-subscribers, followed by the subscription-only bugs.

8/31/2006 Word 2003 May Take a 30 Minute Break

Try to open a Microsoft Word 2003 XML document, and Word may lock up for anywhere from 10 to 30 minutes. Microsoft says this may happen when the Word doc is linked by another Microsoft Office document, and that other document is on a network share and is opened by someone else. There aren't any configuration changes that can avoid this. Microsoft has a hotfix for this, which will be in a future Office service pack. See http://support.microsoft.com/kb/923826 if you need to get the fix right away.

8/30/2006 PlaysForSure or Surely Doesn't Play?

You may have problems moving purchased content onto a Microsoft verified "PlaysForSure" portable device, even though you can move content ripped from a CD onto the device. Instead, Windows Media Player 10 may give the error message:
0xC00D10BC - Windows Media Player cannot synchronize the file because the device needs to be updated.
This happened after an update to the Media Transfer Protocol (MTP) driver by Microsoft unearthed a bug that causes compatibility problems with Microsoft's Digital Rights Management scheme. Microsoft has a hotfix for this, which you can download from http://support.microsoft.com/kb/922814/.

If you are using Apple Remote Desktop 2.1 and you adjust the brightness, your changes may be lost when the client goes into display sleep. This has been fixed in the Remote Desktop 2.2 Update.

The Apple Remote Desktop 2.2 update fixes a number of compatibility problems. It should now work with Mac OS X 10.4, and you should be able to install iTunes 4.7 and 4.7.1 with it. Apple says it will also do a better job installing .mpkg files.

EA Sports lists these controllers as compatible with Madden NFL 07: Logitech Dual Action; Logitech Rumble Pad 2; Gravis Eliminator Aftershock; Thrust Master Firestorm Dual Analog Gamepad; Thrust Master Firestorm Dual Power 3; Thrust Master Firestorm Dual Analog 3; Thrust Master Firestorm Wireless Controller; and Xbox 360TM Controller for Windows.

If you are having problems playing EA Sports Madden NFL 07 online, make sure these ports are open in your firewall or router: HTTP 80 (outbound); HTTPS 443 (outbound); TCP 13500, 28400-28499, and 32768-65535 (outbound), and UDP 1795 and 1797 (inbound and outbound).

Chalk AT&T up as the latest company to lose their customer's data. Credit card data on "fewer than 19,000 customers" that were stored on the server for the company's online store were stolen by hackers over the weekend. If you ordered something online from AT&T, check out http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002843.

Microsoft says that Windows Server 2003 may have problems with a memory leak for the Automatic Updates service. The leak may eat up memory quickly if you have set up Automatic Updates to check every two hours or more for updates. See http://support.microsoft.com/kb/914810 for hotfix information.

If you use the Driver Verifier utility in Microsoft Windows Server 2003 to monitor your SCSI adapter drivers, and then restart your computer, you may see one of these error messages
STOP 0x00000050
STOP 0x000000F4
Microsoft says this happens because physical memory references get out of whack after the monitoring. See http://support.microsoft.com/kb/923150 for hotfix information.

A report at the website ConsumerAffairs.com says that the failure rate for Microsoft Xbox 360 consoles is far higher than the 3 to 5 percent failure rate that Microsoft admits to. The story is based on an anonymous source within Electronic Arts, and is also based on complaints to that website as well as complaints at www.Xbox.com forums. Read the whole story at http://www.consumeraffairs.com/news04/2006/08/xbox_gamers02.html.

You may have read that hackers released a program called FairUse4WM that defeats the digital rights management features in Windows Media Play 10 and 11 with the MTV Urge Music Service. Not surprisingly, Microsoft has announced they will quickly move to plug this hole. Read more at http://www.eweek.com/article2/0,1895,2010354,00.asp.

Novell has released ZENworks 7 Asset Management Support Pack 1 Interim Release 8 (someone tell them that ZENworks 7.1.8 would be simpler). This is a cumulative update that also has new fixes for bugs that kept software scans from working if a path was greater than 260 characters. It also fixes compatibility problems with Oracle and Apple Mac OS X 10.4.6. Get it at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974309.htm

8/29/2006 Does Your Mac Have A Sleep Disorder?

Even computers can have sleep disorders. Apple says that even if you have set Mac OS X 10 computers to go into sleep mode after a certain period of inactivity, the computer actually stays awake. If you go to http://docs.info.apple.com/article.html?artnum=303698, you'll see a list of background procedures that you may not know are happening, but which effectively poke your computer and keep it awake. The culprit may actually be Bluetooth, an external drive, or even iTunes.

The July 2006 monthly cumulative update for IBM WebSphere Portal 5.1 WebSphere Member Manager (WMM) fixes a bug that was preventing LDAP DN from retrieving member attributes. It also fixes a groupcache timeout bug. Get the update at http://www-1.ibm.com/support/docview.wss?uid=swg24013154.

If you create a Microsoft Excel document that contains hyperlinks, and then save that spreadsheet as an html file, those links may not work when you click on them with Internet Explorer 6. Microsoft says this may happen if IE 6 is running on a Windows XP computer where Service Pack 2 has been installed, or a Windows Server 2003 computer with Service Pack 1. Microsoft has a hotfix, which will be in a future service pack. If you need to get the fix earlier, and to see a Registry Edit that accompanies the fix, see http://support.microsoft.com/kb/885439.

Microsoft says that if you use Windows Integrated authentication, you may get poor performance when using Microsoft Internet Explorer 6 to access a web application that's on a Microsoft Internet Information Services (IIS) 6 website. They say it's because IE clients will regularly reset TCP connections. Microsoft has some detailed workarounds you can do to the IIS configuration to prevent this. Somewhat surprisingly, the Microsoft Knowledge Base article also points out that the poor performance does not occur when you use alternative browsers such as Mozilla Firefox. That's right -- they actually cited Firefox by name! See for yourself at http://support.microsoft.com/kb/922703.

Sendmail 8.13.8 has been released. It fixes a number of bugs that crept into version 8.13.7, including a bug that will report insufficient disk space, even if you have plenty of room. This bug is set off if you use shared memory. Get the update at http://www.sendmail.org/releases/8.13.8.html.

On Sun Microsystems Solaris 8,9, or 10, you may get this error on system boot or when you try to probe Sun StorEdge D240 drives:
MSGREJ not expected.
Sun has fix information at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102283-1.

8/28/2006 The Continuing Saga of MS06-042

The story so far: Microsoft releases a critical security patch for Internet Explorer; a bug is found in the patch, so they get ready to re-release the patch; another bug is found just before the re-release; then finally it's fixed. Here's Microsoft's explanation: The problem was because of the way the patch affected Internet Explorer 6 Service Pack 1 on Windows 2000. While most home users have moved on to Windows XP, there is still a large percentage of enterprise customers on Windows 2000, and they would have been affected. Read the whole thing at http://blogs.technet.com/msrc/archive/2006/08/24/449860.aspx.

According to Apple, if you are running Adobe Photoshop CS2 or Adobe Illustrator CS2 on an OS X 20.4.6 or earlier computer, two files that are installed in the Legal.localized folder may cause problems. These files are
Applications/Adobe Photoshop CS2/Legal.localized//Tiếng Việt.html
/Applications/Adobe Illustrator CS2/Legal.localized/Tiếng Việt.html
They may cause the Disk Utility to report a serious failure. Of course, a hard drive going bad may also cause these serious failure messages. See http://docs.info.apple.com/article.html?artnum=302411 for more Apple advice on disk failures.

If the Automatically hyphenate document option is selected in Microsoft Word 2003, when you print the document a paragraph may get reprinted over itself. Microsoft says the second printing will be just slightly offset, which will make things unreadable. See http://support.microsoft.com/kb/924337 for the fix as well as a Registry edit that will need to be done.

