The BugBlog Plus May 2005 by Company

BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company

Jump to the BugBlog archives (October 03 and earlier are public archives)

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

BugBlog

Adobe

The Adobe Acrobat and Acrobat Reader 7.0.7 and 7.0.8 updates are not cumulative updates. They won't install unless the Acrobat 7.0.5 update is in place first. If you don't install them in order, you may see this error message:
The upgrade patch cannot be installed by the Windows Installer service because the program to be upgraded may be missing.
Go to www.adobe.com/downloads/updates/, download all three if need be, and install them in order.

If you are using Adobe Bridge 1.0 on a Mac OS X computer, your Bridge may crash if you try to create a new Adobe Version Cue project that's on a remote server on a different subnetwork. Adobe says this has been fixed in Bridge 1.0.3. Get it from http://www.adobe.com/support/downloads/.

Adobe says that a bug within the AdminAPI of ColdFusion MX 7 may allow users to bypass authentication tests when calling adminAPI functionality. That means that unprivileged users may be able to make changes to your ColdFusion server. Adobe has an update for this at http://www.adobe.com/support/security/bulletins/apsb06-10.html.

Adobe says that if you have more than 3638 fonts (3638? Shouldn't it be 2048 or 4096 or some other power of two?) installed on your comptuer, Adobe InDesign probably won't be able to access all of them. Normally you should be able to see them all in your Character Control palette or the Character Style and Paragraph style palettes. Adobe has some workarounds at http://www.adobe.com/support/techdocs/331766.html.

There is an incompatibility between Adobe InDesign CS and Adobe Illustrator CS and HP Designjet 800 PCL printers. If you try to print out A0 files, which are 841 mm x 1189 mm, you will actually get a cropped 669 mm x 1189 mm, with the right side chopped off. Other applications will be able to print to this printer. Adobe has a number of suggested workarounds, some of which cost money, at http://www.adobe.com/support/techdocs/332340.html.

If you copy and paste text with different Basic Paragraph style definitions within one Adobe InDesign CS2 document, you may get the wrong attributes applied to the pasted text. Adobe says first to check to make sure you have the latest update to InDesign. You can check that at www.adobe.com/downloads. You may also have to remove any overrides to the text. See http://www.adobe.com/support/techdocs/328472.html for more.

When using Adobe Illustrator CS 2 on a Mac OS X computer equipped with a Mighty Mouse, you may not be able to use the mouse to scroll horizontally. Adobe says to go horizontal, hold down the Command key while scrolling.

Install Adobe Photoshop CS2, Adobe Illustrator CS2, or Adobe Creative Suite 2.0 on Mac OS X v10.3 or v10.4, and you may run into one of a series of error messages, including File system errors, I/O errors, Boot errors, System crash or slowdowns, or Illegal Name error when you run Disk Utility. Adobe's first suggestion is to upgrade to Mac OS X 10.4.7. Their other suggested workaround is to delete the Legal or Legal.localized folder, and then run Disk Utility.

When you install Adobe Premiere Elements 2.0, a number of DVD templates should get installed. Normally, the installation process figures out the default language of your computer, and then installs the correct templates. In the US, they would normally get installed in en_US. However, Adobe says the installation process sometimes gets confused on the default language, and leaves the templates in the root of the templates folder, and the program can't find them. See http://www.adobe.com/support/techdocs/329802.html for info on how to move them.

Install the Windowx XP Media Center Rollup 2 update, and you may have problems running Adobe Premiere Elements 2.0. You may see an Adobe error message that says:
This application has failed to start because ad2mpegin.dll was not found. Re-installing the application may fix this problem.
As a fix, either restore your computer to an earlier state (and lose the Rollup update) or add ad2mpegin.dll and ad2mcmpgdec.dll files to your Windows\System32 directory. See http://www.adobe.com/support/techdocs/319912.html for details.

When using Adobe Premiere Elements 2.0, you won't be able to export to tape over a USB 2.0 connection. According to Adobe, the exporting will only work using a Firewire connection, according to http://www.adobe.com/support/techdocs/331549.html.

Apache

Apache 2.2.2 running on a Windows platform has a bug that may allow remote attackers to read the source code of any CGI programs that may be running. They can do this by sending in a request that’s all in upper case. Windows, not being case-sensitive, gets confused, and thus discloses information. Keep an eye on http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4110 for fix information.

Apple

Apple says that their DVD Studio Pro 4.x and Apple QuickTime 7.x may incorrectly do a gamma shift for MPEG-2 HD DVD content. When you view it on a computer, the colors may look wrong. However, Apple says the colors will appear correct when you play the DVD on a regular DVD player and HDTV.

If you are ultra-restrictive in your firewall settings on a Windows XP computer, you may prevent Apple iTunes from accessing the Internet. If you want to allow iTunes access to the rest of the world, you need to make sure your Windows XP Firewall is configured correctly. Apple gives the details at http://docs.info.apple.com/article.html?artnum=304082.

If you upgrade to iDVD 6.0 on a Mac OS X 10.3.9 computer, Apple says your Themes pane will be blank after the upgrade. They have a 12-step fix for this at http://docs.info.apple.com/article.html?artnum=303252.

When using iTunes for Windows you may be getting sub-par audio results, including skips, pops, and garbled music. This may also affect music being played through the Apple QuickTime Player. Apple says you may need to adjust the Sound Out feature in QuickTime, or the Sound Enhancer feature in iTunes, to take care of incompatibilities with your sound card. Apple shows some troubleshooting steps at http://docs.info.apple.com/article.html?artnum=93610.

Apple says that if you disconnect any external audio input devices, the internal microphone automatically becomes the default audio input device. This behavior can be change if you go to Sound preferences. See how at http://docs.info.apple.com/article.html?path=Mac/10.4/en/mh1915.html.

The Sony battery recall has spread to Apple. There is a recall of 1.8 million 12 inch iBook G4 and 12 and 15 inch PowerBook G4 laptop computers, due to a fire hazard. The detailed information from Apple on what batteries are affected is at https://support.apple.com/ibook_powerbook/batteryexchange/. Sony says they think that there won't be any more battery recalls. Read about the whole thing at http://www.eweek.com/article2/0,1895,2008146,00.asp and read about an effort by manufacturers to ease fears of exploding laptops at http://www.eweek.com/article2/0,1895,2008264,00.asp.

