BugBlog Home
BJK Research Home
BJK Research Home

BugBlog Plus Archives
Current month
Nov 06 by company
Nov 06 by date
Oct 06 by company
Oct 06 by date
Sep 06 by company
Sep 06 by date
Aug 06 by company
Aug 06 by date
July 06 by date
June 06 by date
May 06 by date
Apr 06 by date
Mar 06 by date
Feb 06 by date
Jan 06 by date
Jan 06 by company
Dec 05 by date
Dec 05 by company
Nov 05 by date
Oct 05 by date
Sept 05 by date
Aug 05 by date
July 05 by date
June 05 by date
June 05 by company
May 05 by date
May 05 by company
Apr 05 by date
Apr 05 by company
Mar 05 by date
Mar 05 by company
Feb 05 by date
Feb 05 by company
Jan 05 by date
Jan 05 by company
Dec 04
Dec 04 by company
Nov 04
Oct 04
Sept 04 by date
XP SP 2
Aug 04 by company
Aug 04 by date
Jul 04 by company
Jul 04 by date
June 04 by company
June 04 by date
May 04 by company
May 04 by date
Apr 04 by company
Apr 04 by date
Mar 04 by company
Mar 04 by date
Feb 04 by company
Feb 04 by date
Jan 04 by company
Jan 04 by date
Dec 03 by company
Dec 03 by date
Nov 03 by date
Nov 03 by company

 

Jump to the BugBlog archives (October 03 and earlier are public archives)

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

 

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

BugBlog

Adobe | Apple | AOL | ATI | Computer Associates | Cisco | Dantz | EA | General | HP | IBM | Intel | Intuit | Linksys | LucasArts |Macromedia | Mandrake | McAfee | Microsoft | Mozilla | Novell | NVIDIA | Opera | Opera | Oracle | Red Hat | Sun Microsystems | Symantec | Ubisoft | Winamp | Yahoo | Zone Alarm

Adobe

This report comes from a non-typical source: The Valleywag gossip site, part of the Gawker Media empire, reports on a problem that occurs with Adobe Creative Suite 2 running on Intel-based Macs. Some of the dialog boxes end up with long, repeating decimal values in the selections, as illustrated by a screen shot shown at the site. ValleyWag reports his end of a non-helpful conversation with Adobe Tech Support at http://www.valleywag.com/tech/adobe/adobe-indenial-210500.php

US-CERT has a preliminary report of a bug in the Adobe Flash Player plugin 9.0.16 for Windows, and version 7.0.63 for Linux. The bug is a CRLF injection vulnerability that may allow remote attackers to modify HTTP headers and interfere with ActionScript functions. Watch for updates on this at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5330.

When using Adobe Macromedia Dreamweaver 8 on a Macintosh, you may have problems rendering a very large file in Design view. The size constraint is in the number of pixels in the display, and not in the number of bytes in the file. The view of the large files may be truncated. One possible workaround, suggested by Adobe, is to use the Set Magnification menu (in the bottom right of the display window) to 99 percent, or 101 percent. They also suggest breaking up the big page into smaller files.

When you make a change to an Adobe Macromedia Dreamweaver template, and try to update the pages based on the template, you may get this error message:
Error Accessing File: "\\servername\wwwroot\templates\\\servername\wwwroot\templates\main2.dwt": bad file path (error code 3).
According to Adobe, the problem often comes from putting the site's local root folder on a shared network folder with a UNC path. Check out any possible workarounds at http://www.adobe.com/go/19208ee.

Adobe says that if you try to install Macromedia Dreamweaver 8 on a Macintosh OS X computer, the installation sometimes stalls when the indicator says there are 190 items left to install. Adobe thinks the problem has to do with the Extension Manager, but they aren't sure. See http://www.adobe.com/go/dd0a85af for details.

Adobe says that there is a bug in the Adobe Breeze 5.0 Licensed Server and Breeze 5.1 Licensed Server. Because of this bug, a user may be able to retrieve the contents of any file that is on the same drive where Breeze is installed. If you maintain your own Breeze server, get the patch at http://www.adobe.com/support/security/bulletins/apsb06-16.html.

Try to install Adobe Acrobat 6,7 or Acrobat 3D on a Windows XP 64-bit operating system, and you will probably get an error message similar to: Warning 20225. Adobe Acrobat 7.0.5 set up was unable to create a new item Adobe PDF Port & Printer. The Adobe Printer may be unavailable. GetLastError: The data area passed to a system call is too small. The problem is simple -- Adobe says Acrobat is incompatible and unsupported on a 64-bit operating system. So move on to Plan B.

Adobe says there is a bug in the Verity library that ships with ColdFusion MX 7, ColdFusion MX 7.0.1, and ColdFusion MX 7.0.2. This bug may allow local users to run their own code at the level of the local SYSTEM, as long as they have privileges to run code on the local system to begin with. There is a patch from Adobe at http://www.adobe.com/support/security/bulletins/apsb06-17.html, along with a workaround that disables the Verity library.

When you install the Adobe Contribute Publishing Server, the administrator password that is set up during installation may be available to local users. If you have local users who can't be trusted with the admin password, then Adobe says to change it. They won't have access to the new one. See how to do this at http://www.adobe.com/support/security/bulletins/apsb06-15.html.

Apple

The Apple Mac OS X 10.4.8 update clears up a number of networking compatibility problems. Mac OS X should now work better when you connect to a Comcast network; there should be less problems with Express Cards installed in Intel-based Macs or with external Apple USB Modems. You should also have less problmes using external Apple USB modems with connections made in Ireland.

According to Apple, when using Mac OS X Server 10.4.x, it may appear that Workgroup Manager lets you switch between crypt and ShadowHash passwords. In reality, you can't. The Mac OS X v10.4.8 update and Security Update 2006-006 changes the behavior. Administrators won't be allowed to select ShadowHash passwords if an account has a NetInfo parent. That avoids the confusion. Apple credits Chris Pepper of The Rockefeller University for finding this bug.

There is a bug in the way that Mac OS X 10.4.x computers view JPEG2000 images. An attacker may be able to construct one of these images that can either crash the application viewing it, or run hostile code on your machine. Apple has fixed this in the Security Update 2006-006 and have also patched it in Mac OS X 10.4.8. They credit Tom Saxton of Idle Loop Software Design for finding this bug.

Apple has added the latest Flash Player to their Mac OS X 10.4.8 and to their Security Update 2006-006. The Flash Player version 9.0.16.0 fixes a number of bugs that may allow attackers to put hostile code into a Flash file that could then execute when running the file on your Mac.