In Microsoft Excel 2003, if a spreadsheet has some hyperlinks, and you copy and paste a portion of this worksheet into another worksheet, all the hyperlinks from the original document will get pasted, even if they are not part of the selection. Microsoft does say they get pasted as hidden hyperlinks. They have a hotfix for this, which will be in a future Office 2003 Service Pack. If you can't wait, see http://support.microsoft.com/kb/923335 for information on how to get the fix.

According to the Browser Fun blog, that spent July tracking bugs in popular browsers, the Microsoft MS06-042 patch for Internet Explorer not only patched eight publicized bugs, it also silently patched the Orphan Object Properties bug, without giving any explanation in the bulletin. See http://browserfun.blogspot.com/2006/08/putting-fun-in-browser-fun.html for more.

In Sun Microsystems Solaris 10, if you install a package with a pkgmap(4), and there is a "?" for the mode field of a file or directory, then some permissions may be set insecurely, and will let unauthorized users modify files within that directory. See http://sunsolve.sun.com/search/document.do?assetkey=1-26-102513-1 for workaround and fix information.

8/26/2006 Cisco Concentrator FTP Hole

Cisco says there are two bugs in their Cisco VPN 3005, 3015, 3020, 3030, 3060, and 3080 concentrators. These bugs are active when file management via File Transfer Protocol (FTP) is turned on. They may allow unauthenticated attackers to use FTP commands to delete files on the concentrator. See http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml for which versions of the software are affected, and how to get the fix.

Apple says that if you try to open twenty or more images in the Preview window on a Mac OS X 10.4.7 computer, you'll only get one window. However, you'll have a Preview drawer that you can use to see the rest of your images. See http://docs.info.apple.com/article.html?path=Preview/3.0.1/en/pv13.html for more.

Cisco says there is a bug in their Cisco PIX 500 Series Security Appliances, the Cisco ASA 5500 Series Adaptive Security Appliances (ASA), and the Firewall Services Module (FWSM). This bug may let unauthorized users to gain access to a device, and also let authorized users get locked out and not able to manage a device. Cisco has a software fix for this at http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml.

Intel is going to have to re-release one of their own security patches for Centrino-based computers. There is a bug in the Proset wireless connection software that came with the update that causes Proset to use more and more memory, until it finally bogs down the computer. The drivers itself are fine, so that you should be able to use the Intel hardware with third-party software until you install the patch from http://support.intel.com/support/wireless/wlan/sb/cs-010623.htm.

When you drag a piece of clipart from the Clip Art task pane in Microsoft Office XP to a document, your Office application may crash with this error message:
Not enough memory.
Microsoft has a hotfix for Office XP Service Pack 3 users. The fix itself may be in a future service pack. If you need to get it sooner, see http://support.microsoft.com/kb/923004.

Red Hat has an updated X.org package for Red Hat Enterprise Linux 4. This update fixes an integer overflow bug in the X.org server that may let authorized users trigger a denial of service attack, or possibly run their own malicious code. Get the update at https://rhn.redhat.com/errata/RHSA-2006-0634.html.

8/25/2006 Apple Recalling Laptop Batteries

The Sony battery recall has spread to Apple. There is a recall of 1.8 million 12 inch iBook G4 and 12 and 15 inch PowerBook G4 laptop computers, due to a fire hazard. The detailed information from Apple on what batteries are affected is at https://support.apple.com/ibook_powerbook/batteryexchange/. Sony says they think that there won't be any more battery recalls. Read about the whole thing at http://www.eweek.com/article2/0,1895,2008146,00.asp and read about an effort by manufacturers to ease fears of exploding laptops at http://www.eweek.com/article2/0,1895,2008264,00.asp.

8/24/2006 More IE Patch Problems

Researchers at eEye have disccovered that the new bug in the MS06-042 patch for Microsoft Internet Explorer are exploitable by bad guys. IE 6 running on Windows 2000, and IE 6 running on Windows XP Service Pack 1 are affected.The bug triggers a buffer overflow, and the overflow can be exploited to introduce malware into your system. Microsoft has also withdrawn a proposed patch for this patch, citing problems discovered during testing. See eEye's bulletin at http://research.eeye.com/html/alerts/AL20060822.html for details and workaround information. Microsoft's side of the story is at http://blogs.msdn.com/ie/archive/2006/08/22/711402.aspx.

8/23/2006 IE Patch Has Pop-Up Problems

A bug snuck into the Cumulative Update for Microsoft Internet Explorer 6 that was distributed with the August Security Bulletin MS06-042. Because of the bug, if you visit a website that has a custom pop-up object, IE may crash. The error signature may look like this on a Windows XP computer:
Iexplore.exe 6.00.2900.2180 Mshtml.dll 6.0.2900.2963 0006d031.
Microsoft has a hotfix, which will probably get distributed in the next cumulative update for IE. See http://support.microsoft.com/kb/923996 if you need the fix right away.

Adobe says that if you have more than 3638 fonts (3638? Shouldn't it be 2048 or 4096 or some other power of two?) installed on your comptuer, Adobe InDesign probably won't be able to access all of them. Normally you should be able to see them all in your Character Control palette or the Character Style and Paragraph style palettes. Adobe has some workarounds at http://www.adobe.com/support/techdocs/331766.html.

If you copy and paste text with different Basic Paragraph style definitions within one Adobe InDesign CS2 document, you may get the wrong attributes applied to the pasted text. Adobe says first to check to make sure you have the latest update to InDesign. You can check that at www.adobe.com/downloads. You may also have to remove any overrides to the text. See http://www.adobe.com/support/techdocs/328472.html for more.

Apple says that some Mac Pro computers running Mac OS X 10.4.7 may seem to be running video or games slowly. This problem is isolated to certain Mac OS X build numbers. You may have a problem if your build number is less than less than 8K1079. If it is, you may have to use your Install disks to do an Archive and Install, which will update your build number and take care of the problem. See http://docs.info.apple.com/article.html?artnum=304198 for details.

CipherTrust, a company that specializes in messaging security, says they have found a jump in zombified PC since August's Patch Tuesday. The malware infecting these computers are variations of the Mocbot worm, including Guebot and Graweg. Read the whole thing at http://news.zdnet.com/2100-1009_22-6108409.html.

It appears that you can't go on vacation in you've got a full mail box, according to Lotus Notes. Actually, what IBM says is that you won't be able to turn on the Lotus Notes/Domino Out Of Office (OOO) feature if you are over your quota in your mail database. That's because to turn on the OOO feature, you have to save some changes to your profile, and you can't do that if you are over your quota. As a workaround -- throw some stuff out, or at least archive some messages.

If you listen to My Music with visualizations turned on in the Windows XP Media Center Edition 2005, and then switch to watch Live TV, your TV screen may show up with a white screen instead of your TV channel. Microsoft says that pressing the Live TV button on the Media Center remote control should get the TV to show up.

Microsoft says that on Windows XP, if you go to the Creating a New RSA Exchange Key dialog, and then click Details, you will see a message saying this is a CryptoAPI Private Key, and you won't be able to make any changes. This problems could be caused by a number of different things, according to Microsoft. They have a hotfix, which will be in a future Windows XP service pack. If you need this fix right away, see http://support.microsoft.com/kb/906751.

Microsoft is dismissing claims of a new PowerPoint zero-day attack. (This bug was reported in the 8/21 BugBlog.) According to Microsoft, this is not a new bug and has already been fixed by them. You can read their side of the story at http://www.eweek.com/article2/0,1759,2006489,00.asp.

Red Hat says that a bug in the proc file system of Red Hat Enterprise Linux 4 may allow local users to gain root privileges by using a suid-wrapper on scripts. This has been fixed in a kernel update. Red Hat users can get the update at https://rhn.redhat.com/errata/RHSA-2006-0617.html.