The Security Fix column at the Washington Post has a video that demonstrates how a remote attacker can seize control of an Apple Macbook computer. (The attack was carried out from a Dell laptop.) The video was produced by Jon "Johnny Cache" Ellch and David Maynor, and uses a third-party wireless card in the Apple. The bug itself is in the wireless device driver, and is not particular to the Apple OS. Anyone who uses a laptop in a public space near other laptop users (that includes me) may want to watch at http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html.

Unruly fans can cause problems at concerts and sports events, and also in Apple MacBook laptops. After many complaints about noisy fans in the Intel-based laptop computers, Apple has released a firmware update that hopefully will make the fans behave. They've already done this for MacBook Pro computers, so the fix has moved down the line. See http://www.apple.com/support/downloads/macbooksmcfirmwareupdate.html for the update and for instructions.

Even computers can have sleep disorders. Apple says that even if you have set Mac OS X 10 computers to go into sleep mode after a certain period of inactivity, the computer actually stays awake. If you go to http://docs.info.apple.com/article.html?artnum=303698, you'll see a list of background procedures that you may not know are happening, but which effectively poke your computer and keep it awake. The culprit may actually be Bluetooth, an external drive, or even iTunes.

Apple says there is a bug in the Download Validation for LaunchServices in Mac OS X 10.4.7. If you download a file via Safari, it may be marked safe, and can be opened via a local URI. This means that any JavaScript running in the file will run under less stringent security. Apple fixed this in the Security Update 2006-004. This doesn't affect Mac OS X 10.3.x or earlier.

Apple says that if you try to open twenty or more images in the Preview window on a Mac OS X 10.4.7 computer, you'll only get one window. However, you'll have a Preview drawer that you can use to see the rest of your images. See http://docs.info.apple.com/article.html?path=Preview/3.0.1/en/pv13.html for more.

Apple says that some Mac Pro computers running Mac OS X 10.4.7 may seem to be running video or games slowly. This problem is isolated to certain Mac OS X build numbers. You may have a problem if your build number is less than less than 8K1079. If it is, you may have to use your Install disks to do an Archive and Install, which will update your build number and take care of the problem. See http://docs.info.apple.com/article.html?artnum=304198 for details.

When using Mac OS X Server 10.4, don't use a leading space if you rename a neighborhhod in the Workgroup Manager's Network view. If you do, the network won't be available. You'll see it on the Layout tab, but it won't be in any LDAP domain, or in Finder. Apple says you will need to rename it without the space, delete it, and then re-create it. See http://docs.info.apple.com/article.html?artnum=304079 for more.

If you are using Apple Remote Desktop 2.1 and you adjust the brightness, your changes may be lost when the client goes into display sleep. This has been fixed in the Remote Desktop 2.2 Update.

The Apple Remote Desktop 2.2 update fixes a number of compatibility problems. It should now work with Mac OS X 10.4, and you should be able to install iTunes 4.7 and 4.7.1 with it. Apple says it will also do a better job installing .mpkg files.

A bug in the ImageIO for the Mac OS X 10.4.7 Build 8K1079 for the Mac Pro may allow hostile content into your Mac via a corrupt TIFF image. Apple's Security Update 2006-004 for the Mac Pro fixes this. Apple credits Tavis Ormandy of the Google Security Team for finding this bug.

Apple says that their Mac OS X and Mac OS X Server software needs for port 626 to be open to UDP traffic. If you configure your firewall to disallow this, some applications may not work.

A bug in Mac OS X 10.3.9 and 10.4.7 may allow local users to send output to standard error. Because of this, they may have access privileged information they shouldn't be able to see. This has been fixed in Apple's Security Update 2006-004. They credit Neil Archibald of Suresec LTD for finding this bug.

Apple says that Mac OS X 10.4.x users are vulnerable to attack via GIF images. A bad guy may be able to construct a corrupt GIF immage that causes a memory allocation failure, which can they be used to either crash the application viewing the GIF file, or possibly run hostile code. This has been patched, for Mac OS X 10.4.7, with the Security Update 2006-004.

When using WebKit on an Apple Mac OS X 10.3.9 or 10.4.7 computer (either client or server), visiting a malicious could allow hostile content to be run on your computer. Apple says this has been fixed in Security Update 2006-004. They credit Jesse Ruderman of Mozilla Corporation for finding this bug.

If Remote Login is turned on in a Mac OS X 10.4.7 computer, remote attackers may be able to use a bug in OpenSSH to crash the computer. They may also be able to ascertain information on accounts. This has been fixed in the Security Update 2006-004. Apple credits Rob Middleton of the Centenary Institute for finding this bug.

An attacker may be able to construct a Canon RAW image file that will crash an application trying to view it on an Apple Mac 10.4.7 computer. This has been fixed in the Apple Security Update 2006-004.

According to Apple, if you are running Adobe Photoshop CS2 or Adobe Illustrator CS2 on an OS X 20.4.6 or earlier computer, two files that are installed in the Legal.localized folder may cause problems. These files are
Applications/Adobe Photoshop CS2/Legal.localized//Tiếng Việt.html
/Applications/Adobe Illustrator CS2/Legal.localized/Tiếng Việt.html
They may cause the Disk Utility to report a serious failure. Of course, a hard drive going bad may also cause these serious failure messages. See http://docs.info.apple.com/article.html?artnum=302411 for more Apple advice on disk failures.

AOL

Secunia Research found a bug in the way that America Online 9.0 Security Edition revision 4184.2340 sets default permissions in the America Online 9.0 folder. AOL gives Full Control to the Everyone group, which means that anyone can delete or change AOL files in this folder. Secunia told AOL, who has a fix ready. It will be applied automatically when you log onto AOL. If you are using a version older than Security Edition 9, AOL says you should upgrade. Secunia credits Carsten Eiram with finding the bug.

ATI

Nothing this month

Cisco

Cisco says there are two bugs in their Cisco VPN 3005, 3015, 3020, 3030, 3060, and 3080 concentrators. These bugs are active when file management via File Transfer Protocol (FTP) is turned on. They may allow unauthenticated attackers to use FTP commands to delete files on the concentrator. See http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml for which versions of the software are affected, and how to get the fix.