There is a bug in the Mac OS X 10.4.x kernel. The problem is in the Mach exception ports, an error handling mechanism. Local users may be able to exploit this to run their own code within privileged programs, after triggering an error. This has been fixed in Mac OS X v10.4.8 and in the Security Update 2006-006. Apple credits Dino Dai Zovi of Matasano Security for finding this bug.

Apple says there is a bug in their LoginWindow for Mac OS X 10.4.x. After an unsuccessful attempt to log in to a network, there may be Kerberos tickets that were not destroyed. Instead, they may be available to later users who could use then for unauthorized access. This has been fixed in the Mac OS X v10.4.8 update and in Security Update 2006-006. Apple credits Patrick Gallagher of Digital Peaks Corporation for finding this bug.

Apple says that if Fast User Switching is turned on in a Mac OS X 10.4.x network, local users may be able to gain access to Kerberos tickets of other local users. They could then exploit this to gain unauthorized access to a network. This has been fixed in the Mac OS X v10.4.8 update and in Security Update 2006-006. Apple credits Ragnar Sundblad of the Royal Institute of Technology in Stockholm for finding this bug.

Apple says that in Mac OS X 10.4.x, even after Admin privileges have been removed from an account, that user may still be able to manage WebObjects. In most cases, that's an action to should only be available to administrators. This has been fixed in the Mac OS X v10.4.8 update and in Security Update 2006-006. Apple credits Phillip Tejada of Fruit Bat Software for finding this bug.

A bug in the way that Mac OS X 10.4.x WebCore handles some memory management tasks may allow a hostile website to run code on the Mac. Apple says they have fixed this in the Mac OS X 20.4.8 update and in the Apple Security Update 2006-006. Apple credits Jens Kutilek of Netzallee for finding this bug.

Apple says that on Mac OS X 10.3.9 and 10.4.x computer, the Safari browser and other CFNetwork clients may show a site as being encrypted even if the site actually doesn't have the SSL (Secure Socket Layer) enabled. Apple has fixed this in the Security Update 2006-006 and have also patched it in Mac OS X 10.4.8. They credit Adam Bryzak of Queensland University for finding this bug.

Apple says that network accounts may be able to avoid loginwindow service access controls in Mac OS X 10.4.x. This only happens on systems that have been configured to allow network accounts to authenticate a user without a GUID. This has been fixed in the Mac OS X v10.4.8 update and in Security Update 2006-006.

There is a bug in the way that Cyrus SASL deals with MIGEST-MD5 negotiation on a Mac OS X 10.4.x computer, that may allow remote attackers to crash an IMAP server, resulting in a denial of service. Apple says they have fixed this in the Mac OS X 20.4.8 update and in the Apple Security Update 2006-006.

A bug in the way that Mac OS X 10.4.x computers deal with PICT images may allow an attacker to sneak hostile code into the Mac, hidden within the image. This could either cause the application viewing the PICT image to crash, and it may possibly allow hostile code to run. Apple says they have fixed this in the Mac OS X 20.4.8 update and in the Apple Security Update 2006-006.

If you open iTunes 7 for Windows, and you see a -200 error message, that probably means that QuickTime may need to be reinstalled. See http://docs.info.apple.com/article.html?artnum=304424 for the details.

When using Apple iTunes 7, you may see this error message on a Windows PC: iTunes has detected an iPod in recovery mode - Use iTunes to restore. Apple says that most of the time, that error message is correct and you need to restore the iPod. See how to do that at http://docs.info.apple.com/article.html?artnum=60983. Sometimes, however, you may need to go a step further and change your drive letter. See how to do that at http://docs.info.apple.com/article.html?artnum=93499#changedrive

If you have Apple QuickTime Pro 7.1.3 and you have some DV formatted movies, there is a simple menu command that will export those movies to your iPod. If you have an older version of QuickTime (7.0.2 to 7.1.2) you have some extra steps to make those movies compatible. See how at http://docs.info.apple.com/article.html?artnum=302955.

It appears that some Apple video iPods, manufactured after 9/12/06, shipped with a version of the RavMonE virus. Apparently, the virus was on a Windows machine at the factory, and made it on to the assembly line. The virus will only affect Windows computers, so if you attach an infected iPod to a Mac, there is no problem. Read more at http://news.zdnet.com/2100-1009_22-6126804.html.

There is a bug in Apple Xcode 2.x, which snuck in because Xcode uses a known buggy version of OpenBase SQL. You can fix this by getting the latest J2SE 5.0-compliant OpenBase JDBC drivers from http://www.openbase.com. See the details at http://secunia.com/advisories/22474/.

Just a personal observation -- Best Buy gets a lot of flack and criticism for the way that they push their product protection plans. However, they quickly and easily exchanged a shiny new iPod nano for my daughter's three-month old stone cold dead iPod nano.

Apple has a System Management Controller (SMC) firmware update available for their Intel-based computers. This update should help the computer do a better job of controlling the fans, power and thermal management, the battery, and all that other inside-the-box stuff. Get the update, and detailed installation instructions, at http://docs.info.apple.com/article.html?artnum=303725.

If you have a First Generation 512MB or 1GB iPod shuffle, when you turn it on you may see amber and green LEDs flashing for a few seconds, but you won't be able to get the iPod to play music. You also won't be able to get it to play music. To fix this on a Windows computer, get the iPod shuffle Reset Utility 1.0 for Windows at http://www.apple.com/support/downloads/ipodshuffleresetutility10forwindows.html. If you've got a Mac, get your download at http://www.apple.com/support/downloads/ipodshuffleresetutility10formac.html. Note that the utility will erase all the music on the iPod and reinstall the iPod 1.1.4 software.

According to Apple, if you do a NetInstall of Mac OS X 10.4, or you restore it from a disk image, you may see files in your root folder that are supposed to be invisible. These may include etc and var files. Apple shows how to keep this from happening at http://docs.info.apple.com/article.html?artnum=301677. They also tell you how to hide the files again.

If you are updating to Mac OS X 10.4.8 or OS X 10.4.8 Server on a Mac Pro with a software RAID boot volume, Apple says you need to take special precautions. Don't update if the machine has been booted from the RAID volume. If you do, you may end up with a kernel panic. Boot the Mac Pro from some other volume, and then do the update. See http://docs.info.apple.com/article.html?artnum=304511 for the details.

