InfoSec News

Microsoft Office RTF File Stack Buffer Overflow Vulnerability
The general manager of a business partner of Connecticut's Domestic Bank has pleaded guilty to his role in a scheme that siphoned millions from automated teller machines.
Microsoft sued Motorola on Tuesday in a Washington court, alleging that Motorola is refusing to license patents on a reasonable basis, as it promised during standards-setting processes.
Oracle's potential damages in its corporate-theft lawsuit against SAP have been reduced by US$500 million following an order from Judge Phyllis Hamilton, SAP said on Tuesday.
Long the also-ran in the search market, announced on Tuesday that it is getting out of the search business.
RETIRED: Microsoft November 2010 Advance Notification Multiple Vulnerabilities
Apple's iPhone remains the most reliable smartphone, edging out hard-charging Android-based handsets made by Motorola and HTC, says a provider of after-sale warranties.
With ever more devices needing greater throughput for video and voice content, today's wireless hub-and-spoke network architecture is showing its age. What's needed is a wireless LAN (WLAN) solution capable of greater intelligence at the network's edge to optimize traffic flow without compromising security or quality of service and driving up cost.
PHP 'mb_strcut()' Function Information Disclosure Vulnerability
Microsoft Office Drawing Exception Handling Remote Code Execution Vulnerability
Microsoft Office Art Drawing Record Remote Code Execution Vulnerability
Microsoft PowerPoint (CVE-2010-2573) Heap Corruption Vulnerability
A recent survey by BoxTone of nearly 1,200 IT professionals found strong interest in deploying iPads and other Apple iOS products for use inside their organizations.
An SAP implementation conducted by the city government of Portland, Ore., went badly awry due to planning and project leadership problems, resulting in skyrocketing costs and a protracted time line, according to a report released Tuesday by the city's auditor.
What can you say about a laptop that ships with a 300W power supply and weighs more than 14 pounds? The Malibal Nine X7200 is an exercise in extremes: it's big, heavy, and gets loud under heavy use, but it's very, very fast on games and offers a stunningly gorgeous 17-inch, full 1080p display.
While many IT security professionals regard intrusion-preventions systems to be a natural extension of intrusion-detection systems, an IPS is actually another type of access control mechanism, rather than simply a a sister to IDS. In fact, it may surprise you to know that the term IPS is actually younger than IDS.
PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
Microsoft today patched 11 vulnerabilities, including one in Office that hackers will quickly exploit to launch drive-by attacks, said security experts.
Outside of Apple, Sony probably has the keenest sense of style in the computer industry. Sony laptops, including the F-series VAIO VPCF13AFX desktop replacement laptop, always seem to look a little better than the rest. The VPCF13AFX is not only stylish but also an excellent performer with decent ergonomics and the latest technologies. Unfortunately, its battery life is limited.
Oracle's new Enterprise Manager 11g Ops Center can watch servers, operating systems and virtual containers
Adobe Flash Player CVE-2010-3649 Remote Memory Corruption Vulnerability
Adobe Flash Player CVE-2010-3647 Remote Memory Corruption Vulnerability
Secunia Research: Microsoft Office Drawing Shape Container Parsing Vulnerability
Adobe Flash Player DLL Loading Arbitrary Code Execution Vulnerability
Nitesh Dhanjani posted a nice blog post as part of the SANS Application Security blog [1]. He discusses a particular interesting vulnerability in iOS. In iOS, like in other operating systems, application may register themselves to handle particular URL schemes. For example, a URL starting with tel: links to the telephone application.
However, how these URL schemes are dealt with depends on the application receiving these requests from the browser. The telephone application will for example prompt the user asking if it should dial the number. Skype on the other hand does not prompt the user. In order to prompt the user, the application has to fully load and start up. So at the very least the attacker may be able to load the application.
Desktop browsers, like for example Firefox, will first prompt the user for these external URLschemes (try telnet:, which will launches a terminal and open telnet in most cases).

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Sales of NAND flash chips used for making solid-state drives and USB flash drives were 17% higher in Q3 than they were in Q2, according to DRAMexchange. Samsung still leads the way in sales.
Security researchers today warned that Apple's OS X contains a critical vulnerability that attackers could use to hijack Macs running the older Leopard version of the operating system.
Linux Kernel 'do_io_submit()' Integer Overflow Vulnerability
Linux Kernel 'net/sched/act_police.c' File Memory Leak Local Information Disclosure Vulnerability
Re: D-Link DIR-300 authentication bypass
Linux Kernel 'XFS_IOC_FSGETXATTR' Information Disclosure Vulnerability
Microsoft repaired four vulnerabilities in its Forefront Unified Access Gateway and a critical flaw in Microsoft Office.