A bug in Cisco's PIX firewall appliances was shown at the Black Hat USA Conference. Details weren't disclosed, because Cisco doesn't have the patch ready yet. Security researcher Hendrik Scholz says that you will be able to "Open up whatever port you want", which doesn't sound like the kind of behavior you want from a firewall. Read more at http://www.pcworld.com/article/126649-1/article.html.

Cisco says there is a bug in their Cisco PIX 500 Series Security Appliances, the Cisco ASA 5500 Series Adaptive Security Appliances (ASA), and the Firewall Services Module (FWSM). This bug may let unauthorized users to gain access to a device, and also let authorized users get locked out and not able to manage a device. Cisco has a software fix for this at http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml.

Computer Associates

Nothing this month

Dell

Not really a bug, but your laptop going up in flames certainly qualifies as something bad happening to your computer. Dell has a new site, called https://www.dellbatteryprogram.com/ with information on the laptop battery recall. When I checked it this morning, I got a warning message about a problem with the security certificate. Chances are, that happened due to the haste in getting up the separate site. If you go to dell.com, there's only a little tiny link to "Battery Recall" at the bottom of the page.

EA

EA Sports lists these controllers as compatible with Madden NFL 07: Logitech Dual Action; Logitech Rumble Pad 2; Gravis Eliminator Aftershock; Thrust Master Firestorm Dual Analog Gamepad; Thrust Master Firestorm Dual Power 3; Thrust Master Firestorm Dual Analog 3; Thrust Master Firestorm Wireless Controller; and Xbox 360TM Controller for Windows.

If you are having problems playing EA Sports Madden NFL 07 online, make sure these ports are open in your firewall or router: HTTP 80 (outbound); HTTPS 443 (outbound); TCP 13500, 28400-28499, and 32768-65535 (outbound), and UDP 1795 and 1797 (inbound and outbound).

General

Chalk AT&T up as the latest company to lose their customer's data. Credit card data on "fewer than 19,000 customers" that were stored on the server for the company's online store were stolen by hackers over the weekend. If you ordered something online from AT&T, check out http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002843.

CipherTrust, a company that specializes in messaging security, says they have found a jump in zombified PC since August's Patch Tuesday. The malware infecting these computers are variations of the Mocbot worm, including Guebot and Graweg. Read the whole thing at http://news.zdnet.com/2100-1009_22-6108409.html.

After losing another laptop with sensitive data, the Department of Veterans Affairs (VA) is undertaking a crash program to encrypt all the data on its laptop computers. They plan on having it completed within a month. That means in about six weeks, the BugBlog will have an item talking about how the VA can't access its data because they've lost the encryption keys.

The US Department of Transportation (DOT) lost a laptop in Florida that had contact information, including Social Security numbers, on 133,000 Florida residents. Why did the laptop have that data? Because a DOT Special Agent was giving a presentation at an anti-fraud conference. (We're from the government and we are here to help.) I don't know if they will be comparing notes with the VA. Read more at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9002530.

There is a bug in the way that MIT Kerberos (krb5) validates calls to seeuid() in ftpd and in the ksu program. This may give local users elevated privileges, including the ability read, write or create files as root. MIT Kerberos has update information to fix this at http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2006-001-setuid.txt.

C Net shows how some lax security implementations at financial sites may make it easier to conduct phishing attacks. Their story is based on demonstrations from the 2006 Black Hat Briefings in Las Vegas. There's no specific behavior that consumers need to do to patch this particular problem -- it's something that the financial institutions web sites need to do. However, it certainly won't hurt to be very, very careful not to click on links from banks or credit card companies in your email. It's always best to start a fresh browser session and log in to your bank directly.

Symantec warns against something called the SpywareRemovalWizard, which they say gives exaggerated reports of problems on your computer, to get you to purchase a registered version of the program. (Real AV companies would never exaggerate a threat.) See http://www.symantec.com/home_homeoffice/security_response/writeup.jsp?docid=2006-081510-5536-99&tabid=1 for Symantec's report.

Microsoft warned game developers that a new hunting ground for hackers and other data thieves are massively multiplayer online (MMO). Since articles in games such as "World of Warcraft" develop monetary value in the real world, it may be a worthwhile target for some data theft. Read more at http://news.zdnet.com/2100-1009_22-6105609.html.

If you have some air travel scheduled for the near future, and you were going to take your PC along, you may want to read these tips from InternetWeek on the new restrictions at http://news.yahoo.com/s/cmp/20060814/tc_cmp/191902125.

The latest Black Hat security conference discussed how security shortcomings could cause problems with websites that rely on AJAX (Asynchronous JavaScript and XML). You may not be familiar with AJAX, but you use it if you go to Google Maps, Yahoo and MySpace, among other sites. Read more at http://www.eweek.com/article2/0,1895,1998795,00.asp.

Here's one of those good news/bad news articles. The good news is that security holes within operating systems are being closed up, so that your OS is more secure. The bad news is that attackers are now concentrating on device drivers instead. Read the whole thing at http://www.channelregister.co.uk/2006/08/04/hackers_bypass_os/.

Google

Google is going to include pop-up warnings to users who may want to follow a link on Google searches to certain wesites that have been labeled as distributing malware. The identification process is by The Stop Badware Coalition. You will still be allowed to click the link. Read more at http://www.pcworld.com/article/126656-1/article.html. (I forsee some lawsuits in the future.)

IBM

The July 2006 monthly cumulative update for IBM WebSphere Portal 5.1 WebSphere Member Manager (WMM) fixes a bug that was preventing LDAP DN from retrieving member attributes. It also fixes a groupcache timeout bug. Get the update at http://www-1.ibm.com/support/docview.wss?uid=swg24013154.

It appears that you can't go on vacation in you've got a full mail box, according to Lotus Notes. Actually, what IBM says is that you won't be able to turn on the Lotus Notes/Domino Out Of Office (OOO) feature if you are over your quota in your mail database. That's because to turn on the OOO feature, you have to save some changes to your profile, and you can't do that if you are over your quota. As a workaround -- throw some stuff out, or at least archive some messages.

