Sunday, August 28, 2005

Threats Spread Thick

Top 5 vulnerabilities as reported by ThreatFocus for Monday, August 22nd, 2005

DateTitleSeverity
8/19/2005 Microsoft [Security Advisory: A COM Object (Msdds.dll) Could Cause Internet Explorer to Unexpectedly Exit] High
8/17/2005 Adobe [Acrobat / Reader Plug-in Buffer Overflow Vulnerability] High
8/16/2005 Apple [Security Update 2005-007] High
8/19/2005 Red Hat [php security update] High
8/17/2005 Debian [New Mozilla packages fix frame injection spoofing vulnerability] High


http://www.pcmag.com/article2/0,1895,1850852,00.asp

Worm Could Squirm on Windows XP

"It is important to note that Simple File and Print Sharing is only available on Windows XP machines that are not part of a Windows Active Directory Domain. However, configuring a Windows XP SP1 host to share network resources prior to joining an Active Directory Domain will leave it in the vulnerable state even after the Domain is joined," the company warned.

By Ryan Naraine
“Microsoft late Tuesday warned that the Zotob worm could start squirming through certain configurations of Windows XP SP1 (Service Pack 1).

The worm, which squirms through a flaw in the Windows PnP (Plug and Play) service, has wreaked havoc on unpatched Windows 2000 machines, but new information suggests some Windows XP users could also be at risk.

Late Tuesday, Microsoft Corp. issued a new advisory that confirmed the expanded threat and recommended that users implement workarounds to thwart a new worm outbreak.

Users of Windows XP SP2 are not vulnerable to remote attacks.…”

http://www.eweek.com/article2/0,1895,1851908,00.asp?kc=ewnws082505dtx1k0000599

8 Out Of 10 Enterprise PCs Spyware Infected

The number of malicious sites hosting spyware has quadrupled since the start of the year, said Richard Stiennon, Webroot's director of threat research, and now number over 300,000 URLs.

By Gregg Keizer, TechWeb News
“On average, enterprise PCs have 27 pieces of spyware on their hard drives, a 19 percent increase in the last quarter alone, while a whopping 80 percent of corporate computers host at least one instance of unwanted software, whether that's adware, spyware, or a Trojan horse.

Worse, said Stiennon, evidence is accumulating that spyware is becoming more malicious than ever.

"The actual maliciousness of it is increasing," he noted. "There's simply more malicious activity per piece of spyware. They're not satisfied with making their seven cents a click by flooding systems with adware; now they're focusing on identity theft, sometimes from within an organization. Spyware's being used by insiders to, in essence, hack their employer or boss."

Instances of such activity during the second quarter included a scandal in Israel and a stymied multi-million dollar bank robbery in the U.K. that was based on spyware.

Part of the bump-up in spyware infection rates and most of the reason behind its increasing nastiness is due to pressure on spyware-as-a-business, Webroot claimed.

"There's an underlying principle that often gets overlooked: spyware's a business like any other," said C. David Moll, the chief executive of Boulder, Colo.-based Webroot. "Like any business, spyware developers are committed to increasing their profit margins by expanding their distribution channels, utilizing new products, and entering new markets.…" ”


http://www.crn.com/nl/crnupdate/showArticle.jhtml?articleId=169600391