Sun Microsystems says that Solaris 8 and 9, on all platforms, has a bug in the Role-Based Access Control in the File System Management profile. This bug may allow local users who have been given this profile to run commands as root. See http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 for patch information.

 

8/22/2006 Symantec Enterprise Manager Attacks

There is a bug in Symantec Enterprise Security Manager 6.0 and 6.5 that can be exploited by sending a specially designed invalid request. This will lock up both the ESM manager and the ESM agent. Both will need to be rebooted to recover from the attack. Symantec has both automated and manual fixes for all the affected ESM agents and managers. You can find the complete list at http://securityresponse.symantec.com/avcenter/security/Content/2006.08.21a.html.

8/21/2006 Another PowerPoint Bug Allowing Attacks

A brand-new attack against Microsoft PowerPoint was discovered on 8/19/06. A maliciously designed PowerPoint document, when opened, may be able to run code on your computer. The exact bug hasn't been pinned down yet, but has been noted because of the Trojan Horse-type activity it triggers. It does not appear to be the same bug patched by Microsoft in the August Patch Tuesday security release. For now, the only fix is to be careful around unknown PowerPoint files. Read more about it at http://blogs.securiteam.com/?p=559.

When using Mac OS X Server 10.4, don't use a leading space if you rename a neighborhhod in the Workgroup Manager's Network view. If you do, the network won't be available. You'll see it on the Layout tab, but it won't be in any LDAP domain, or in Finder. Apple says you will need to rename it without the space, delete it, and then re-create it. See http://docs.info.apple.com/article.html?artnum=304079 for more.

The Good Morning Silicon Valley blog collects quite a few links to stories that say that maybe Dell and Sony knew they had an exploding battery problem even earlier. It was probably just good corporate strategy, and a pre-emptive strike against domain squatters, that Dell registered the dellbatteryprogram.com domain on 11.10.2005. Read more at http://blogs.siliconvalley.com/gmsv/2006/08/we_would_have_a.html.

When using the Offline Files Feature in Windows XP, trying to save a large file offline may cause Windows XP to lock up. According to Microsoft, if the files are larger than 20 megabytes, you may have this problem. Microsoft has a hotfix, which will be in a future service pack. If you regularly save large files, and run into this problem, see http://support.microsoft.com/kb/918338 for information on getting the fix earlier.

The SANS Internet Storm Center says they have been collecting reports that the Microsoft MS06-042 security patch will cause problems with Internet Explorer 6 when you use Computer Associates Unicenter Service Desk. They say the problem goes away if you use one of the Mozilla browsers. SANS ISC has a handy update to which Microsoft patches are causing problems at http://isc.sans.org/diary.php?storyid=1611.

Novell has re-released the Client Post-4.91 SP2 Patch Kit "C". This patch kit was first released on 7/18/06. The re-relese on 8/21/06 was to correct errors in the readme file. The patch itself has numerous bug fixes, including in the login script and in the NWParsePath. Get the patch at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974113.htm.

8/20/2006 Remote Attacks Against Windows Server 2003

US-CERT says there is a bug in Microsoft Internet Explorer 6.0 SP1 running on Windows Server 2003. A remote attacker may be able to use a Terminal Services COM object as an ActiveX object, and crash the server. This may also allow the attacker to run their own code on the server. There's no official word from Microsoft yet -- you can see what the Feds have to say at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4219.

Install Adobe Photoshop CS2, Adobe Illustrator CS2, or Adobe Creative Suite 2.0 on Mac OS X v10.3 or v10.4, and you may run into one of a series of error messages, including File system errors, I/O errors, Boot errors, System crash or slowdowns, or Illegal Name error when you run Disk Utility. Adobe's first suggestion is to upgrade to Mac OS X 10.4.7. Their other suggested workaround is to delete the Legal or Legal.localized folder, and then run Disk Utility.

Apple says that their DVD Studio Pro 4.x and Apple QuickTime 7.x may incorrectly do a gamma shift for MPEG-2 HD DVD content. When you view it on a computer, the colors may look wrong. However, Apple says the colors will appear correct when you play the DVD on a regular DVD player and HDTV.

After losing another laptop with sensitive data, the Department of Veterans Affairs (VA) is undertaking a crash program to encrypt all the data on its laptop computers. They plan on having it completed within a month. That means in about six weeks, the BugBlog will have an item talking about how the VA can't access its data because they've lost the encryption keys.

The US Department of Transportation (DOT) lost a laptop in Florida that had contact information, including Social Security numbers, on 133,000 Florida residents. Why did the laptop have that data? Because a DOT Special Agent was giving a presentation at an anti-fraud conference. (We're from the government and we are here to help.) I don't know if they will be comparing notes with the VA. Read more at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002530.

A conflict between Microsoft Office 2003 and the Open Document Management API program may cause conflicts when you use the Remove Hidden Data tool to get rid of all the behind-the-scenes stuff in an Office 2003 document. When run the tool you may get this error message:
"Remove Hidden Data: You must save this file before running the Remove Hidden Data tool."
Microsoft has a hotfix for this, which will be in a future service pack. Can't wait for the fix? See http://support.microsoft.com/kb/922322 for details on how to get it right away.

 

8/19/2006 Apple Improves Fan Behavior

Unruly fans can cause problems at concerts and sports events, and also in Apple MacBook laptops. After many complaints about noisy fans in the Intel-based laptop computers, Apple has released a firmware update that hopefully will make the fans behave. They've already done this for MacBook Pro computers, so the fix has moved down the line. See http://www.apple.com/support/downloads/macbooksmcfirmwareupdate.html for the update and for instructions.

8/18/2006 You've Got Bugs

Secunia Research found a bug in the way that America Online 9.0 Security Edition revision 4184.2340 sets default permissions in the America Online 9.0 folder. AOL gives Full Control to the Everyone group, which means that anyone can delete or change AOL files in this folder. Secunia told AOL, who has a fix ready. It will be applied automatically when you log onto AOL. If you are using a version older than Security Edition 9, AOL says you should upgrade. Secunia credits Carsten Eiram with finding the bug.

8/17/2006 Yahoo Squashes Mail Bug

Yahoo has squashed a bug in the way that their Yahoo Mail service dealt with attachments. An attacker could have created an HTML attachment with a different encoding scheme that could evade the Yahoo Mail security filter, and then run some malicious JavaScript. Users of Yahoo Mail don't have to do anything-- the fix is implemented by Yahoo. Read more at http://www.pcworld.com/article/id,126788-c,yahoo/article.html.

If you are a user of Informix, the database now owned by IBM, you may want to read a report from security researcher David Litchfield. He informed IBM of a number of security bugs in Informix in January 2005. IBM rushed out the patch in August 2006. The report itself is at http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf.

There are problems with Microsoft's MS06-040 Security update, when installed on Windows Server 2003 Service Pack 1 computers. If you are running a program on the server that needs lots of contiguous memory, it may not run after you upgrade the security patch. Note also that MS06-040 is the security patch that the Department of Homeland Security emphasized should be installed, and that there are active exploits against the holes that it patches. Microsoft is working on a patch for the patch. Keep an eye on http://support.microsoft.com/kb/924054 for further news.

eEye Digital Security reports that there is an attack mounting against the security holes patched by the MS06-040 patch from Microsoft. If successful, this attack will plant an IRC (Internet Relay Chat) bot on your computer, which will then be used to mount distributed denial of service attacks against other computers. Names for this new piece of malware include W32.Wargbot (Symantec), Worm.IRCBOT.JK/JL (Trend Micro), IRC.Mocbot (McAfee), and IRCBOT-ST (F-Secure). Read eEye's full report at http://research.eeye.com/html/alerts/AL20060813.html.