If you are a user of Informix, the database now owned by IBM, you may want to read a report from security researcher David Litchfield. He informed IBM of a number of security bugs in Informix in January 2005. IBM rushed out the patch in August 2006. The report itself is at http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf.

Intel

Intel is going to have to re-release one of their own security patches for Centrino-based computers. There is a bug in the Proset wireless connection software that came with the update that causes Proset to use more and more memory, until it finally bogs down the computer. The drivers itself are fine, so that you should be able to use the Intel hardware with third-party software until you install the patch from http://support.intel.com/support/wireless/wlan/sb/cs-010623.htm.

McAfee

There are some bugs in McAfee SecurityCenter 4.3 through McAfee SecurityCenter 6.0.22 that may allow authenticated users to run some arbitrary commands on a computer. Those of you running shared systems should check out McAfee's update information at http://ts.mcafeehelp.com/faq3.asp?docid=407052.

McAfee says that a bug in their SecurityCenter Versions 4.3 through 6.0.22 may let a remote, unauthorized user run code on a "protected" computer. They are releasing a patch, both through their automated software update and http://www.mcafee.com/us/support/default.asp, that will fix this. McAfee credits eEye Digital Security with finding this bug.

Microsoft

David Letterman did a salute to Bill Gates on the announcement of his retirement. In case you missed it, you can watch it on YouTube at http://www.youtube.com/watch?v=5NoGbLI3ePA.

Microsoft says there is a bug in the kernel of Windows 2000, Windows XP, and Windows Server 2003 that may let a remote attacker completely take over your computer. The bug is in the way that exception handling is done by Windows when you have multiple applications loaded in memory. This attack could be carried out by a hostile website, if you happen to be visiting. Microsoft labels this a Critical bug, and have patches for it at http://www.microsoft.com/technet/security/Bulletin/MS06-051.mspx. As a workaround, you could mitigate the impact by disabling Active Scripting.They credit Matt Miller of Leviathan Security Group and Ken Johnson for finding this bug.

There is a critical bug in the Server services for Windows 2000, XP, and Windows Server 2003. This bug may allow a remote attacker to take complete control of the Windows system. According to Microsoft, a properly-configured firewall may help protect against this kind of attack. They have patches for the affected systems available at http://www.microsoft.com/technet/security/bulletin/ms06-040.mspx. Microsoft credits US-CERT and SANS for finding this bug.

The Secunia website reports on a bug in the GDI Client DLL library (gdi32.dll) in most versions of Windows, from Windows 2000 up to Windows Server 2003. A maliciously designed WMF file may be used to crash Windows for a Denial of Service attack. Secunia credits cyanid-E for finding this bug. See more at http://secunia.com/advisories/21377/.

A bug in the DNS client in Windows 2000, XP and Windows Server 2003 may allow a remote attacker to take complete control of your computer. However, the attacker either has to be on a subnet between the host and the DNS server, or else you will need to make a DNS request to the attacker's server, which lessens the vulnerability. Microsoft has links to fixes for this critical vulnerability at http://www.microsoft.com/technet/security/bulletin/ms06-041.mspx. Microsoft credits Mark Dowd of ISS X-Force for finding this bug.

Microsoft says that a bug in the Winsock API in Windows 2000, Windows XP, and Windows Server 2003 may let a hostile web site take complete control of your computer. This can happen if the attacker can trick you into opening a malicious file, or visiting a website that has been designed to make a special call on the Winsock API. Microsoft has links to fixes for this critical vulnerability at http://www.microsoft.com/technet/security/bulletin/ms06-041.mspx. Microsoft credits Peter Winter Smith of NGS Software for finding this bug.

There is a bug in the way that Microsoft Internet Explorer renders certain webpages that are laid out in a particular way. Because of the bug, a hostile web site could design a page to take advantage of this, corrupt memory, and take complete control of a system. (I couldn't take advantage of this, because I know all BugBlog readers use Mozilla.) You may be able to guard against this if you do your browsing in the Restricted Zone within IE. Even better, get the Cumulative Security Update 918899 for Internet Explorer at http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx. Microsoft credits Sam Thomas, working with TippingPoint and the Zero Day Initiative, for finding this bug.

A bug in the way that Microsoft Internet Explorer 6 handles chained Cascading Style Sheets (CSS) may allow a hostile web site to take complete control of your computer. This affects IE running on Windows 2000, Windows XP, and Windows Server 2003. Microsoft has fixed this in the Cumulative Security Update 918899 for Internet Explorer at
http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx. Microsoft credits Sam Thomas, working with TippingPoint and the Zero Day Initiative, for finding this bug.

A bug in the way that Windows XP and Windows Server 2003 does MHTML protocol parsing may allow a remote attacker to take complete control of your system. This can happen either by visiting the hostile web site, or by clicking a link within email in Microsoft Outlook Express 6. Microsoft labels this a Critical Update, and has patches for this at http://www.microsoft.com/technet/security/bulletin/ms06-043.mspx.

Microsoft has patched two bugs within PowerPoint that may allow an attacker to take complete control of your system via a malicious PowerPoint presentation. One bug is in the MSO.DLL, and the other is activated when parsing a malformed record. This affects PowerPoint 2000, XP, 2003, and PowerPoint for Mac OS X. Get patches for these critical bugs at http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx. Microsoft credits Elia Florio of Symantec, Dejun Meng of the Fortinet Security Research Team, Shih-hao Weng of Information & Communication Security Technology Center, and SoWhat of Nevis Labs for finding these bugs.

Microsoft has released the latest version of their Windows Malicious Software Removal Tool, which will help remove all the bad software that their browser allowed to sneak in. The latest update includes Win32/Bamler amd the Win32Jeefo to the list of malicious software that gets removed. See http://support.microsoft.com/?kbid=890830 for more on this tool.

A bug in the Microsoft Management Console in Windows XP and Windows Server 2003 may allow remote attackers to access HTML embedded resource files. They may then be able to use this bug to run their own code on your computer. Microsoft has a fix for this. Get it at http://www.microsoft.com/technet/security/bulletin/ms06-044.mspx. Microsoft credits Yorick Koster of ITsec Security Services, H D Moore, and Tom Gilder for reporting this bug.