Try to print from a Mac OS X 10.4.x computer to a printer that's being shared with a Microsoft Windows computer, and you may have problems if the printer's name has a space or special character. If it does, you may get one of these messages:
Connection failed with error NT_STATUS_BAD_NETWORK_NAME
Connection failed with error NT_STATUS_LOGON_TYPE_NOT_GRANTED
Connection failed with error NT_STATUS_LOGON_FAILURE
Connection failed with error NT_STATUS_UNSUCCESSFUL
Apple says the printer will need to be renamed. See http://docs.info.apple.com/article.html?artnum=301768 for what characters are allowed.

Apple points out that some keypress combinations that may work on a regular keyboard will not work on laptop computer keyboards. This includes any four-key combinations, or some combinations that use three keys across as asdfjkl; row. Apple says this is intentional, to avoid a problem called "phantom keys." If you really need one of these combinations, Apple suggests attaching an external keyboard.

Apple says that the MagSafe Airline Power Adapter for their laptop comptuers is not compatible with a car's cigarette lighter or power ports. It's only good on airplane power sockets. They say it won't provide power or charge the battery.

I know that BugBlog readers won't try to do anything that circumvents the DMCA, so they won't be interested in a story at the BBS where an inventor has claimed to crack the Apple iTunes copy protection. Since you aren't interested, you won't be reading the BBC story at http://news.bbc.co.uk/1/hi/technology/6083110.stm.

The Apple Migration Assistant or the Setup Assistant may not do a perfect job of migrating all your applications from a PowerPC Mac to an Intel Mac. Some of the applications won't start on the new computer. Apple has some troubleshooting information starting at http://docs.info.apple.com/article.html?artnum=304302.

AOL

There is a buffer overflow in the AOL WinAmp media player. The bug is in the way that WinAmp handles the Ultravox protocol. An attacker may be able to configure a malicious server that could run code on the vulnerable computer running WinAmp. The bug was discovered by iDefense, with the details at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=431. This has been fixed in WinAmp 5.31.

When you install America Online 9.0 Security Edition, it installs an ActiveX control, AOL.PicDownloadCtrl.1t, that is marked as being safe for scripting. Security researchers at iDefense discovered a buffer overflow in this control, which means it is not safe for scripting. A malicious website could take advantage of this to run code on your computer. If you use AOL 9.0 or AOL 9.0 Security Edition, log in to the AOL service and you will be automatically updated. See the details at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=420.

ATI

When using the ATI Multimedia Center 9.15 software with an ATI multimedia card, you may sometimes get a corrupted database for the TV listings. This may prevent the TV Guide software from starting. Fix this by going to the Windows XP Control Panel Add/Remove Programs applet. Select the Gemstar GUIDE Plus+ program, and then select Repair. After repairing, when you run the GUIDE again you will need to enter your name, ZIP Code, and email address again.

Cisco

There is a bug in the Cisco Security Agent (CSA) for Linux. This may allow a remote attacker to lock up a system by running a port scan against it. Vulnerable models include CSA version 4.5 and 5.0 for Linux, the Cisco Unified CallManager (CUCM) 5.0 versions including 5.0(4), and Cisco Unified Presence Server (CUPS) 1.0 versions including 1.0(2). See http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml for fix information.

Last week the BugBlog Plus reported on a hard-coded DOCSIS Read-Write Community String in some Cisco devices. Cisco has a document up that tells how to identify and guard against exploitation of this bug. Read it all at http://www.cisco.com/en/US/products/hw/gatecont/ps2250/tsd_products_security
_response09186a0080740975.html.

Computer Associates

Security researchers at Tipping Point found a number of buffer overflow bugs in CA BrightStor ARCserve Backup R11.5, BrightStor Enterprise Backup 10.5, BrightStor ARCserve Backup v9.01, and CA Server Protection Suite r2. The bugs may let remote attackers run code against the various CA products. Fix information is at http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp

EA

EA Sports notes that Madden NFL 2007 comes on a DVD disk, not a CD, and you need a full DVD drive on your computer to be able to read, and install, the game. Some DVD-R or DVD-RW drives may not be compatible, they say.

In EA Sports Madden NFL 2007 you may get a transfer error or an error message that says patch failed during installation. As a workaround, make sure all background tasks are turned off. You may also want to empty your Temp folder before trying the installation. If that doesn't work, and you have another CD or DVD drive, try that.

General

Netflix has fixed a bug on their site that may allow an attack called Cross Site Request Forgery. This type of attack may allow an outsider to change your address, add movies to your queue, and otherwise manipulate your account. An attack like this works if you normally stay logged in to a site, and you visit another hostile website that includes code to take advantage of the weakness. Other Web 2.0 sites may also be at risk for this attack, according to the story on ZD Net at http://news.zdnet.com/2100-1009_22-6126438.html.

Clam AntiVirus is reporting a bug that may allow remote attackers to trigger a denial of service attack via chmunpack.c. This bug is in the Linux version of ClamAV. It has been fixed in version 0.88.5.

There is a report in Computerworld that hackers have broken into a mailing list maintained by the Congressional Budget Office. They are using the addresses in a phishing attack to try to steal personal information. If you receive an email with a subject line of "'The Budget and Economic Outlook Fiscal Years 2007 to 2016", don't click on any links in the message. The full story is at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004108.

Been wondering whether all lithium-ion batteries are dangerous, or only those made by Sony? eWeek has a round-up story that looks at the current state of battery safety, and what new technologies may be coming to replace them. Read it at http://www.eweek.com/article2/0,1895,2025628,00.asp.

Google

If you had problems reaching one of your favorite Google Blogger blogs over the weekend ( such as the Backup BugBlog at http://backup-bugblog.blogspot.com/) it's because first a hacker broke into the main official blog for Google, and then later there was what Google called a "network malfunction." However, no data was lost.

Hewlett Packard

Nothing this month

IBM

While another Daylight Savings/Standard Time switchover has come and gone, it's time to start planning for next year. That's because Congress has changed the week of the switchover, and some computer programs that have change functionality built-in may need upgraded. IBM has informaiton on how this affects Lotus Notes at http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21232652.

IBM says that on Portal Portal Version(s): 5.1.0.x and Portal 6.0.0.0, there are some things that users can do that may cause a thread to fall into an endless loop, freezing up any database traffic. IBM has a fix for this at http://www-1.ibm.com/support/docview.wss?uid=swg24013516.