There have been two bugs reported in MySQL 5.x that can be exploited by authenticated users with reduced privileges. These users can exploit the bugs to create databases when they shouldn't, or to execute execute arbitrary DML statements. The bugs will be fixed in the upcoming MySQL 5.0.25 release. You can see the bug reports at http://bugs.mysql.com/bug.php?id=17647 and http://bugs.mysql.com/bug.php?id=18630.

Novell has update the various -ix versions of eDirectory 8.7.3.8. Users on Linux, Solaris, AIX, and HPUX platforms can find the update at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm. It fixes a number of bugs that crash eDirectory during bad DNS resolves or when reading past the end of the bad address cache buffer.

8/16/2006 Internet Explorer Update is Buggy

The latest cumulative security update for Microsoft Internet Explorer 6 may cause the browser to crash if you visit websites that use certain features. The update, which was in Security Bulletin MS06-042, can't handle sites that use both the HTTP 1.1 protocol as well as compression. Microsoft is working on an update to their security update. In the meantime, as a workaround you can disable the use of HTTP 1.1 (or use Mozilla Firefox). For the workaround, go to Tools, Internet Options, Advanced. In the Settings box, uncheck the Use HTTP 1.1 option.

The Adobe Acrobat and Acrobat Reader 7.0.7 and 7.0.8 updates are not cumulative updates. They won't install unless the Acrobat 7.0.5 update is in place first. If you don't install them in order, you may see this error message:
The upgrade patch cannot be installed by the Windows Installer service because the program to be upgraded may be missing.
Go to www.adobe.com/downloads/updates/, download all three if need be, and install them in order.

If you are ultra-restrictive in your firewall settings on a Windows XP computer, you may prevent Apple iTunes from accessing the Internet. If you want to allow iTunes access to the rest of the world, you need to make sure your Windows XP Firewall is configured correctly. Apple gives the details at http://docs.info.apple.com/article.html?artnum=304082.

Apple says that if you disconnect any external audio input devices, the internal microphone automatically becomes the default audio input device. This behavior can be change if you go to Sound preferences. See how at http://docs.info.apple.com/article.html?path=Mac/10.4/en/mh1915.html.

There is a bug in the way that MIT Kerberos (krb5) validates calls to seeuid() in ftpd and in the ksu program. This may give local users elevated privileges, including the ability read, write or create files as root. MIT Kerberos has update information to fix this at http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt.

C Net shows how some lax security implementations at financial sites may make it easier to conduct phishing attacks. Their story is based on demonstrations from the 2006 Black Hat Briefings in Las Vegas. There's no specific behavior that consumers need to do to patch this particular problem -- it's something that the financial institutions web sites need to do. However, it certainly won't hurt to be very, very careful not to click on links from banks or credit card companies in your email. It's always best to start a fresh browser session and log in to your bank directly.

Symantec warns against something called the SpywareRemovalWizard, which they say gives exaggerated reports of problems on your computer, to get you to purchase a registered version of the program. (Real AV companies would never exaggerate a threat.) See http://www.symantec.com/home_homeoffice/security_response/writeup.jsp?docid=2006-081510-5536-99&tabid=1 for Symantec's report.

If you want to do a Mail Merge in Microsoft Publisher, where your data source is a Microsoft Outlook contact list, the list must be displayed in the Outlook Address Book. If it isn't, Publisher won't be able to find it, and will give you this error message:
Unable to obtain list of tables from the data source.
See http://support.microsoft.com/kb/922684 for the workaround details.

There are some bugs in McAfee SecurityCenter 4.3 through McAfee SecurityCenter 6.0.22 that may allow authenticated users to run some arbitrary commands on a computer. Those of you running shared systems should check out McAfee's update information at http://ts.mcafeehelp.com/faq3.asp?docid=407052.

While the 4 million or so laptop batteries being recalled by Dell are actually made by Sony, who is the second largest supplier of laptop batteries. Other laptop manufacturers, including Hewlett-Packard and Lenovo, say that this exploding battery problem doesn't affect them. Apple seems to be still researching things. See the whole story at http://www.eweek.com/article2/0,1895,2003826,00.asp.

Joe Moore of Pentest Limited reports on some bugs in the Sony VAIO Media Integrated Server that may let attackers see sensitive information or possibly execute their own programs. According to Secunia at http://secunia.com/advisories/21512/, the bugs have been fixed in the VAIO Media Integrated Server 4.x/5.x Update Program 1.0.00.42120.

 

8/15/2006 Big Battery Recall for Dell

Not really a bug, but your laptop going up in flames certainly qualifies as something bad happening to your computer. Dell has a new site, called https://www.dellbatteryprogram.com/ with information on the laptop battery recall. When I checked it this morning, I got a warning message about a problem with the security certificate. Chances are, that happened due to the haste in getting up the separate site. If you go to dell.com, there's only a little tiny link to "Battery Recall" at the bottom of the page.

Apache 2.2.2 running on a Windows platform has a bug that may allow remote attackers to read the source code of any CGI programs that may be running. They can do this by sending in a request that’s all in upper case. Windows, not being case-sensitive, gets confused, and thus discloses information. Keep an eye on http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4110 for fix information.

If you upgrade to iDVD 6.0 on a Mac OS X 10.3.9 computer, Apple says your Themes pane will be blank after the upgrade. They have a 12-step fix for this at http://docs.info.apple.com/article.html?artnum=303252.

Microsoft warned game developers that a new hunting ground for hackers and other data thieves are massively multiplayer online (MMO). Since articles in games such as "World of Warcraft" develop monetary value in the real world, it may be a worthwhile target for some data theft. Read more at http://news.zdnet.com/2100-1009_22-6105609.html.

The Internet Storm Center has some details on exploits currently circulating that attempt to exploit the bugs patched by the Microsoft's MS06-040 security advisory. As reported in the 8/12 BugBlog, the Department of Homeland Security made it a special point to tell people to apply this patch. Read more at http://isc.sans.org/diary.php?storyid=1597, including information on how to configure firewalls to help protect against this threat.

A mandatory update to Ruby on Rails has been released. Rails 1.1.5 fixes an unspecified but critical security problem. The Rails people say "If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched." See more at http://weblog.rubyonrails.org/2006/8/9/rails-1-1-5-mandatory-security-patch-and-other-tidbits

8/14/2006 Garbled Music in iTunes or QuickTime for Windows

When using iTunes for Windows you may be getting sub-par audio results, including skips, pops, and garbled music. This may also affect music being played through the Apple QuickTime Player. Apple says you may need to adjust the Sound Out feature in QuickTime, or the Sound Enhancer feature in iTunes, to take care of incompatibilities with your sound card. Apple shows some troubleshooting steps at http://docs.info.apple.com/article.html?artnum=93610.

If you are using Adobe Bridge 1.0 on a Mac OS X computer, your Bridge may crash if you try to create a new Adobe Version Cue project that's on a remote server on a different subnetwork. Adobe says this has been fixed in Bridge 1.0.3. Get it from http://www.adobe.com/support/downloads/.

If you have some air travel scheduled for the near future, and you were going to take your PC along, you may want to read these tips from InternetWeek on the new restrictions at http://news.yahoo.com/s/cmp/20060814/tc_cmp/191902125.

If you draw a text box in Microsoft Visio 2003, rotate the text box so that it is vertical, and then save it as a Windows Metafile Format (WMF) file, some of the rotated text may be missing. Microsoft has fixed this in an Office 2003 hotfix, which will be in a future service pack. If you can't wait for your fix, see http://support.microsoft.com/kb/923007.

When you restart a Windows XP Professional computer, you may see this error message, which will only appear some of the time:
Stop 0xC000021A
Microsoft says this happens because the Wbemprox.dll library is unloaded before it should be. This may happen more often if Group Policy is applied just before the restart. Microsoft has a hotfix for Windows XP Service Pack 2 computer. See http://support.microsoft.com/kb/922410 for information on how to get the fix right away. Otherwise, wait for the next Windows XP service pack.