A bug in the way that Microsoft Visual Basic for Applications looks at document properties when a document is opened may allow an attacker to run hostile code on your system. They consider this a Critical bug, and it affects Microsoft Office 2000, Office XP, Visio and Project 2002, and Microsoft Works Suite. However, it does not affect Office 2003. Get fixes at http://www.microsoft.com/technet/security/Bulletin/MS06-047.mspx. Microsoft credits Ka Chun Leung of Symantec for finding this bug.

Two different bugs in the Microsoft Windows Hyperlink Object Library may allow a remote attacker to run their code on your system, if you click on a link within a malicious Office file or email message. This affects Windows 2000, Windows XP, and Windows Server 2003. Get your fix for this at http://www.microsoft.com/technet/security/Bulletin/MS06-050.mspx. Microsoft credits Pedram Amini of the TippingPoint Security Research Team and Steve Tai of CSC Australia Pty Limited for finding these bugs.

There is a bug in the way that Windows 2000 Service Pack 4 validates some user inputs. A local user with log-on privileges could exploit this bug to take complete control of a system with Administrator privileges. Microsoft has the fix for this at http://www.microsoft.com/technet/security/bulletin/ms06-049.mspx.

A bug in the Drag and Drop function within Windows Explorer in Windows XP and Windows Server 2003 may be exploited by a malicious web site. The remote attacker may be able to save a file on your system, which could later be used to execute code and take control of your computer. Microsoft has a fix for this at http://www.microsoft.com/technet/security/bulletin/ms06-045.mspx.

Here's a report talking about the strong initial sales of Microsoft Windows Live OneCare. The AV/firewall/spyware package grabbed 15.4 percent of security software sales, helped along by low pricing. So do that many people really trust Microsoft for security software, or are they blinded by a brand name? Read more at http://news.zdnet.com/2100-1009_22-6104926.html.

If you create a Microsoft Excel document that contains hyperlinks, and then save that spreadsheet as an html file, those links may not work when you click on them with Internet Explorer 6. Microsoft says this may happen if IE 6 is running on a Windows XP computer where Service Pack 2 has been installed, or a Windows Server 2003 computer with Service Pack 1. Microsoft has a hotfix, which will be in a future service pack. If you need to get the fix earlier, and to see a Registry Edit that accompanies the fix, see http://support.microsoft.com/kb/885439.

In Microsoft Excel 2003, if a spreadsheet has some hyperlinks, and you copy and paste a portion of this worksheet into another worksheet, all the hyperlinks from the original document will get pasted, even if they are not part of the selection. Microsoft does say they get pasted as hidden hyperlinks. They have a hotfix for this, which will be in a future Office 2003 Service Pack. If you can't wait, see http://support.microsoft.com/kb/923335 for information on how to get the fix.

US-CERT says there is a bug in Microsoft Internet Explorer 6.0 SP1 running on Windows Server 2003. A remote attacker may be able to use a Terminal Services COM object as an ActiveX object, and crash the server. This may also allow the attacker to run their own code on the server. There's no official word from Microsoft yet -- you can see what the Feds have to say at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4219.

According to the Browser Fun blog, that spent July tracking bugs in popular browsers, the Microsoft MS06-042 patch for Internet Explorer not only patched eight publicized bugs, it also silently patched the Orphan Object Properties bug, without giving any explanation in the bulletin. See http://browserfun.blogspot.com/2006/08/putting-fun-in-browser-fun.html for more.

There is a buffer overrun in the HTML Help in Windows 2000, Windows XP, and Windows Server 2003. A remote attacker can construct a hostile web page that can exploit this to take complete control of your system. You can download a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS06-046.mspx. As a workaround, you can also disable the HTML Help ActiveX control. Microsoft credits Cody Pierce of the TippingPoint Security Research Team for finding this bug.

The Internet Storm Center has some details on exploits currently circulating that attempt to exploit the bugs patched by the Microsoft's MS06-040 security advisory. As reported in the 8/12 BugBlog, the Department of Homeland Security made it a special point to tell people to apply this patch. Read more at http://isc.sans.org/diary.php?storyid=1597, including information on how to configure firewalls to help protect against this threat.

Researchers at eEye have disccovered that the new bug in the MS06-042 patch for Microsoft Internet Explorer are exploitable by bad guys. IE 6 running on Windows 2000, and IE 6 running on Windows XP Service Pack 1 are affected.The bug triggers a buffer overflow, and the overflow can be exploited to introduce malware into your system. Microsoft has also withdrawn a proposed patch for this patch, citing problems discovered during testing. See eEye's bulletin at http://research.eeye.com/html/alerts/AL20060822.html for details and workaround information. Microsoft's side of the story is at http://blogs.msdn.com/ie/archive/2006/08/22/711402.aspx.

A bug snuck into the Cumulative Update for Microsoft Internet Explorer 6 that was distributed with the August Security Bulletin MS06-042. Because of the bug, if you visit a website that has a custom pop-up object, IE may crash. The error signature may look like this on a Windows XP computer:
Iexplore.exe 6.00.2900.2180 Mshtml.dll 6.0.2900.2963 0006d031.
Microsoft has a hotfix, which will probably get distributed in the next cumulative update for IE. See http://support.microsoft.com/kb/923996 if you need the fix right away.

The story so far: Microsoft releases a critical security patch for Internet Explorer; a bug is found in the patch, so they get ready to re-release the patch; another bug is found just before the re-release; then finally it's fixed. Here's Microsoft's explanation: The problem was because of the way the patch affected Internet Explorer 6 Service Pack 1 on Windows 2000. While most home users have moved on to Windows XP, there is still a large percentage of enterprise customers on Windows 2000, and they would have been affected. Read the whole thing at http://blogs.technet.com/msrc/archive/2006/08/24/449860.aspx.

Microsoft says that if you use Windows Integrated authentication, you may get poor performance when using Microsoft Internet Explorer 6 to access a web application that's on a Microsoft Internet Information Services (IIS) 6 website. They say it's because IE clients will regularly reset TCP connections. Microsoft has some detailed workarounds you can do to the IIS configuration to prevent this. Somewhat surprisingly, the Microsoft Knowledge Base article also points out that the poor performance does not occur when you use alternative browsers such as Mozilla Firefox. That's right -- they actually cited Firefox by name! See for yourself at http://support.microsoft.com/kb/922703.