IBM has an update for their WebSphere Portal 5.1 that fixes a number of bugs, including problems in WMM MemberService and WMM User Registry; wildcards in SQL statements, and problems with whitespace in an attribute name. Get the update at http://www-1.ibm.com/support/docview.wss?uid=swg24009153.

Linksys

If Universal Plug and Play is enabled on a computer that also has a Linksys WRT54GXv2 wireless router, the combination may allow UPnP commands to be accepted over the wireless interface. That means that a war-driver (or even your neighbor) may be able to send commands that open ports on your computer, and can weaken security. According to Secunia, this bug is in firmware 2.00.05 and earlier; they also report that its been fixed in firmware 2.00.08. (You can also turn off the UPnP service.)

McAfee

Secunia reports on a bug in the McAfee Network Agent (McNASvc.exe) that is in a number of McAfee products, including McAfee Internet Security Suite 2006. An attacker can send a maliciously designed message to the service, which will crash it. As of yet, there is no fix. Secunia credits JAAScois for finding this bug.

This week McAfee went to the somewhat expensive step of running a full-page ad in the Financial Times, the British version of the Wall Street Journal, to bitch about the way that Microsoft is dealing with security in the upcoming Windows Vista. Of course, the ad wasn't to get the attention of Microsoft -- they would have used the Seattle Times for that. The ad was meant to be see by European regulators. In any event, it sure seems to signal that there will be incompatibility problems between Vista and the established security companies. Read more about this at http://news.com.com/2100-7355_3-6121799.html. (The BugBlog is going to start focusing on Vista compatibility issues, as we get closer to the promised launch of the new version of Windows.)

There is a bug in McAfee ProtectionPilot 1.1.0 and McAfee ePolicy Orchestrator 3.5.0 that may allow remote attackers to run their own code on the "protected" computer. This happens via a boundary error when dealing with long source errors. You can find links to the patches at http://secunia.com/advisories/22222/. According to at least one news story, McAfee was alerted to the bug in July, but the patch was very complex, so that it took till October to fix. Read more at http://www.crn.com/showArticle.jhtml?articleID=193101216.

Microsoft

Another bug in an ActiveX control puts users of Windows 2000, Windows XP, and Windows Server 2003 in jeopardy. The bug is in the WebViewFolderIcon ActiveX control, and if you visit a malicious website (using Microsoft Internet Explorer) that tries to exploit this bug, the bad guys may take complete control of your system. This is rated a Critical bug for Windows 2000 and Windows XP by Microsoft, and a moderate bug for Windows Server 2003. Get your patch at http://www.microsoft.com/technet/security/bulletin/ms06-057.mspx, (although there may be some problems with patch availability on 10/10).

According to the Microsoft Security Blog, there may be some delays in getting the Patch Tuesday updates via Microsoft Update, Automatic Update, or Windows Update. The problem isn't with their patches -- they say it is because of "network issues." You can get the patches by going to the security bulletins and downloading each manually.

Microsoft has patched four bugs in PowerPoint. These are Critical bugs for PowerPoint 2000, and Important bugs for PowerPoint XP and PowerPoint 2003. In all the bugs, an attacker could construct a PowerPoint file with some sort of malformed data. When the victim opens the file, the bad code could totally take over the computer. These attacks can't take place via email, you either need to open a file or visit a malicious website. Get the patches at http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx. Microsoft credits Arnaud Dovi working with Zero Day Initiative (ZDI) and TippingPoint, Dejun Meng of Fortinet Inc., and Chris Ries of VigilantMinds Inc for finding these bugs.

There is a bug in the way that Microsoft Excel processes DATETIME records. An attacker may be able to design a spreadsheet with a maliciously designed DATETIME reocrd. When the spreadsheet is opened by the victim and parsed, the attacker may be able to take complete control of the system. This is considered a Critical vulnerability in Excel 2000, and an Important vulnerability in Excel XP and Excel 2003. Microsoft has a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS06-059.mspx.

There is a bug in the way that Microsoft Word deals with Mail Merge files. An attacker may be able to construct one of these files to trigger the bug, and could use it to take complete control of the victim's computer. To do so, you would need to get them to open the file. This is labeled a Critical update for Word 2000, and an Important update for Word XP and Word 2003. Get the patch at http://www.microsoft.com/technet/security/Bulletin/MS06-060.mspx. Microsoft credits Cu Fang for finding this vulnerability.

There is a bug in the Microsoft XML Parser 2.6 and Microsoft XML Core Services 3.0, that is in Windows 2000, Windows XP, and Windows Server 2003, that may allow an attacker to gain access to data they shouldn't have, via a HTTP server-side redirect. This is considered an Important update. Get it from Microsoft at http://www.microsoft.com/technet/security/Bulletin/ms06-061.mspx.

There is a bug in the Microsoft XSLT Buffer, that is in Windows 2000, Windows XP, and Windows Server 2003. An attacker may be able to construct a malicious web page to take advantage of this bug to take complete control of a computer that visits the site. This is considered a Critical update. Get it from Microsoft at http://www.microsoft.com/technet/security/Bulletin/ms06-061.mspx.

An attacker may be able to construct a Microsoft Office file with a malformed string. When a victim opens the file and parses it with one of the Office applications (Access, Excel, Powerpoint, Word, Outlook) the attacker may be able to take complete control of the computer. Microsoft has a patch for this at http://www.microsoft.com/technet/security/Bulletin/MS06-062.mspx. It is considered a Critical Security bug for Office 2000, and an Important bug for Office XP, Office 2003, and Office 2004 for Mac or Microsoft Office v. X for Mac. Microsoft credits Dejun Meng of Fortinet Inc. for finding this bug.

One of the Microsoft Excel 2003 financial functions will give you the wrong answer under a particular set of inputs. If you are using the YIELD function, and the security settlement date is the 30th or 31st of the month, the maturity date is the 30th or the 31st of the same month, and the Basis parameter is 4. Microsoft has a hotfix at http://support.microsoft.com/kb/925797, which must be applied on top of some previously released hotfix packages, described on that page.

Secunia has a report of a bug in Microsoft Internet Explorer 7. It may be possible for attackers to create a pop-up window that will have a spoofed and misleading address bar, with only part of the address displayed. This could be used as part of a phishing scheme to trick users into disclosing information to a malicious website. You can see the details at http://secunia.com/advisories/22542/, including a proof of concept.

The first bug in Microsoft Internet Explorer 7 is being discussed. It is a problem in redirection handling with the "mhtml:" URI handler. However, according to the Internet Storm Center, this bug is actually something left over from IE 6. It appears that for compatibility reasons, Microsoft included an older MSXML ActiveX component that had this bug, which they say was announced at http://secunia.com/advisories/19738. You can read the full analysis at http://isc.sans.org/diary.php?storyid=1797.