Add to digg Add to StumbleUpon Add to Add to Google
Polycom announced that it has reached an agreement with Samsung to embed high-definition videoconferencing capability into Samsung's new Galaxy Tab tablet computer.
The Apache Foundation has found itself in the middle of a battle with Oracle over Java
The planned merger of Indian outsourcer Satyam Computer Services with Tech Mahindra, its dominant shareholder, will lead to the creation of an outsourcer focused on key segments like telecommunications, manufacturing and enterprise applications, a company executive said on Tuesday.
Kno on Tuesday said it will start shipping its book-like, dual-screen tablet later this year for $899.
Novell has unveiled the beta version of its new Vibe collaboration platform that was developed with enterprise users in mind.
Advanced Micro Devices has started shipping units of the first low-power Fusion chips for use in consumer laptops and netbooks, a company official said on Tuesday.
Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
[ MDVSA-2010:223 ] mysql
Secunia Research: Microsoft PowerPoint PP7X32.DLL Record Parsing Vulnerability
[ MDVSA-2010:222 ] mysql
Overview of the November 2010 MicrosoftPatchesand their status.

Contra Indications
Known Exploits
Microsoft rating
ISC rating(*)


Vulnerabiliites in Microsoft Office code execution (Replaces MS10-003 MS10-036)

Microsoft Office





KB 2423930
exploit available.

Exploitability: 1

Vulnerabilities in Microsoft PowerPoint code execution (Replaces MS10-004, MS10-036, MS09-017)

Microsoft Office


KB 2293386

Exploitability: 1

Vulnerabilities in Forefront Unified Access Gateway escalation of privilege

Forefront UAG




KB 2316074

Exploitability: 1

We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.

The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
RETIRED: osTicket 'module.php' Local File Include Vulnerability
The HTC DH7, one of the first smartphones featuring the Windows Phone 7 OS, has sold out one day after its release.
CA Technologies has sold off its remaining 20% stake in Ingres to venture capital firm Garnett & Helfrich Capital, which is now the open-source database company's sole owner.
Ever think roadwork holds the key to improving your security career?
IBM OmniFind - several vulnerabilities
D-Link DIR-300 authentication bypass
Application test and development projects are a natural starting place for companies moving to use cloud computing services. Forrester Research's James Staten discusses how to tell if your project is a good match for the cloud.
Departing Microsoft exec Ray Ozzie is leaving behind a communique expanding on his 2005 call for Microsoft to further eschew the PC-centric world and push further into cloud computing or slowly wither away.
Amazon Web Services has added an SLA (service level agreement) to its cloud-based content delivery service CloudFront, which now has become generally available, the company said on Tuesday.
There are two ways to look at the Cisco SA 520 network security appliance. On one hand, it offers a solid array of features: 65Mbps IPSec VPN throughput, 100Mbps overall throughput, integrated firewall (limited to 100 rules), built-in filtering for common services like IM and P2P networking, SSL VPN, IPS, DDNS, and multi-WAN support. On the other hand, it has nearly no relation to the rest of Cisco's security solutions.
[USN-1008-4] libvirt regression
[CORE-2010-0825] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch
JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability
Spoofed email builds on interest in Chinese dissident to deliver Trojan

Add to digg Add to StumbleUpon Add to Add to Google
A couple of weeks ago, a tricky new Firefox plug-in called Firesheep made hijacking someone's Web browsing session point-and-click simple. You should take extra precautions to ensure that nobody hacks into your online accounts when you surf on public Wi-Fi networks.
Nvidia on Tuesday announced its next-generation graphics processing unit, the GeForce GTX 580, which the company said is its fastest-performing GPU to date.

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Google is upping the ante in its competition with Microsoft Bing by adding preview graphics to its search results.
If you've found yourself playing catch-up on Google Android, here's a selection of resources from Network World and our sister publications to get you up to speed quickly.
Both smaller and larger companies can benefit from the economies of scale and accessibility of Microsoft's Office 365 cloud platform, company official says
A Novell cloud-hosted enterprise social-networking and collaboration suite announced a year ago will for the first time become widely available on Tuesday, although it will still be in beta, or test, mode.
osTicket 'module.php' Local File Include Vulnerability
A security researcher asserts is that Apple made a poor security decision by allowing its Safari browser to honor requests from third-party apps to perform actions like making phone calls without warning users.

Getting Out of the Infosec Budget Rut
State governments find themselves trapped between the proverbial rock and a hard place. They maintain more sensitive data than do most businesses but spend ...

Microsoft rivals would have little chance or prevailing in an antirust lawsuit challenging the vendor's move to distribute antivirus software through Windows service updates, an expert says.
Tiny computers can help a company go green, make the best use of space and save money. We review three of the latest ultra-small Windows 7 PCs -- and peek at Apple's Mac Mini for good measure. will give magazine and newspaper publishers selling through the Kindle Store up to 70% of the retail price of their products, after delivery costs, it said on Monday.
Opera Software has released its Mobile 10.1 beta for Android, joining the battle for browser supremacy on Android-based smartphones.
In response to considerable privacy concerns, the federal Office of Personnel Management (OPM) is expected to soon release more details on its plans for a controversial new database containing information on the healthcare claims of millions of Americans.
NetApp today announced hardware upgrades to its entire line of Fabric-Attached Storage (FAS) arrays, as well as new features and functionality to its Data ONTAP 8 operating system.
Novell GroupWise Multiple Remote Vulnerabilities
Woltlab Burning Board 'locator.php' SQL Injection Vulnerability
Google is facing a hunger strike in China from a group of advertising resellers who are protesting the company for terminating their contracts.

Internet Storm Center Infocon Status