Here's a report talking about the strong initial sales of Microsoft Windows Live OneCare. The AV/firewall/spyware package grabbed 15.4 percent of security software sales, helped along by low pricing. So do that many people really trust Microsoft for security software, or are they blinded by a brand name? Read more at http://news.zdnet.com/2100-1009_22-6104926.html.

Novell SuSE has fixed a bug in the Linux Enterprise 9 kernel, the Open Enterprise Server, and Novell Linux Desktop 9. This bug may let a local user gain root privleges by changing some file modes. See http://lists.suse.com/archive/suse-security-announce/2006-Aug/0005.html for the details.

8/12/2006 Adobe Templates Get Lost in Translation

When you install Adobe Premiere Elements 2.0, a number of DVD templates should get installed. Normally, the installation process figures out the default language of your computer, and then installs the correct templates. In the US, they would normally get installed in en_US. However, Adobe says the installation process sometimes gets confused on the default language, and leaves the templates in the root of the templates folder, and the program can't find them. See http://www.adobe.com/support/techdocs/329802.html for info on how to move them.

While Microsoft released 12 security bulletins during August's Patch Tuesday, the most important one to the US Department of Homeland Security is MS06-040, for the vulnerability in the Server service. That is the one they singled out as most important, saying "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users." Microsoft's patch is at http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx.

Another indication of problems with Microsoft Windows Genuine Advantage. Over at Ed Bott's Microsoft Report blog on ZD Net, he tried using a pirated key that had been published on the Internet for Windows XP. After installation he went the WGA checks to see how they treat pirates. Unfortunately for Microsoft, it appears that WGA didn't catch his pirated key. Read more at http://blogs.zdnet.com/Bott/?p=110.

If you want to print from a Microsoft Office program to a printer that supports collating, and you turn on collating support in both the Office application and at the printer, the two may cancel each other out, and collating won't work correctly. Microsoft's advice is to turn off the collating option at the printer, and rely on the collating functionality of Office. See http://support.microsoft.com/kb/921561 for more.

There is a bug in the USB portion of the Linux kernel that may allow a local user to trigger a denial of service. Another kernel bug in the keyctl function may also allow local users to trigger a denial of service or read kernel memory. Linux vendors will be rolling out upgrades. You can find the Red Hat Enterprise Linux patches at https://rhn.redhat.com/errata/RHSA-2006-0575.html.

There's an updated Perl package for Red Hat Enterprise Linux 4. A bug in the Perl setuid wrapper may allow local users to save debuggin information to arbitrary files. This information could then be used to aid future attacks. According to Red Hat, they first released this patch in February 2005. However, the fix was dropped in later updates, starting with October 2005. In any case, you can get the patch now at https://rhn.redhat.com/errata/RHSA-2006-0605.html.

8/11/2006 MacPro Update Fixes Image IO Bug

A bug in the ImageIO for the Mac OS X 10.4.7 Build 8K1079 for the Mac Pro may allow hostile content into your Mac via a corrupt TIFF image. Apple's Security Update 2006-004 for the Mac Pro fixes this. Apple credits Tavis Ormandy of the Google Security Team for finding this bug.

8/10/2006 Attacks Against Blackberries Possible

Research in Motion Blackberry owners now have to worry about malware attacks. Security researcher Jesse D'Aguanno has demonstrated how you can combine some Trojan horse code in a free tic-tac-toe game download, which will then work with BBProxy to launch attacks against other machines on a network. It's all theoretical for now, but there's probably bad guys working on this right now. Read more at http://www.pcworld.com/article/126685-1/article.html

8/9/2006 Attack Via Windows HTML Help

There is a buffer overrun in the HTML Help in Windows 2000, Windows XP, and Windows Server 2003. A remote attacker can construct a hostile web page that can exploit this to take complete control of your system. You can download a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS06-046.mspx. As a workaround, you can also disable the HTML Help ActiveX control. Microsoft credits Cody Pierce of the TippingPoint Security Research Team for finding this bug.

Adobe says that a bug within the AdminAPI of ColdFusion MX 7 may allow users to bypass authentication tests when calling adminAPI functionality. That means that unprivileged users may be able to make changes to your ColdFusion server. Adobe has an update for this at http://www.adobe.com/support/security/bulletins/apsb06-10.html.

The latest Black Hat security conference discussed how security shortcomings could cause problems with websites that rely on AJAX (Asynchronous JavaScript and XML). You may not be familiar with AJAX, but you use it if you go to Google Maps, Yahoo and MySpace, among other sites. Read more at http://www.eweek.com/article2/0,1895,1998795,00.asp.

Microsoft has released the latest version of their Windows Malicious Software Removal Tool, which will help remove all the bad software that their browser allowed to sneak in. The latest update includes Win32/Bamler amd the Win32Jeefo to the list of malicious software that gets removed. See http://support.microsoft.com/?kbid=890830 for more on this tool.

A bug in the Microsoft Management Console in Windows XP and Windows Server 2003 may allow remote attackers to access HTML embedded resource files. They may then be able to use this bug to run their own code on your computer. Microsoft has a fix for this. Get it at http://www.microsoft.com/technet/security/bulletin/ms06-044.mspx. Microsoft credits Yorick Koster of ITsec Security Services, H D Moore, and Tom Gilder for reporting this bug.

A bug in the way that Microsoft Visual Basic for Applications looks at document properties when a document is opened may allow an attacker to run hostile code on your system. They consider this a Critical bug, and it affects Microsoft Office 2000, Office XP, Visio and Project 2002, and Microsoft Works Suite. However, it does not affect Office 2003. Get fixes at http://www.microsoft.com/technet/security/Bulletin/MS06-047.mspx. Microsoft credits Ka Chun Leung of Symantec for finding this bug.

Two different bugs in the Microsoft Windows Hyperlink Object Library may allow a remote attacker to run their code on your system, if you click on a link within a malicious Office file or email message. This affects Windows 2000, Windows XP, and Windows Server 2003. Get your fix for this at http://www.microsoft.com/technet/security/Bulletin/MS06-050.mspx. Microsoft credits Pedram Amini of the TippingPoint Security Research Team and Steve Tai of CSC Australia Pty Limited for finding these bugs.

There is a bug in the way that Windows 2000 Service Pack 4 validates some user inputs. A local user with log-on privileges could exploit this bug to take complete control of a system with Administrator privileges. Microsoft has the fix for this at http://www.microsoft.com/technet/security/bulletin/ms06-049.mspx.

A bug in the Drag and Drop function within Windows Explorer in Windows XP and Windows Server 2003 may be exploited by a malicious web site. The remote attacker may be able to save a file on your system, which could later be used to execute code and take control of your computer. Microsoft has a fix for this at http://www.microsoft.com/technet/security/bulletin/ms06-045.mspx.

8/8/2006 Critical Bug in Windows

Microsoft says there is a bug in the kernel of Windows 2000, Windows XP, and Windows Server 2003 that may let a remote attacker completely take over your computer. The bug is in the way that exception handling is done by Windows when you have multiple applications loaded in memory. This attack could be carried out by a hostile website, if you happen to be visiting. Microsoft labels this a Critical bug, and have patches for it at http://www.microsoft.com/technet/security/Bulletin/MS06-051.mspx. As a workaround, you could mitigate the impact by disabling Active Scripting.They credit Matt Miller of Leviathan Security Group and Ken Johnson for finding this bug.

There is a critical bug in the Server services for Windows 2000, XP, and Windows Server 2003. This bug may allow a remote attacker to take complete control of the Windows system. According to Microsoft, a properly-configured firewall may help protect against this kind of attack. They have patches for the affected systems available at http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx. Microsoft credits US-CERT and SANS for finding this bug.