If you try to install Microsoft Internet Explorer 7 and the installation fails, Microsoft says to restart your computer afterwards. That ensures that any half-steps made towards installation are undone. You can also look in the installation log file to find out more about what caused the errors. Look in your Windows directory for these files: ie7_main.log, ie7.log, ie7Uninst.log.

If you are trying to run the CITRIX ICA Client on a Windows Vista computer running Internet Explorer 7, you will have problems if you are running in IE 7 Protected Mode. The remote desktop won't be visible. Microsoft says you will need to run as an Administrator.

The Dolphin Hal Screen Reader and Supernova Reader Magnifier are incompatible with Internet Explorer 7. Microsoft says the problem actually lies with an older version of psapi.dll that ships with those products. Fix this by going to the installation folder for the products. Find psapi.dll and rename it to psapiold.dll. (Make sure you do not rename the version of psapildll in the \\Windows\System32 directory.) Restart your computer, and the products will now use the new version of the DLL.

Microsoft Internet Explorer 7 can no longer be considered beta software - so it's time for the BugBlog to start taking a look. The good news is that IE 7 imposes a lot more security on ActiveX controls. That's good -- although it was Microsoft who foisted ActiveX on us in the first place. This review of IE 7 at eWeek talks about the increased security, which is a definite bug fix. Read the whole thing at http://www.eweek.com/article2/0,1895,2033704,00.asp

Some websites are coded so that you can only use Microsoft Internet Explorer 6, and they will reject Microsoft Internet Explorer 7. Microsoft's fix is to get the User Agent String Utility version 2 at http://go.microsoft.com/fwlink/?LinkId=71879. This will make IE 7 look like IE 6 to these websites. A better solution may be to complain to these websites until they conform to standards so that you can access them with Firefox, Opera, or Safari, too.

The RSS Feed icon in Microsoft Internet Explorer 7 is supposed to light up automatically when you come to a webpage that has an RSS feed. However, it doesn't do this by noticing an RSS feed icon -- they way a human would. Instead, it looks for a particular link in the header of the webpage. See http://blogs.msdn.com/rssteam/articles/PublishersGuide.aspx for you need to construct that link. (Which the BugBlog will do very soon.)

There's an incompatibility between Microsoft Internet Explorer 7 and Windows SharePoint Services. According to Microsoft, you won't be able to import spreadsheets into SharePoint while IE 7 is running.

Installing Microsoft Internet Explorer 7 may cause Microsoft Flight Simulator 2004 to lock up and stop responding. Microsoft says you need to go into the Flight Simulator folder, look for oleacc.dll and rename it oleacc.old.

Microsoft says that the graphical user interface (GUI) for SAP is not compatible with Internet Explorer 7. This is supposed to be fixed in SAP GUI for Windows 6.40 patch level 20, and inSAP GUI for Windows 6.20 patch level 64.

Microsoft says that third-party toolbars or other add-ons may be incompatible with Internet Explorer 7. If you are getting crashes or other problems, and you have add-ons, Microsoft says try runnin with these turned off. Go To Start, All Programs, Accessories, System Tools, and then choose Internet Explorer (No add-ons).

Microsoft says that the MSN Toolbar 1.02 is incompatible with Internet Explorer 7. Get the latest, compatible version of the toolbar at http://go.microsoft.com/fwlink/?LinkId=71880.

The release notes for Microsoft Internet Explorer 7 point out that support for both the Gopher and Telnet Internet protocols has been dropped in this version of the browser. For you young'uns, those were two of the Internet tools we used to keep ourselves occupied while waiting for the World Wide Web to be invented.

When upgrading from Microsoft Internet Explorer 6 to IE 7 on a Windows Server 2003 computer with SP 1 and Enhanced Security Configuration turned on, the correct security defaults may not be set once the upgrade is completed. If an Administrator turns off the Enhanced Security Configuration, and then turns it back on, the correct defaults should be set.

With the official release of Microsoft Internet Explorer 7 soon upon us, you may want to know that Microsoft's IEBlog is reminding everyone that they recommend that you temporarily turn off all you anti-virus and and anti-spyware applications before you install IE7. They say that the installation makes so many Registry changes that it may look suspicious to your AV software, which may interfere with the installation. (If you are paranoid, you could probably come up with some other reasons for this.) If you want to be an early adopter, read the blog post and comments at http://blogs.msdn.com/ie/archive/2006/10/11/IE7-Installation-and-Anti_2D00_Malware-Applications.aspx.

Microsoft reminds everyone, via their IE Blog, that they will start to push out Internet Explorer 7 via Automatic Updates on November 1. (They announced they would do this back in July.) They do have a Blocker toolkit that you can use to keep this from happening. Find out more at http://blogs.msdn.com/ie/archive/2006/10/19/be-ready-for-automatic-update-distribution-of-ie7-by-november-1.aspx.

When its time to install Microsoft Internet Explorer 7, you will be asked to run Windows Genuine Advantage. (That's something that I had avoided up till now.) One enterprising installer used some tools to try to track what WGA and the IE 7 installation process actually does. Read the results at http://www.dailycupoftech.com/is-internet-explorer-7-spying-on-me/.

These toolbars have compatibility issues with Microsoft Internet Explorer 7: RoboForm Toolbar version 6.3.96; Cooxie Toolbar version 1.1.05; Diodia Toolbar version 2.4.01; Ask Toolbar by AskJeeves version 4.0.1.1; Mojicon Dispenser; these toolbars may all cause IE 7 to lock up. Two other toolbars, the Logos Word Toolbar and the Adelphia Toolbar version 1.2, may cause problems if you open more than one tab.

Autodesk is working on a patch that will fix a compatibility problem between their Autodesk Design Review 2007 and Autodesk DWF Viewer 7.0 and Microsoft Internet Explorer 7. The problem is with websites that include DWF files. The DWF viewer isn't working with IE 7. One of the Autodesk blogs has links to a beta version of the patch. Look for it at http://dwf.blogs.com/beyond_the_paper/.

If a Windows XP service loads and unloads Wininet.dll many times, then you may get a crash in the Svchost.exe process that uses the file. Microsoft says this loading and unloading behavior may occer when Wininet.dll file ha trouble opening the cached index file. Microsoft has a hotfix for this, which will be in a future service pack. If you need the fix right away, see http://support.microsoft.com/?kbid=899342.

