170 likes | 334 Views
PREVIOUS GNEWS. "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever.". Patch Tuesday. 22 Fixes originally expected 12 Security
E N D
PREVIOUS GNEWS "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever."
Patch Tuesday 22 Fixes originally expected • 12 Security • 5 fixes for Windows, 3 fix for Office, 1 for Visual Studio, 1 for Step-by-step Interactive Training, 1 for MDAC, 1 for One Live Care • 10 Non-Security related updates, Malicious Tool Update 12 Patches Released, 20 vulns addressed • 10 remote code execution including • Malware engine • Help and MDAC activex • MS Office • IE • 2 Privilege escalation • Shell and Image Acquisition Other Updates • .Net Framework 3 • Root Cert Update • Malicious Tool update
Other M$ Fun • 4th and 5th Word 0-days announced • Posts advisory 932114 for Word 2000, no patch, corresponds to 4th 0-day • RE-Release of MS07-002 for Excel • MS to support OpenID • Application Compatibility Toolkit 5.0 Released • Genius John Pallatto @ eweek finally notices IE7 as a critical update and cries foal over the Jan Patch Tuesday (john, it’s been there since nov 2006) • Bypass MS OGA checking, another method via compatibility mode
MS Vista • MS admits Vista has high impact issues • Announces Vista SP1 for second half of 2007, Call for beta testers • Vista Voice Recognition could allow “hacking activity” • Vista Upgrade discs require presence of old OS. Questions raised regarding clean installs. • Symantec to develop add-on software for expanded control of Vista UAC
Oracle Patch Quarterly • 51 Security Fixes, Addressing 74 bugs • Affects various components within 10g, 11i, 9i • 58 Remote, 7 High Complexity, 41 No Auth. Required. • 4 sploits posted to milw0rm.com
Holes – Sec Products • Symantec overflow shifts and also works on port 2968 (netware port) • Trend Micro, UPX Processing Buffer Overflow Vulnerability • Allows remote code execution as root / administrator – patch available • Cisco Mars and ASDM, SSL/TLS and SSH Validation Security Issue • Allows spoofing / data disclosure – patch available • Checkpoint, Connectra End Point Security Bypass • Bypass security checking – patch available
DATA LOSS • UTD Update – orig 6K, adjusted to 35K • TXJ – (tjmaxx, marshals, homegoods, a.j.wirght) Records back to 2003, declined release of numbers. • MoneyGram – 79K • Nordea – (swedish bank) 250 users hit for 1.1 mil. • CIBC – (canadian bank) lost tape with 470K users • IRS – 26 lost tapes, numbers unknown • VA – 48K, missing portable HD
Holes - Generic • Cisco IOS, Multiple Vulns in ICMP, PIMv2, PGM, URD • Allow device restart, crash, memory leak – patch available • Sun Java JRE GIF Image Processing Buffer Overflow Vulnerability • Allow privilege escalation – patch available • FireFox 1.5, pop-up blocker allows reading of arbitrary files. • Solaris 10 / 11 telnet authbypass • Google AntiPhishing exposes user data • TomTom GO 910 devices ship with trojans • Another MySpace script, spams 1.5 mil accounts • Unreal.A for anti-RootKit evasion • KREMBO – Windows kernal detouring • Zone-H defaced
Games • San Diego woman dies in “Hold your wee for Wii” radio contest. • Wii mod chip to hit market. Allows play of “backup” games.
MOAB Update • 31 bugs annouced, 29 exploits released (1 code not required, 1 code TBA) • Landon Fuller and Company release 27 3rd party patches • Jan 24th Apple responds with Quicktime update. • Secunia reports fix addresses Apple and leaves Windows vuln
Corp. Hell • Apple unviels iPhone at MacWorld • No 3rd party apps • Cisco sues Apple over iPhone trademark. • Owns iPhone trademark via 1996 acqusition • Cisco with Linksys releases their own iPhone • Symantec buys Altiris • Google loses Gmail trademark battle to Germany • No gmail for you! • Sony Settles with FTC, $150.00 per RootKit
Film • Mooninites invade several cites, Boston shits a meat-axe • Turner to pay 2 mil in “damages” • Mooninite lite-brites hit ebay, as high as 5k • Porn industry drops Blu-Ray (sites restriction and cost of media) picks HD-DVD Format • Blu-Ray == Betmax, Anyone, anyone?? • Porn’s influence on format war is called into question • Blu-Ray sales up, Sony ready to claim winner of the format wars. • Some link spike to PS3 launch, and not true user adaptation • Serenity, crowned first HD-DVD movie to hit torrents • Muslix64 is back w/ Blu-Ray crack
Competitions • Wibu Systems Announces 40K hacker challenge • $40 registration required, circumvent CodeMeter encryption system • Nist to host competition for SHA-1 improvement / replacement
WTF • Sealand is for sale and PirateBay wants it • All contributors to be granted citizenship • MySpace GoDaddy turn off seclists.org • Fyodor repsonds with nodaddy.com • Calls for horror stories • Looking for a NoDaddy girl, spokes model • Root Server sustain attack • Skype found to read system BIOS • Diebold on-line store posts picture of “universal” voting machine key. Working copies made based on photo.
Updates • Change to Day Light Savings (hits March 11th) • WinPcap 4.0 (finally) • WireShark 0.99.5 (security fixes and WPA/WPA2 decryption) • Samba 3.0.24 • Autoruns 8.61 (98/ME functionality) • PSexe 1.80 (enhance -i flag for Vista) • Linux FUSE ported to Mac, MacFuse • AirCrack-ng 0.7 • Kismet • VirtualBox by Innotek turns open-source • Sun OSS ‘Fortress’ to replace Fortran
Legal • Federal Telephone Records and Privacy Protection Act bans ‘pretexting’ • FCC unleashes cable boxes • Senator John Sununu (R-NH) takes a new stab at abolishing Broadcast Flag • Texas Bill for open document format • Conneticut Teacher charged with felony child endagerment when pop-up displays porn in class. • Rumors of companies dropping DRM • Wikileaks.org, new leaked document repository