A bug in the DNS client in Windows 2000, XP and Windows Server 2003 may allow a remote attacker to take complete control of your computer. However, the attacker either has to be on a subnet between the host and the DNS server, or else you will need to make a DNS request to the attacker's server, which lessens the vulnerability. Microsoft has links to fixes for this critical vulnerability at http://www.microsoft.com/technet/security/bulletin/ms06-041.mspx. Microsoft credits Mark Dowd of ISS X-Force for finding this bug.

Microsoft says that a bug in the Winsock API in Windows 2000, Windows XP, and Windows Server 2003 may let a hostile web site take complete control of your computer. This can happen if the attacker can trick you into opening a malicious file, or visiting a website that has been designed to make a special call on the Winsock API. Microsoft has links to fixes for this critical vulnerability at http://www.microsoft.com/technet/security/bulletin/ms06-041.mspx. Microsoft credits Peter Winter Smith of NGS Software for finding this bug.

There is a bug in the way that Microsoft Internet Explorer renders certain webpages that are laid out in a particular way. Because of the bug, a hostile web site could design a page to take advantage of this, corrupt memory, and take complete control of a system. (I couldn't take advantage of this, because I know all BugBlog readers use Mozilla.) You may be able to guard against this if you do your browsing in the Restricted Zone within IE. Even better, get the Cumulative Security Update 918899 for Internet Explorer at http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx. Microsoft credits Sam Thomas, working with TippingPoint and the Zero Day Initiative, for finding this bug.

A bug in the way that Microsoft Internet Explorer 6 handles chained Cascading Style Sheets (CSS) may allow a hostile web site to take complete control of your computer. This affects IE running on Windows 2000, Windows XP, and Windows Server 2003. Microsoft has fixed this in the Cumulative Security Update 918899 for Internet Explorer at
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx. Microsoft credits Sam Thomas, working with TippingPoint and the Zero Day Initiative, for finding this bug.

A bug in the way that Windows XP and Windows Server 2003 does MHTML protocol parsing may allow a remote attacker to take complete control of your system. This can happen either by visiting the hostile web site, or by clicking a link within email in Microsoft Outlook Express 6. Microsoft labels this a Critical Update, and has patches for this at http://www.microsoft.com/technet/security/bulletin/ms06-043.mspx.

Microsoft has patched two bugs within PowerPoint that may allow an attacker to take complete control of your system via a malicious PowerPoint presentation. One bug is in the MSO.DLL, and the other is activated when parsing a malformed record. This affects PowerPoint 2000, XP, 2003, and PowerPoint for Mac OS X. Get patches for these critical bugs at http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx. Microsoft credits Elia Florio of Symantec, Dejun Meng of the Fortinet Security Research Team, Shih-hao Weng of Information & Communication Security Technology Center, and SoWhat of Nevis Labs for finding these bugs.

8/7/2006 Holes in a Cisco Firewall

A bug in Cisco's PIX firewall appliances was shown at the Black Hat USA Conference. Details weren't disclosed, because Cisco doesn't have the patch ready yet. Security researcher Hendrik Scholz says that you will be able to "Open up whatever port you want", which doesn't sound like the kind of behavior you want from a firewall. Read more at http://www.pcworld.com/article/126649-1/article.html.

There is an incompatibility between Adobe InDesign CS and Adobe Illustrator CS and HP Designjet 800 PCL printers. If you try to print out A0 files, which are 841 mm x 1189 mm, you will actually get a cropped 669 mm x 1189 mm, with the right side chopped off. Other applications will be able to print to this printer. Adobe has a number of suggested workarounds, some of which cost money, at http://www.adobe.com/support/techdocs/332340.html.

Apple says that their Mac OS X and Mac OS X Server software needs for port 626 to be open to UDP traffic. If you configure your firewall to disallow this, some applications may not work.

A bug in Mac OS X 10.3.9 and 10.4.7 may allow local users to send output to standard error. Because of this, they may have access privileged information they shouldn't be able to see. This has been fixed in Apple's Security Update 2006-004. They credit Neil Archibald of Suresec LTD for finding this bug.

Google is going to include pop-up warnings to users who may want to follow a link on Google searches to certain wesites that have been labeled as distributing malware. The identification process is by The Stop Badware Coalition. You will still be allowed to click the link. Read more at http://www.pcworld.com/article/126656-1/article.html. (I forsee some lawsuits in the future.)

The Secunia website reports on a bug in the GDI Client DLL library (gdi32.dll) in most versions of Windows, from Windows 2000 up to Windows Server 2003. A maliciously designed WMF file may be used to crash Windows for a Denial of Service attack. Secunia credits cyanid-E for finding this bug. See more at http://secunia.com/advisories/21377/.

8/6/2006 Microsoft Wins Bug of the Month for Windows Genuine Advantage

Because WGA deserves all the criticism it gets.

8/5/2006 Hijack A Macbook (or other laptop) in 60 Seconds

The Security Fix column at the Washington Post has a video that demonstrates how a remote attacker can seize control of an Apple Macbook computer. (The attack was carried out from a Dell laptop.) The video was produced by Jon "Johnny Cache" Ellch and David Maynor, and uses a third-party wireless card in the Apple. The bug itself is in the wireless device driver, and is not particular to the Apple OS. Anyone who uses a laptop in a public space near other laptop users (that includes me) may want to watch at http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html.

Install the Windowx XP Media Center Rollup 2 update, and you may have problems running Adobe Premiere Elements 2.0. You may see an Adobe error message that says:
This application has failed to start because ad2mpegin.dll was not found. Re-installing the application may fix this problem.
As a fix, either restore your computer to an earlier state (and lose the Rollup update) or add ad2mpegin.dll and ad2mcmpgdec.dll files to your Windows\System32 directory. See http://www.adobe.com/support/techdocs/319912.html for details.

Apple says there is a bug in the Download Validation for LaunchServices in Mac OS X 10.4.7. If you download a file via Safari, it may be marked safe, and can be opened via a local URI. This means that any JavaScript running in the file will run under less stringent security. Apple fixed this in the Security Update 2006-004. This doesn't affect Mac OS X 10.3.x or earlier.

David Letterman did a salute to Bill Gates on the announcement of his retirement. In case you missed it, you can watch it on YouTube at http://www.youtube.com/watch?v=5NoGbLI3ePA.

Here's one of those good news/bad news articles. The good news is that security holes within operating systems are being closed up, so that your OS is more secure. The bad news is that attackers are now concentrating on device drivers instead. Read the whole thing at http://www.channelregister.co.uk/2006/08/04/hackers_bypass_os/.

If you schedule too many dates on one day in a Microsoft Office Outlook 2003 calendar, they may not all fit on the screen. Microsoft says that there may not be a scrollbar available to let you scroll down and see the rest of the events. They have a hotfix for this, which will be in a future service pack. If you need the hotfix right away, see http://support.microsoft.com/kb/921651. As a temporary workaround, take life at a slower pace and cancel some events.

Try to change the wallpaper on a Windows XP computer, and you may see that this option within Display Properties is either missing or grayed out. This may have been done by a system administrator, who wants you to concentrate on work and quit fiddling with your options. It may also be the work of some malicious program, in which case you can do a Registry edit for a fix. See the details, and an important warning about editing the Registry, at http://support.microsoft.com/kb/921049.

8/4/2006 Another Big Patch Tuesday

Microsoft says they will be releasing 12 security bulletins on Tuesday, August 8. Ten of the bulletins will be for Windows, and 2 for Office. At least one of each of these will be Critical updates. We will also be getting an update to the Microsoft Windows Malicious Software Removal Tool, and there will be two priority non-security updates pushed out via Microsoft Update. Malware vendors haven't yet announced what zero-day vulnerabilities they will be releasing on Wednesday.