There may be a problem with Microsoft Visual Basic 6.0 Service Pack 5 running on a Windows XP computer, if you are set up for a right to left language like Hebrew in a form with a RichTextBox. If you enter two numbers in a form, separated by a hyphen, the numbers may be displayed in reverse order. Microsoft has a hotfix for this, which will be in a future service pack. If you need this fix earlier, see http://support.microsoft.com/?kbid=894087.

If you have Microsoft Outlook and at least one other mail client running on your computer, and they try to check for email at the same time when there are garbled email messages in the inbox, you may see this error message: Task 'Server_Name - Receiving' reported error (0x8004210E) : 'Your mailbox is temporarily unavailable because another e-mail message is being delivered to it or another mail application is accessing it. The server responded: -ERR box locked.
Microsoft says you need to turn off at least one of the email clients. They also say that to get this resolved, you may have to temporarily turn off your antivirus software. (I wouldn't do that unless absolutely neccesary.) See more at http://support.microsoft.com/kb/924789.

After you install or repair Microsoft Office 2003, or install an Office 2003 hotfix or update, the file association for .TIF files might get screwed up. When you double-click on one of those files, instead of opening up in Microsoft Paint (the default program) they will open up in Microsoft Office Document Imaging instead. Microsoft has a workaround for this, that involves a Registry edit. To see the details, and important safeguards for editing the Registry, see http://support.microsoft.com/kb/923508.

When using Microsoft Office Outlook 2003, you may turn on the EmptyTrash policy. When you shut down Outlook, you should then be prompted whether you want the trash emptied or not. If you say No, then the next time you start Outlook the trash should still be there -- as it should. But then, when you click to Send/Receive mail, the trash gets emptied. Microsoft has a hotfix for this, so that you can retain your trash. Either wait for the next Service Pack, or go to http://support.microsoft.com/kb/920916 to see how to get the patch right away.

When using Microsoft Office 2003 Service Pack 2, you may not be able to insert an Excel worksheet object into another Office document, if that document is HTML-formatted. Instead, you will see this error message: Can't open the object. The server threw an exception. Microsoft has a hotfix for this, which will be in a future Office 2003 service pack. See http://support.microsoft.com/kb/925152 if you can't wait for the fix.

Two days after the latest Critical security patch for Microsoft PowerPoint, the Microsoft Security blog reports that they are looking at proof-of-concept code for another attack on PowerPoint 2003. No fix and no details yet for the post at http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx.

Microsoft is re-arranging some deck chairs (not to imply that they are the Titanic or anything). Their Security team, Trustworthy Computing team, and Engineering Excellence teams are all going to be combined into one group. That group is going to be called the Trustworthy Computing Team. That team will then be one of five teams in the Windows group, along with the Windows Core System team, the Windows Engineering System and Services team, the PC Hardware team, and the Windows Core Architecture team. (That group in turn reports to the Global Domination Team, which in turn is part of the Galactic Empire, reporting directly to Darth Vader.) All but the last parenthetical addition comes via the Microsoft Watch blog.

Installing the MS06-061 security patch from Microsoft might mess up their Commerce Server 2002 Business Desk applications. That's because they rely on MSXML 2.6, which is killed off by this update. Microsoft has a lengthy procedure to get your Commerce Server back - see http://support.microsoft.com/kb/926509 for the details.

Microsoft says that some computers may have multiple versions of the Microsoft XML Parser installed, and this may make it difficult to install the MS06-061 Security patch. According to Microsoft, you may have to install multiple packages for the update. There may also be programs that you install in the future that will put the old defective parser back on your system, so you may need to install the security patch again. See http://support.microsoft.com/kb/924191 for more.

Microsoft says when a user logs off a Windows XP system, sometimes all the system processes aren't terminated, leaving some trace of the user in the Registry. This can cause later problems if the user comes back and tries to use a Roaming User profile. Microsoft has a tool called the User Profile Hive Cleanup service that can go in and do the cleanup. You can get it at http://www.microsoft.com/downloads/details.aspx?FamilyID=1B286E6D-8912-4E18-B570-42470E2F3582.

Microsoft has re-released their MS06-061 Security Bulletin, which fixed a bug in Microsoft XML Core Services. The first version of their patch did not correctly kill off the flawed version of the Microsoft XML Parser 2.6 if you are running Windows 2000 Service Pack 4. This is a critical security update that helps prevent remote attackers from running their code on your computer. If you haven't gotten the fix yet, or are affected by the re-release, get it at http://www.microsoft.com/technet/security/bulletin/ms06-061.mspx.

If you first install Microsoft Windows Media Player 11 on a Windows XP computer, and then you try to authorize your Microsoft Xbox 360 to use it with Windows Media Connect, you may get an error message and the authorization won't take place. Microsoft has a workaround for this listed at
http://www.microsoft.com/windows/windowsmedia/player/11/readme.aspx#ErrorwhensettingupXbox360softwareafter
WindowsMedi

There may be problems synchronizing files between Microsoft Windows Media Player 11 and iRiver H10 devices. Microsoft says that if there are problems, make sure to get the latest firmware from iRiver at http://go.microsoft.com/fwlink/?LinkId=65294.

If you are unsure whether your portable media device is compatible with Microsoft Windows Media Player 11, you should check out the http://www.playsforsure.com/ site. Microsoft says that if you upgrade, and then run into problems, you can roll back to the earlier version of Windows Media Player that worked.

There are already quite a bit of complaints over what will be the licensing restrictions in Windows Vista, and whether you will run into problems or not if you upgrade the hardware on a Vista computer. Ars Technica talks directly to a Microsoft "spokesman" who says that "the hardware tolerance of product activation for Windows Vista has been improved and is more flexible than that for Windows XP." Read the whole article at http://arstechnica.com/news.ars/post/20061030-8104.html, and decide if it makes you more confident about upgrading to Vista.

Once you upgrade to Microsoft Windows Media Player 11, you might not be able to play music files in your library over a digital media receiver unless your music files are in a monitored folder. Microsoft spells out how to share your media files at http://www.microsoft.com/windows/windowsmedia/player/11/readme.aspx#1828178.

If you have Microsoft Windows Media Player 11 installed on a computer, don't try to take a step back on install Windows Media Player 10, too. If you do, you may not be able to play any of your protected content -- presumably because Microsoft's digital rights management (DRM) schemes in the two versions will start squabbling with each other. Microsoft has some steps to resolve the conflict at http://www.microsoft.com/windows/windowsmedia/player/11/readme.aspx#1792680.