The latest cumulative security update for Microsoft Internet Explorer 6 may cause the browser to crash if you visit websites that use certain features. The update, which was in Security Bulletin MS06-042, can't handle sites that use both the HTTP 1.1 protocol as well as compression. Microsoft is working on an update to their security update. In the meantime, as a workaround you can disable the use of HTTP 1.1 (or use Mozilla Firefox). For the workaround, go to Tools, Internet Options, Advanced. In the Settings box, uncheck the Use HTTP 1.1 option.

The SANS Internet Storm Center says they have been collecting reports that the Microsoft MS06-042 security patch will cause problems with Internet Explorer 6 when you use Computer Associates Unicenter Service Desk. They say the problem goes away if you use one of the Mozilla browsers. SANS ISC has a handy update to which Microsoft patches are causing problems at http://isc.sans.org/diary.php?storyid=1611.

While Microsoft released 12 security bulletins during August's Patch Tuesday, the most important one to the US Department of Homeland Security is MS06-040, for the vulnerability in the Server service. That is the one they singled out as most important, saying "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users." Microsoft's patch is at http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx.

Another indication of problems with Microsoft Windows Genuine Advantage. Over at Ed Bott's Microsoft Report blog on ZD Net, he tried using a pirated key that had been published on the Internet for Windows XP. After installation he went the WGA checks to see how they treat pirates. Unfortunately for Microsoft, it appears that WGA didn't catch his pirated key. Read more at http://blogs.zdnet.com/Bott/?p=110.

There are problems with Microsoft's MS06-040 Security update, when installed on Windows Server 2003 Service Pack 1 computers. If you are running a program on the server that needs lots of contiguous memory, it may not run after you upgrade the security patch. Note also that MS06-040 is the security patch that the Department of Homeland Security emphasized should be installed, and that there are active exploits against the holes that it patches. Microsoft is working on a patch for the patch. Keep an eye on http://support.microsoft.com/kb/924054 for further news.

eEye Digital Security reports that there is an attack mounting against the security holes patched by the MS06-040 patch from Microsoft. If successful, this attack will plant an IRC (Internet Relay Chat) bot on your computer, which will then be used to mount distributed denial of service attacks against other computers. Names for this new piece of malware include W32.Wargbot (Symantec), Worm.IRCBOT.JK/JL (Trend Micro), IRC.Mocbot (McAfee), and IRCBOT-ST (F-Secure). Read eEye's full report at http://research.eeye.com/html/alerts/AL20060813.html.

A report at the website ConsumerAffairs.com says that the failure rate for Microsoft Xbox 360 consoles is far higher than the 3 to 5 percent failure rate that Microsoft admits to. The story is based on an anonymous source within Electronic Arts, and is also based on complaints to that website as well as complaints at www.Xbox.com forums. Read the whole story at http://www.consumeraffairs.com/news04/2006/08/xbox_gamers02.html.

A conflict between Microsoft Office 2003 and the Open Document Management API program may cause conflicts when you use the Remove Hidden Data tool to get rid of all the behind-the-scenes stuff in an Office 2003 document. When run the tool you may get this error message:
"Remove Hidden Data: You must save this file before running the Remove Hidden Data tool."
Microsoft has a hotfix for this, which will be in a future service pack. Can't wait for the fix? See http://support.microsoft.com/kb/922322 for details on how to get it right away.

If you want to print from a Microsoft Office program to a printer that supports collating, and you turn on collating support in both the Office application and at the printer, the two may cancel each other out, and collating won't work correctly. Microsoft's advice is to turn off the collating option at the printer, and rely on the collating functionality of Office. See http://support.microsoft.com/kb/921561 for more.

When you drag a piece of clipart from the Clip Art task pane in Microsoft Office XP to a document, your Office application may crash with this error message:
Not enough memory.
Microsoft has a hotfix for Office XP Service Pack 3 users. The fix itself may be in a future service pack. If you need to get it sooner, see http://support.microsoft.com/kb/923004.

If you want to do a Mail Merge in Microsoft Publisher, where your data source is a Microsoft Outlook contact list, the list must be displayed in the Outlook Address Book. If it isn't, Publisher won't be able to find it, and will give you this error message:
Unable to obtain list of tables from the data source.
See http://support.microsoft.com/kb/922684 for the workaround details.

A brand-new attack against Microsoft PowerPoint was discovered on 8/19/06. A maliciously designed PowerPoint document, when opened, may be able to run code on your computer. The exact bug hasn't been pinned down yet, but has been noted because of the Trojan Horse-type activity it triggers. It does not appear to be the same bug patched by Microsoft in the August Patch Tuesday security release. For now, the only fix is to be careful around unknown PowerPoint files. Read more about it at http://blogs.securiteam.com/?p=559.

Microsoft is dismissing claims of a new PowerPoint zero-day attack. (This bug was reported in the 8/21 BugBlog.) According to Microsoft, this is not a new bug and has already been fixed by them. You can read their side of the story at http://www.eweek.com/article2/0,1759,2006489,00.asp.

If you schedule too many dates on one day in a Microsoft Office Outlook 2003 calendar, they may not all fit on the screen. Microsoft says that there may not be a scrollbar available to let you scroll down and see the rest of the events. They have a hotfix for this, which will be in a future service pack. If you need the hotfix right away, see http://support.microsoft.com/kb/921651. As a temporary workaround, take life at a slower pace and cancel some events.

If you draw a text box in Microsoft Visio 2003, rotate the text box so that it is vertical, and then save it as a Windows Metafile Format (WMF) file, some of the rotated text may be missing. Microsoft has fixed this in an Office 2003 hotfix, which will be in a future service pack. If you can't wait for your fix, see http://support.microsoft.com/kb/923007.

When you restart a Windows XP Professional computer, you may see this error message, which will only appear some of the time:
Stop 0xC000021A
Microsoft says this happens because the Wbemprox.dll library is unloaded before it should be. This may happen more often if Group Policy is applied just before the restart. Microsoft has a hotfix for Windows XP Service Pack 2 computer. See http://support.microsoft.com/kb/922410 for information on how to get the fix right away. Otherwise, wait for the next Windows XP service pack.

