Friday, October 19, 2007

On Hiatus

In case you haven't guessed, both The BugBlog and the Backup BugBlog are on hiatus. Things are just too busy at the moment for blogging.

Tuesday, January 09, 2007

Some of Word's Galleries are Missing

A new feature in Microsoft Word 2007 is the Building Block Gallery. There is a content control with a drop-down list of galleries, but Microsoft says that not all the galleries are displayed. Some of the ones that aren't are the Bibliography, Watermark, and Cover Page galleries. At http://support.microsoft.com/kb/930201 they say this behavior is by design, but they don't say anything about how to see the missing ones.

Labels: ,

Opera 9 Bugs

Two bugs have been discovered in Opera Software's Opera 9 web browser, that may allow attackers to sneak hostile code onto a computer. One bug is in the way Opera handles DHT markers in JPEG files. The other is in the matrices are handled in JavaScript and SVG. These bugs have been fixed in Opera 9.10, which you can get at http://www.opera.com/download/. Opera credits iDefense Labs for finding these bugs.

Labels: , ,

Adobe Reader Bugs

There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to caryy out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report at http://www.kb.cert.org/vuls/id/815960. Stefano Di Paola, Giorgio Fedon, and Elia Florio are credited with finding these bugs. UPDATE: Adobe now has a bulletin at http://www.adobe.com/support/security/advisories/apsa07-01.html.

Labels: ,

Google Patches Gmail hole

It appears that Google has fixed a bug in Gmail that would allow a cross-site scripting attack. If a user logged on to Gmail, using their browser, and then later visited a malicious website (without logging out of Gmail), the attackers may have been able to steal all the email addresses from the Contacts list. There have been conflicting reports on how rapidly, and how completely, Google fixed this bug. Network World has the report as of 1/2/07 at http://www.networkworld.com/news/2007/010207-google-closes-gmail-cross-site-scripting.html

Labels: ,

Quicktime Bug Allows Buffer Overflow

There is a bug in the way that Apple Quicktime handles RTSP (Real time streaming protocol) links. It may be possible for an attacker to construct one of these links that would trigger a buffer overflow which could be used to run hostile code on your computer. According to the Secunia website at http://secunia.com/advisories/23540/, the bug has been verified in Quicktime 7.1.3.100 for Windows. It is also supposed to affect other Windows and Mac versions as well. Secunia credits LMH for finding the bug. It comes from the "Month of Apple Bugs" website at http://projects.info-pull.com/moab/.

Labels: ,

Sunday, December 31, 2006

Reports of a Gmail Problem

Techcrunch reports on an issue where a number of people, who all appear to be Mozilla Firefox 2.0 users, reported a mass deletion of their Gmail emails, while they were logged in. Read more at http://www.techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/, including a link to a discussion of the problem at Google Groups, and a response from Google -- which indicates this affected around 60 people. Just goes to show that you should back up your Gmail, err... never mind.

Labels: ,

Novell SUSE Pops a New Kernel

There is a new Linux 2.6 kernel for Novell SUSE Linux Enterprise Server 9 and SUSE Linux Enterprise 10. It fixes a bug in the UDF filesystem that sometimes caused the computer to hang when it was truncating files. It also plugged a struct file leak in the perfmon(2) system that happened when the OS was running on an Itanium-based system. Find out more at http://www.novell.com/linux/security/advisories/2006_79_kernel.html

Labels: ,

Acrobat Viewer for the Mac Only Likes Safari

If you want to view Adobe Acrobat PDF files within the Apple Safari web browser, you must be using Mac OS X 10.4.3 or later. Adobe says that the Adobe PDFViewer for Mac OS X won't work on older versions. Also, it will only work within Safari; it doesn't work with Firefox or Opera running on a Mac. See http://www.adobe.com/support/techdocs/333545.html for configuration information.

Labels: ,

Media Center Update Causes DRM Bug

Once you have installed Windows XP Media Center Edition 2005 Update Rollup 2, you may have problems with Windows Media Digital Rights Manager files. Try to play back one of the protected files, and you may get an error message similar to one of these:
Restricted Content: Restrictions set by the broadcaster and/or originator of the content prohibit playback of the program on this computer
or
0xC00D2751: A problem has occurred in the Digital Rights Management component. Contact Microsoft product support.
Microsoft has issued a new fix to take care of the bug introduced by Update Rollup 2. Get the latest fix at http://support.microsoft.com/kb/913800/. Watch here to find out what bugs this latest bug fix introduced.