Microsoft has posted on their Product Lifecycle page at http://www.microsoft.com/windows/lifecycle/servicepacks.mspx that the next service pack for Windows XP isn't planned till the first half of 2008. That will almost be four years after the last service pack, which was in August 2004. If you are going to wait four years, why even bother?

There are two bugs in Microsoft Windows Server Services, that affect Windows 2000, Windows XP, and Windows Server 2003. According to Microsoft, these bugs may allow a remote attacker to trigger a denial of service attack via a network message. According to eEye Digital Security, there is also a risk of the attacker running their code on your computer. By default, most firewalls are configured to block the ports through which these attacks are launched, thus Microsoft considers this only an Important security patch. Get the update at http://www.microsoft.com/technet/security/bulletin/ms06-063.mspx. Microsoft credits Gerardo Richarte of Core Security Technologies, NS Focus, Fortinent, and Matthew Amdur of VMWare for finding these bugs.

There is a bug in the Windows Object Packager that may allow hostile websites to run code on Windows XP and Windows Server 2003 systems. To be infected, you will need to not only visit the website, but click on a number of buttons or objects before the trap is sprung. Therefore, Microsoft only considers this a Moderate patch. Get it at http://www.microsoft.com/technet/security/bulletin/ms06-065.mspx. Microsoft credits Andreas Sandblad of Secunia Research for reporting this bug.

Microsoft's version of IPv6 has three bugs that may allow attackers to launch a denial of service attack against Windows XP and Windows Server 2003 computers that use the protocol. The protocol is not installed by default, and most standard firewalls will protect against it. While the bugs are minor, the CVE (common vulnerability) number indicates that Microsoft has known about two of them since 2004. Get the patch for it at http://www.microsoft.com/technet/security/bulletin/MS06-064.mspx.

There is a bug in Microsoft's ASP.NET that could enable cross-site scripting attacks against Windows XP and Windows Server 2003 computers. It could be used in phishing schemes that attempt to steal information like usernames and passwords. Microsoft gives this a Moderate security rating. Get the patch for it at http://www.microsoft.com/technet/security/bulletin/MS06-056.mspx. Microsoft credits Jaswinder Hayre for finding this bug.

This week marks the official end of support for Windows XP Service Pack 1. This service pack shipped in September, 2002, so I guess it lived a full, productive life. Windows XP users who want security updates in the future should install Service Pack 2. Really, you should have done that a while ago -- there are lots and lots of security fixes in SP2 that you should be taking advantage of.

If you have an external TV Tuner connected via USB to a Windows XP Media Center Edition computer, you may get a blue screen of death if you disconnect the TV tuner while watching live TV. The fix is simple -- Microsoft says to stop watching live TV before you disconnect.

Microsoft says the the Word 2003 feature that lets you "Detect language automatically" may actually cause your computer to hang. The effort to detect the language may cause Word.exe to soak up 100 percent of CPU time. This has been fixed in the 10/2/06 hotfix package for Word 2003. See how to get the hotfix at http://support.microsoft.com/kb/924782/.

Mozilla

The 10/2 Mozilla JavaScript bug report was a hoax. While there is a bug that may be used to crash your browser, attackers can't use it to run hostile code on your computer. Any other claims by the two researchers, who probably won't be invited back to make any more presentations, should also be considered fraudulent. While the BugBlog often reports on what independent researchers say (and these reports also included quotes from Mozilla's security spokesman that lent some credence to their claims) rest assured that these two will no longer be considered valid sources.

Adam Smith's "invisible hand" of competition has brought real benefits to the world of browsing. The new Mozilla Firefox 2 and the new Microsoft Internet Explorer 7 both have anti-phishing filters built in. They should help in keeping you from being tricked into giving information to fraudulent sites. The explanation of how Mozilla does this is at http://www.mozilla.com/en-US/firefox/phishing-protection/. The Microsoft explanation is at http://blogs.msdn.com/ie/archive/2005/09/09/463204.aspx.

If you upgrade to Mozilla Firefox 2.0 on a Mac OS X computer, and then install a new plug-in, you may still see the details for the older version of the plug-in when you go to about:plugins. Mozilla says you can refresh things by quitting Firefox, going to your profile folder and deleting pluginreg.dat. Once you restart Firefox, you should have the data updated.

You won't be able to install Mozilla Firefox 2.0 on a Microsoft Windows NT 4.0 computer unless you have Comctl32.dll 5.80 installed. Mozilla says you can get this for free from Microsoft at http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=6F94D31A-D1E0-4658-A566-93AF0D8D4A1E.

If you are using Mozilla 1.5.x and are waiting for an automatic update prompt for Firefox 2.0, you may have to wait a little longer. The auto update won't be activated for a couple of weeks, says Mozilla. If you want the new version before that, you'll need to do a manual update. The delay is probably to ease the traffic on their servers.

Various reports had surfaced in the media that the first two bugs had been found in Firefox 2.0. According to Mozilla, one of the bugs had been fixed in an earlier version, and they so far have not been able to get the second one to do anything more than crash the browser. For now, the latest word is at http://www.networkworld.com/news/2006/102606-mozilla-team-downplays-first-firefox.html?nlhtbug=1023bug2.

So far, this is just my own experience, and not verified elsewhere in media reports or in Bugzilla - but in the three days of using Mozilla Firefox 2.0 I've twice had it lock up completely while at different Google Blogger blog pages. The first time, I used Session Restore to go back to the page, where it locked up again. The second time, I did not go right back to the blog -- which is a well-known political/legal blog. Later, I did go back to the second page, and had no problems.

The newly-released Mozilla Firefox 2 includes a Session Restore feature. This means that connections to some sites that log you in via cookies, like Gmail, will automatically be restored after a browser crash. You may not want that to happen if you share a computer. If so, you will need to turn off this feature via the browser.sessionstore.resume_from_crash setting. If you are not familiar with changing your Mozilla settings, see http://kb.mozillazine.org/About:config.

When installing Mozilla Firefox 2 on a Linux or Unix computer, avoid a path that has spaces in it. Firefox may not be able to set itself as the default browser from this location, and it may keep bugging you about this at startup. You'll need to re-install it in a spaceless path.

If you are running Mozilla Firefox 2 on a Mac OS X computer, note that you won't be able to get Java to run if you have Intel Core processors under Rosetta. Rosetta will also interfere with Talkback on Intel-based Macs. Instead, you'll get the Apple Crash program.