Microsoft says that Windows Server 2003 may have problems with a memory leak for the Automatic Updates service. The leak may eat up memory quickly if you have set up Automatic Updates to check every two hours or more for updates. See http://support.microsoft.com/kb/914810 for hotfix information.

If you use the Driver Verifier utility in Microsoft Windows Server 2003 to monitor your SCSI adapter drivers, and then restart your computer, you may see one of these error messages
STOP 0x00000050
STOP 0x000000F4
Microsoft says this happens because physical memory references get out of whack after the monitoring. See http://support.microsoft.com/kb/923150 for hotfix information.

When using the Offline Files Feature in Windows XP, trying to save a large file offline may cause Windows XP to lock up. According to Microsoft, if the files are larger than 20 megabytes, you may have this problem. Microsoft has a hotfix, which will be in a future service pack. If you regularly save large files, and run into this problem, see http://support.microsoft.com/kb/918338 for information on getting the fix earlier.

If you listen to My Music with visualizations turned on in the Windows XP Media Center Edition 2005, and then switch to watch Live TV, your TV screen may show up with a white screen instead of your TV channel. Microsoft says that pressing the Live TV button on the Media Center remote control should get the TV to show up.

Microsoft says that on Windows XP, if you go to the Creating a New RSA Exchange Key dialog, and then click Details, you will see a message saying this is a CryptoAPI Private Key, and you won't be able to make any changes. This problems could be caused by a number of different things, according to Microsoft. They have a hotfix, which will be in a future Windows XP service pack. If you need this fix right away, see http://support.microsoft.com/kb/906751.

Try to change the wallpaper on a Windows XP computer, and you may see that this option within Display Properties is either missing or grayed out. This may have been done by a system administrator, who wants you to concentrate on work and quit fiddling with your options. It may also be the work of some malicious program, in which case you can do a Registry edit for a fix. See the details, and an important warning about editing the Registry, at http://support.microsoft.com/kb/921049.

You may have read that hackers released a program called FairUse4WM that defeats the digital rights management features in Windows Media Play 10 and 11 with the MTV Urge Music Service. Not surprisingly, Microsoft has announced they will quickly move to plug this hole. Read more at http://www.eweek.com/article2/0,1895,2010354,00.asp.

If you want to watch a video file in Microsoft Windows XP Media Center Edition 2005, and the video file has DRM protection (Digital Rights Management), Microsoft says not to double click the video file. Only use a single click. The video file may not play with the double-click, and you may also lock up the Media Center. If you've already double-clicked and gotten into trouble, see how to fix things at http://support.microsoft.com/kb/922677.

You may have problems moving purchased content onto a Microsoft verified "PlaysForSure" portable device, even though you can move content ripped from a CD onto the device. Instead, Windows Media Player 10 may give the error message:
0xC00D10BC - Windows Media Player cannot synchronize the file because the device needs to be updated.
This happened after an update to the Media Transfer Protocol (MTP) driver by Microsoft unearthed a bug that causes compatibility problems with Microsoft's Digital Rights Management scheme. Microsoft has a hotfix for this, which you can download from http://support.microsoft.com/kb/922814/.

Try to open a Microsoft Word 2003 XML document, and Word may lock up for anywhere from 10 to 30 minutes. Microsoft says this may happen when the Word doc is linked by another Microsoft Office document, and that other document is on a network share and is opened by someone else. There aren't any configuration changes that can avoid this. Microsoft has a hotfix for this, which will be in a future Office service pack. See http://support.microsoft.com/kb/923826 if you need to get the fix right away.

If the Automatically hyphenate document option is selected in Microsoft Word 2003, when you print the document a paragraph may get reprinted over itself. Microsoft says the second printing will be just slightly offset, which will make things unreadable. See http://support.microsoft.com/kb/924337 for the fix as well as a Registry edit that will need to be done.

Mozilla

Mozilla has released Firefox 1.5.0.6. This update quickly follows the 1.5.0.5 release, which was a security update. Unfortunately, version 1.5.0.5 had a bug that caused problems playing streaming Windows Media content, written up in the 8/1 BugBlog. Mozilla users can wait for the auto update, or get the new version at http://www.mozilla.com/firefox/releases/1.5.0.6.html.

There is a bug in the new Mozilla Firefox 1.5.0.5 that interferes with your ability to view streaming video, especially in the Windows Media format and Real Media format. You can see by the discussion in Bugzilla at https://bugzilla.mozilla.org/show_bug.cgi?id=346167 that a fix may be here fairly quickly, in the form of a Firefox 1.5.0.6 release.

MySQL

There have been two bugs reported in MySQL 5.x that can be exploited by authenticated users with reduced privileges. These users can exploit the bugs to create databases when they shouldn't, or to execute execute arbitrary DML statements. The bugs will be fixed in the upcoming MySQL 5.0.25 release. You can see the bug reports at http://bugs.mysql.com/bug.php?id=17647 and http://bugs.mysql.com/bug.php?id=18630.

Novell

Novell has released ZENworks 7 Asset Management Support Pack 1 Interim Release 8 (someone tell them that ZENworks 7.1.8 would be simpler). This is a cumulative update that also has new fixes for bugs that kept software scans from working if a path was greater than 260 characters. It also fixes compatibility problems with Oracle and Apple Mac OS X 10.4.6. Get it at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974309.htm

Novell has re-released the Client Post-4.91 SP2 Patch Kit "C". This patch kit was first released on 7/18/06. The re-relese on 8/21/06 was to correct errors in the readme file. The patch itself has numerous bug fixes, including in the login script and in the NWParsePath. Get the patch at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974113.htm.

Novell has update the various -ix versions of eDirectory 8.7.3.8. Users on Linux, Solaris, AIX, and HPUX platforms can find the update at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973826.htm. It fixes a number of bugs that crash eDirectory during bad DNS resolves or when reading past the end of the bad address cache buffer.

Novell SuSE has fixed a bug in the Linux Enterprise 9 kernel, the Open Enterprise Server, and Novell Linux Desktop 9. This bug may let a local user gain root privleges by changing some file modes. See http://lists.suse.com/archive/suse-security-announce/2006-Aug/0005.html for the details.