8/3/2006 Mozilla Fixes Streaming Video Bug

Mozilla has released Firefox 1.5.0.6. This update quickly follows the 1.5.0.5 release, which was a security update. Unfortunately, version 1.5.0.5 had a bug that caused problems playing streaming Windows Media content, written up in the 8/1 BugBlog. Mozilla users can wait for the auto update, or get the new version at http://www.mozilla.com/firefox/releases/1.5.0.6.html.

8/2/2006 Mac Attack Through GIF File

Apple says that Mac OS X 10.4.x users are vulnerable to attack via GIF images. A bad guy may be able to construct a corrupt GIF immage that causes a memory allocation failure, which can they be used to either crash the application viewing the GIF file, or possibly run hostile code. This has been patched, for Mac OS X 10.4.7, with the Security Update 2006-004.

When using Adobe Illustrator CS 2 on a Mac OS X computer equipped with a Mighty Mouse, you may not be able to use the mouse to scroll horizontally. Adobe says to go horizontal, hold down the Command key while scrolling.

When using Adobe Premiere Elements 2.0, you won't be able to export to tape over a USB 2.0 connection. According to Adobe, the exporting will only work using a Firewire connection, according to http://www.adobe.com/support/techdocs/331549.html.

When using WebKit on an Apple Mac OS X 10.3.9 or 10.4.7 computer (either client or server), visiting a malicious could allow hostile content to be run on your computer. Apple says this has been fixed in Security Update 2006-004. They credit Jesse Ruderman of Mozilla Corporation for finding this bug.

If Remote Login is turned on in a Mac OS X 10.4.7 computer, remote attackers may be able to use a bug in OpenSSH to crash the computer. They may also be able to ascertain information on accounts. This has been fixed in the Security Update 2006-004. Apple credits Rob Middleton of the Centenary Institute for finding this bug.

An attacker may be able to construct a Canon RAW image file that will crash an application trying to view it on an Apple Mac 10.4.7 computer. This has been fixed in the Apple Security Update 2006-004.

McAfee says that a bug in their SecurityCenter Versions 4.3 through 6.0.22 may let a remote, unauthorized user run code on a "protected" computer. They are releasing a patch, both through their automated software update and http://www.mcafee.com/us/support/default.asp, that will fix this. McAfee credits eEye Digital Security with finding this bug.

If you want to watch a video file in Microsoft Windows XP Media Center Edition 2005, and the video file has DRM protection (Digital Rights Management), Microsoft says not to double click the video file. Only use a single click. The video file may not play with the double-click, and you may also lock up the Media Center. If you've already double-clicked and gotten into trouble, see how to fix things at http://support.microsoft.com/kb/922677.

Red Hat has an updated libtiff package for Red Hat Enterprise Linux 2.1, 3 and 4. The update fixes a bug that may allow an attacker to construct a TIFF file with hostile code that could crash any application using libtiff, or possibly run hostile code. Get the update at
https://rhn.redhat.com/errata/RHSA-2006-0603.html.

Red Hat has their versions of Mozilla Firefox 1.5.0.5, Thunderbird 1.5.0.5 and and SeaMonkey 1.0.3. These updates from Mozilla fix a number of critical security bugs. You can get Red Hat's versions at https://rhn.redhat.com/errata/RHSA-2006-0610.html for Firefox, https://rhn.redhat.com/errata/RHSA-2006-0611.html for Thunderbird, and https://rhn.redhat.com/errata/RHSA-2006-0609.html for SeaMonkey.

Symantec says that their Symantec On-Demand Agent 2.5 (SODA) and Symantec On-Demand Protection 2.6 (SODP) have a problem with the encryption used to secure Web-based applications. The encryption is too weak, and it may be possible for unauthorized local users to see things they aren't supposed to see. See the fix information at http://www.symantec.com/avcenter/security/Content/2006.08.01a.html.

8/1/2006 Streaming Video Problems for Firefox

There is a bug in the new Mozilla Firefox 1.5.0.5 that interferes with your ability to view streaming video, especially in the Windows Media format and Real Media format. You can see by the discussion in Bugzilla at https://bugzilla.mozilla.org/show_bug.cgi?id=346167 that a fix may be here fairly quickly, in the form of a Firefox 1.5.0.6 release.

7/31/2006 Windows Driver Bug Can Cause A Blue Screen

There is a bug in the server driver (srv.sys) in many different versions of Microsoft Windows. The bug, discovered by ISS X-Force, may let attackers trigger a blue screen of death. Read their details at http://xforce.iss.net/xforce/alerts/id/231. Microsoft acknowledges the problem at http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx, and has some temporary defenses.

Try to save an Adobe Illustrator CS2 file in an AI or PDF format, and you may get this unhelpful error message:
An unknown error has occurred.
Adobe has four workarounds for this: re-create the Transparency Flattner Presets file; repair or reinstall Illustrator; use the EPS file format instead; don't use PDF compatibility. See http://www.adobe.com/support/techdocs/332690.html for the details on these fixes.

You may not be able to import 3gp files from a mobile phone into Adobe Premiere Elements 2.0, if on your computer you installed Apple QuickTime 6.5.2 as an upgrade from a previous version. Instead, you will see this error message:
File format not supported
Adobe says you can uninstall QuickTime 6.5.2, and then re-install it to fix this problem. See http://www.adobe.com/support/techdocs/332061.html for details.

Apple has saved the day in an incompatibility between Mac OS X 10.4.7 and the scroll-zoom feature on a wireless Mighty Mouse. They say to get the feature to work, reinstall the wireless Mighty Mouse software that originally came with the mouse.

IBM says that a bug snuck into Lotus Notes 6.0 that may prevent server side include (SSI) variables that use the form &index from working. They have fixed this in Lotus Notes 7.0.2.

If your nickname cache in Microsoft Outlook 2003, then email addresses on some of your emails won't display correctly. Instead of seeing the nickname, you will see "SMTP:????????". Microsoft says this corruption may get spread if your recipients reply or forward the email. Microsoft has fix information at http://support.microsoft.com/kb/921584.

7/30/2006 Mac OS X Trashes a Parent (Folder)

If you create a new folder in Mac OS X 10.2 through 10.3.9, and then you delete before you rename it, the parent folder may also get moved into the trash. Apple says this happens if the Finder window is in column view, and then you use Command-delete, or Move to Trash. The first thing to do is go get the parent folder out of the trash. If you don't know how, see http://docs.info.apple.com/article.html?artnum=107313. What you don't want to do is empty the trash.

Adobe says that their Update Manager may get confused if Photoshop 9.0.1 is installed on an Intel-based Mac or Mac OS X 10.3.x. The Adobe Update Manager will say that the 9.0.1 update is not installed, and is available for download. However, when you start the update, the Photoshop CS2 application is grayed out and can't be selected. If your Photoshop splash screen says that you are using 9.0.1, Adobe says to ignore the Update Manager. See http://www.adobe.com/support/techdocs/333164.html for more.

There is a bug in the Apace 1.3.x, 2.0.x, and 2.2.x HTTP server. Because of an overflow in mod-rewrite, an attacker may be able to create a one-byte buffer overflow that will be able to crash the web server, and possibly run malicious code. Update to version 1.3.37, 2.0.59, or 2.2.3 of Apache to fix this. Apache credits Mark Dowd of McAfee Avert Labs for finding this bug.

This may be the shortest Knowledge Base article ever written. According to Apple, "If your 15-inch MacBook Pro emits a high-pitched buzzing sound, please contact AppleCare for service." No need to condense that message -- see http://docs.info.apple.com/article.html?artnum=303365 for the info on how to contact them.