Some financial institutions, when doing Internet banking, use port 563 for their customers to do secure log-ins. That port is closed by default in Mozilla Firefox 2. If you need to open it, go to About:Config and make sure that port 563 is listed in network.security.ports.banned.override.

Some older versions of the Adobe Acrobat Reader plug-in may hang when used with Mozilla Firefox 2.0. Mozilla says that if you run into problems with PDFs, go to http://www.adobe.com/products/acrobat/readstep2.html to get the latest version.

Novell

iDefense reports a number of bugs in Novell eDirectory 8.8, 8.8.1, and possibly earlier versions too. The bugs include buffer overflows and integer overflows that may allow attackers to run their own code on the affected system. Novell has a fix for eDirectory 8.8.1. The NetWare and Windows version is at http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.exe/ and the Linux and Unix version is at http://support.novell.com/servlet/filedownload/sec/pub/edir881ftf_1.tgz/.

When using NetStorage in Novell NetWare 6.5 or Novell Small Business Suite 6.5, you may be getting an abend in XDAV.NLM when you try to display directory listings that have over a thousand files. Novell says that NetStorage runs out of stack space while trying to sort the files alphabetically. Novell has a fix for this at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974569.htm.

NVIDIA

There is a bug in the NVIDIA Graphics Drivers for Linux 1.x. A local user may be able to gain escalated privileges on a system by exploiting the bug, a boundary error when rendering glyphs. This is reported as fixed in the 1.0-9625 beta driver. Rapid7 gets credit for finding this bug.

Opera

Opera 9 has a heap overflow bug that may cause the browser to crash when it tries to handle a very large link. Opera says they have fixed this in Opera 9.02, and that the impact of the bug is a denial of service attack. They also credit iDefense for finding this bug. According to iDefense, the size of the link only has to top 256 characters, and it can be hidden in an iframe. They also say that attackers can use the bug to run their own code on your computer. See their explanation at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=424.

Oracle

Oracle has released their quarterly bundle of security patches. This time, they bundled 101 of them together. (Things tend to pile up if you only patch four times a year.) See http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html for the details.

Red Hat

Red Hat has an updated kdelibs package for Red Hat Enterprise Linux 2, 3, and 4. This fixes a critical integer overflow bug in the Qt program within the K Desktop Environment (KDE). A remote attacker may have been able to construct a malicious webpage that could crash a KDE user, or possibly run hostile code on the system. Get the fix at https://rhn.redhat.com/errata/RHSA-2006-0720.html.

Red Hat has an updated kernel for Red Hat Enterprise Linux 4. This update fixes a bug in the ATM subsytem that may allow remote users to trigger a denial of service attack against systems with ATM hardware. Get the update at https://rhn.redhat.com/errata/RHSA-2006-0689.html.

Skype

There is a bug in Skype for Mac 1.x. A remote user may be able to take advantage of a format string error in URI arguments to run their own code on a vulnerable system. Skype has a fix for this. Get the details at http://www.skype.com/security/skype-sb-2006-002.html.

Sony

It looks like Sony will be recalling all its laptop batteries directly, including the ones made for other manufacturers. There have already been partial recalls of Dell, Apple, Toshiba, and Fujitsu laptop batteries. About the only major laptop manufacturer who isn't saying their Sony batteries need recalled is HP. Of course, they have other things to worry about at the moment. Keep up on the battery recall at http://news.zdnet.com/2100-9584_22-6122234.html.

Even more Sony laptop batteries are being recalled. Rather than list each individually in the BugBlog, lets just summarize: the latest are from Toshiba, Fujitus, IBM, and Lenovo. A while back, it was Apple and Dell. At this point, if you have a laptop, you may want to check with the manufacturer to see who is their battery supplier. Read more at http://www.forbes.com/business/commerce/feeds/ap/2006/09/29/ap3056305.html.

Sophos

There is a bug in Sophos Anti-Virus 4.x through 6.x that can trigger a denial of service attack to the anti-virus engine. It happens when the Petite plugin checks a Petite archive with lots of sectors. Sophos has fix information at http://www.sophos.com/support/knowledgebase/article/7609.html. They have fixes ready for all versions except the Mac version, which won't come till December.

Sun Microsystems

Sun Microsystems says that there are three bugs in the version of the Apache 2.0 HTTP server that they ship along with Solaris 10. These bugs may allow remote users to run their own code on the server. See http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 for the patch details.

Sun Microsystems says that there are two security bugs in the Apache 1.3 web server that ships with Sun Solaris 8, 9, and 10. These bugs may allow both local and remote users to trigger denial of service attacks and run their own code with the same privileges as the Apache HTTP process. Get the patch at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1.

While Sun Microsystems doesn't have a fix in place yet, they say they and some of their third-party products may ve vulnerable to a bug in the RSA(1) Signature Verification. Find out more about this at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1.

Symantec

Anti-virus signatures for Symantec AntiVirus were shipped that apparently triggered a false positive alert that the sfc.dll file in Windows XP and 2000 (which powers Windows File Protection) was the Infostealer.Banpaes virus. Symantec then disabled sfc.dll, and prompts you to reboot the computer. When you try to reboot, a Windows XP computer may reboot continuously, and Windows 2000 may blue screen. Symantec has posted a Knowledge Base article at http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006102011570548 to help anyone whose computer they wrecked. The Internet Storm Center also has information at http://isc.sans.org/diary.php?storyid=1799.

There is a bug in Symantec Mail Security for Domino's Premium Antispam feature. According to Symantec, the software may not reject certain SMTP addresses that it is supposed to reject. This will let in spam that shouldn't be allowed. Symantec has fixed this in version 5.1.2.28. Find out how to get it at http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html.

Symantec says that their Support Tool ActiveX control has a bug that may allow hostile code to be run on your computer. This control is only in Symantec Norton AntiVirus 2005-2006, Symantec Norton Internet Security 2005-2006, and Symantec Norton System Works 2005-2006. For the exploit to work, Symantec says that interactive user intervention is needed (you have to click on something) and that the attacker must be able to spoof a trusted domain. Symantec is rolling out fixes. They credit Next Generation Security Research (NGSS) for finding this bug.

Security researchers at iDefense have found a bug in Symantec Antivirus. A local attacker may be able to get elevated privileges that will allow them total control of a computer. Symantec is rolling out patches for their affected products via LiveUpdate. Read the details from iDefense at http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417.

Yahoo

Nothing this month

Zone Alarm

Nothing this month