NVIDIA

Nothing this month

Oracle

Nothing this month

Red Hat

Red Hat has an updated X.org package for Red Hat Enterprise Linux 4. This update fixes an integer overflow bug in the X.org server that may let authorized users trigger a denial of service attack, or possibly run their own malicious code. Get the update at https://rhn.redhat.com/errata/RHSA-2006-0634.html.

Red Hat says that a bug in the proc file system of Red Hat Enterprise Linux 4 may allow local users to gain root privileges by using a suid-wrapper on scripts. This has been fixed in a kernel update. Red Hat users can get the update at https://rhn.redhat.com/errata/RHSA-2006-0617.html.

There is a bug in the USB portion of the Linux kernel that may allow a local user to trigger a denial of service. Another kernel bug in the keyctl function may also allow local users to trigger a denial of service or read kernel memory. Linux vendors will be rolling out upgrades. You can find the Red Hat Enterprise Linux patches at https://rhn.redhat.com/errata/RHSA-2006-0575.html.

There's an updated Perl package for Red Hat Enterprise Linux 4. A bug in the Perl setuid wrapper may allow local users to save debuggin information to arbitrary files. This information could then be used to aid future attacks. According to Red Hat, they first released this patch in February 2005. However, the fix was dropped in later updates, starting with October 2005. In any case, you can get the patch now at https://rhn.redhat.com/errata/RHSA-2006-0605.html.

Red Hat has an updated libtiff package for Red Hat Enterprise Linux 2.1, 3 and 4. The update fixes a bug that may allow an attacker to construct a TIFF file with hostile code that could crash any application using libtiff, or possibly run hostile code. Get the update at
https://rhn.redhat.com/errata/RHSA-2006-0603.html.

Red Hat has their versions of Mozilla Firefox 1.5.0.5, Thunderbird 1.5.0.5 and and SeaMonkey 1.0.3. These updates from Mozilla fix a number of critical security bugs. You can get Red Hat's versions at https://rhn.redhat.com/errata/RHSA-2006-0610.html for Firefox, https://rhn.redhat.com/errata/RHSA-2006-0611.html for Thunderbird, and https://rhn.redhat.com/errata/RHSA-2006-0609.html for SeaMonkey.

RIM

Research in Motion Blackberry owners now have to worry about malware attacks. Security researcher Jesse D'Aguanno has demonstrated how you can combine some Trojan horse code in a free tic-tac-toe game download, which will then work with BBProxy to launch attacks against other machines on a network. It's all theoretical for now, but there's probably bad guys working on this right now. Read more at http://www.pcworld.com/article/126685-1/article.html

Ruby on Rails

A mandatory update to Ruby on Rails has been released. Rails 1.1.5 fixes an unspecified but critical security problem. The Rails people say "If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched." See more at http://weblog.rubyonrails.org/2006/8/9/rails-1-1-5-mandatory-security-patch-and-other-tidbits

SendMail

Sendmail 8.13.8 has been released. It fixes a number of bugs that crept into version 8.13.7, including a bug that will report insufficient disk space, even if you have plenty of room. This bug is set off if you use shared memory. Get the update at http://www.sendmail.org/releases/8.13.8.html.

Sony

The Good Morning Silicon Valley blog collects quite a few links to stories that say that maybe Dell and Sony knew they had an exploding battery problem even earlier. It was probably just good corporate strategy, and a pre-emptive strike against domain squatters, that Dell registered the dellbatteryprogram.com domain on 11.10.2005. Read more at http://blogs.siliconvalley.com/gmsv/2006/08/we_would_have_a.html.

While the 4 million or so laptop batteries being recalled by Dell are actually made by Sony, who is the second largest supplier of laptop batteries. Other laptop manufacturers, including Hewlett-Packard and Lenovo, say that this exploding battery problem doesn't affect them. Apple seems to be still researching things. See the whole story at http://www.eweek.com/article2/0,1895,2003826,00.asp.

Joe Moore of Pentest Limited reports on some bugs in the Sony VAIO Media Integrated Server that may let attackers see sensitive information or possibly execute their own programs. According to Secunia at http://secunia.com/advisories/21512/, the bugs have been fixed in the VAIO Media Integrated Server 4.x/5.x Update Program 1.0.00.42120.

Sun Microsystems

On Sun Microsystems Solaris 8,9, or 10, you may get this error on system boot or when you try to probe Sun StorEdge D240 drives:
MSGREJ not expected.
Sun has fix information at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102283-1.

In Sun Microsystems Solaris 10, if you install a package with a pkgmap(4), and there is a "?" for the mode field of a file or directory, then some permissions may be set insecurely, and will let unauthorized users modify files within that directory. See http://sunsolve.sun.com/search/document.do?assetkey=1-26-102513-1 for workaround and fix information.

Sun Microsystems says that Solaris 8 and 9, on all platforms, has a bug in the Role-Based Access Control in the File System Management profile. This bug may allow local users who have been given this profile to run commands as root. See http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 for patch information.

Symantec

There is a bug in Symantec Enterprise Security Manager 6.0 and 6.5 that can be exploited by sending a specially designed invalid request. This will lock up both the ESM manager and the ESM agent. Both will need to be rebooted to recover from the attack. Symantec has both automated and manual fixes for all the affected ESM agents and managers. You can find the complete list at http://securityresponse.symantec.com/avcenter/security/Content/2006.08.21a.html.

Symantec says that their Symantec On-Demand Agent 2.5 (SODA) and Symantec On-Demand Protection 2.6 (SODP) have a problem with the encryption used to secure Web-based applications. The encryption is too weak, and it may be possible for unauthorized local users to see things they aren't supposed to see. See the fix information at http://www.symantec.com/avcenter/security/Content/2006.08.01a.html.

Ubisoft

Nothing this month

Winamp

Nothing this month

Yahoo

Yahoo has squashed a bug in the way that their Yahoo Mail service dealt with attachments. An attacker could have created an HTML attachment with a different encoding scheme that could evade the Yahoo Mail security filter, and then run some malicious JavaScript. Users of Yahoo Mail don't have to do anything-- the fix is implemented by Yahoo. Read more at http://www.pcworld.com/article/id,126788-c,yahoo/article.html.

Zone Alarm

Nothing this month