Microsoft Outlook Express mail or IMAP email in the Google Desktop Sidebar. If you want to stick with Microsoft, it works with Outlook, although you may need an Outlook add-in. See http://desktop.google.com/support/bin/answer.py?answer=12410&topic=209 for more information.

A bug in JavaScript within Mozilla Firefox 1.5.0 and later may allow an attacker to run hostile code via a deleted frame or window. This has been fixed in the Firefox 1.5.0.5 update. The bug also affects Thunderbird if you have JavaScript enabled. However, that is neither the default nor recommended configuration. Mozilla credits Thilo Girmann for finding this bug.

 

7/28/2006 Symantec Anti-Spam Slips Up

Symantec says that all versions of their Brightmail AntiSpam don't do a good job of sanitizing file names. Because of this, an attacker may be able to impersonate the BrightMail Control Center, and then possibly steal confidential information. As a fix, Symantec wants you to upgrade to another one of their products, Symantec Mail Security (SMS) for SMTP 5.0, which is a free upgrade if you have a service contract. For others, they have SBAS 6.0.4, which fixes the bug. Get information on both from http://securityresponse.symantec.com/avcenter/security/Content/2006.07.27.html.

7/27/2006 Mozilla Fixes JavaScript Bug

A bug snuck into Mozilla Firefox and Thunderbird 1.5's JavaScript implementation that may lead to a crash, or possibly memory corruption. The problem happens when the software handles simultaneously happening XPCOM events. A malicious website may be able to exploit this to crash the browser, or run hostile code. This only affects Thunderbird if JavaScript is turned on for mail. This is not the default setting, and Mozilla advises against it. This has been fixed in Firefox and Thunderbird 1.5.0.5, and in SeaMonkey 1.0.3. Mozilla credits Secunia Research for finding this bug.

The latest in a long line of phishing schemes arrived in the email in-box. The text went something like "This email is to inform that you have successfuly added a new email in your PayPal account and deleted the old one.If you whant to add more emails or to delete one just login in your PayPal account. All PayPal accounts will come with complete detailed information!" In addition to the misspellings, they prominently posted the date atop the email -- unfortunately, the date was May 2006. Just for laughs, I hovered over the link that would log me on to "PayPal" and the link actually went to something called LegionofSorrow.com. Gee, do you think it's legit?

When Microsoft Internet Explorer 7 is released sometime this fall, it will be labeled a high-priority download in Microsoft's Automatic Update. However, you will be given a prompt that will give you the choice to install, wait, or opt out. IT departments will be able to get a tool that will block the deployment of IE 7 across their whole enterprise. Read more at http://www.betanews.com/article/Microsoft_IE7_a_HighPriority_Update/1153932798.

Try to run an Office 2003 program, and you may see this error message: The application failed to initialize properly (0xc0150002). Click on OK to terminate the application. Microsoft says there can be quite a few reasons for this, including a botched installation of a service pack. Microsoft has some steps that may fix this at http://support.microsoft.com/kb/817117.

Mozilla says that Firefox 1.5.0.4 and Thunderbird 1.5.0.4 have a bug in the way that JavaScript functions with parent objects can be manipulated by scripts on a webpage. It may be possible to gain privileges and use them to install malware. Thunderbird is only vulnerable if you have JavaScript turned on, which is not the default setting. This has been fixed in Firefox and Thunderbird 1.5.0.5, and in SeaMonkey 1.0.3.

Mozilla says that the upgrade of Firefox 1.5.0.5 includes a number of bug fixes that should make Mozilla more stable, and avoid more crashes. While there is no evidence of exploits, these crashes may lead to memory corruption, which could then allow hostile code to run.

7/26/2006 XP Media Center Edition Gets an Upgrade

Microsoft has released the July 2006 Update Rollup for Microsoft Windows XP Media Center Edition 2005. (If it takes 12 words to make up a product version name, maybe it's time to come up with a different naming scheme.) This rollup replaces a number of earlier hotfixes for the Media Center Edition, including those listed in Knowledge Base article 914548, 908250, 912067, and 913437. However, it does not replace Update Rollup 2. You need to have that installed first. (Get it at http://support.microsoft.com/kb/900325/.) Only after that's in place should you get the latest at http://support.microsoft.com/?kbid=919803.

Adobe says that after making changes and saving a file in Adobe InDesign CS2 4.0.2, you may lose data when you re-open the file. According to Adobe, the file may display the incorrect file type and creator date, or you may see this error message:
Cannot open the file [file name]. Adobe InCopy may not support the file format, or a plug-in that supports the file format may be missing.
This has been fixed in the InDesign 4.0.3 update.

In some cases, using Adobe InDesign CS2 on a Windows computer for longer than 20 or 30 minutes may cause the program to slow down, with each command taking longer to respond. This has been fixed in the Adobe InDesign CS2 4.0.3 Update.

Microsoft unveiled a test version of their new home page. At first, if you went to the new page at http://preview.microsoft.com/en/us/default.aspx with Mozilla Firefox, you got a message saying the file could not be found. Only Microsoft Internet Explorer users could see the new version. By the time I checked it out with Firefox, you got redirected back to the old version of the home page. (I certainly hope no regular BugBlog readers are using IE -- you can see a brief review of the new layout at http://www.techweb.com/wire/software/191000771).

If you play some DVD videos in Microsoft Windows XP Media Center Edition (MCE) 2005, some actions may cause white lines to appear on the screen. For instance, Microsoft says that if you press the MORE INFO remote button, a white line will show up under some menu items. The white line won't go away when you close the More Info screen. This has been fixed in the July 2006 Update Rollup for MCE.

Some random bugs may cause the Media Center to crash when you open up a menu page in Microsoft Windows XP Media Center Edition (MCE) 2005. According to Microsoft, you will only see a generic type error message like:
Program_name has caused an error and must be closed. We apologize for the inconvenience. If you were in the middle of something, the information you were working on might be lost. Please tell Microsoft about this problem. We have created an error report….
Microsoft says they have fixed this in the July 2006 Update Rollup for MCE.

After splitting a cell in a table in Microsoft Word 2003, some AutoCorrect features may exceed their authority. According to Microsoft, you may try to use AutoCorrect to change some text in the split cell, but then AutoCorrect will continue on and make the change throughout the table, even if you didn't want that to happen. This has been fixed in a 5/23/06 hotfix for Word 2003. See the details on how to get this fix at http://support.microsoft.com/kb/919734/.

There is a new Trojan horse security threat that is being installed as a Mozilla Firefox extension. This Trojan does not attack through Mozilla directly -- you can only get it if you have already been infected by the Downloader-AXM Trojan. The new threat, called the FormSpy Trojan by McAfee, piggybacks on the earlier infection. Of course, if you have caught the Downloader-AXM, you will have lots more to worry about than just the fake Mozilla infection. See more at http://news.zdnet.com/2100-1009_22-6098615.html.

In addition to blackout problems at MySpace, the website was also hit by an unusual worm. It did not install itself onto user's computers -- it only infected their MySpace pages. It resided in a Flash object that, if a visitor viewed a profile page, would get passed along to that visitor's profile page, too. If you hang out on MySpace, read more at http://isc.sans.org/diary.php?storyid=1510.

Red Hat has a new samba package available for Red Hat Enterprise Linux 2.x, 3, and 4. A remote attacker may have been able to exploit a bug in the the smbd daemon that would make the daemon consume lots of memory, and ultimately cause a denial of service attack. Red Hat rates this as an Important update. Get it at https://rhn.redhat.com/errata/RHSA-2006-0591.html.

Red Hat has an updated PHP package for Red Hat Enterprise Linux 2.1. It fixes a number of bugs, including a directory transversal, as well as a bug in the IMAP header decoding that could be use to crash PHP. Get this update at https://rhn.redhat.com/errata/RHSA-2006-0567.html.