Labels: , ,

Threat Against Windows, Including Vista

TThe Microsoft Security Response Center may have had a slight delay in the beginning of their Christmas holiday, with reports of a public exploit against the Client Server Run-Time Subsystem in Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems. According to their blog, the attacker must have authenticated access to a computer system in order to carry out the attack, which makes it potentially less damaging. More interesting, however, is that Vista is included on the list of vulnerable systems. Read the whole thing at http://blogs.technet.com/msrc/archive/2006/12/22/new-report-of-a-windows-vulnerability.aspx.

Labels: , ,

Cursor Bug Trips Up Mozilla

There is a bug in the way that Mozilla Firefox 2.0 and 1.5.0.8, Thunderbird 1.5.0.8, and SeaMonkey 1.0.6 set the CSS (Cascading Style Sheet) cursor property. The bug may cause a buffer overflow as the custom cursor is converted to a Windows bitmap. This can possibly be exploited by a malicious website to install hostile code on your computer. This has been fixed in Firefox 2.0.0.1 and 1.5.0.9, Thunderbird 1.5.0.9, and SeaMonkey 1.0.7. Mozilla rates this as a Critical bug, and credits Frederik Reiss with finding and reporting it.

Labels: ,

Apple Says - Avoid This Folder

Apple has hired some creative writers for their Knowledge Base. They say "As if it were a swarm of bees, you should stay away from the SyncServices folder" for Mac OS X 10.4. If you don't heed their advice you could end up with duplicate data in your address book or iCal. Even worse, you may lose some data. If you don't know where that folder is (and remember that you shouldn't go there), it's in Home folder, Library, Application Support. Appreciate their entire literary effort at http://docs.info.apple.com/article.html?artnum=301920.

Labels:

Anti-Phishing Speed Up for IE

The anti-phishing shield in Microsoft Internet Explorer 7 may cause the browser to bog down and run slowly if you visit a web page that has lots of frames, or if you browse through many different frames over a short period of time. Microsoft has a fix for this. IE 7 users can get it at http://support.microsoft.com/kb/928089.

Labels: , ,

Yahoo Messenger Tripped Up By ActiveX Bug

Yahoo (I'm not putting in the exclamation point) says there is a bug in their Yahoo Messenger due to a bad ActiveX control. The bug may trigger a buffer overflow, which could be activated by visiting a maliciously designed web page. Yahoo says you may be vulnerable if you installed Yahoo Messenger before 11/2/06 (although they didn't post this notice until 12/8/06). You can get an update that fixes this bug at http://messenger.yahoo.com/security_update.php?id=120806

Labels: ,

Vista Changes Unpacking Method

Microsoft has changed the way that the Microsoft Update Standalone packages work for Windows Vista. The old way to view the contents or extract the contents of one of the packages will not work -- especially if you are trying to do this on a non-Vista computer. It's because they use the "New and Improved" (those are air-quotes) Intra-Package Delta (IPD) compression technology. You will need to get the Windows Vista OEM Pre-installation Kit (OPK) if you want to view and extract. See http://support.microsoft.com/kb/928636 for the details.

Labels: , ,

An Accidental Patch from Microsoft

A security patch for Microsoft Office for the Mac was accidently released ahead of time via auto-update. According to the Microsoft Security Response Center blog, they are still testing this patch, and a pre-release version was accidently released. They've taken the patch out of circulation, and they also recommend that you uninstall the patch. See http://blogs.technet.com/msrc/archive/2006/12/13/information-on-accidental-posting-of-pre-release-security-updates-for-office-for-mac.aspx for the details.

Labels: , ,

Windows Media Format Bugs Allow Attacks

There are two critical bugs in Windows Media Format files that can affect almost all current versions of Microsoft Windows. One bug is in the way that Windows handles Advanced Systems Format (ASF) files, and the other is in Advanced Stream Redirector (ASX) files. Run into one of the maliciously-designed files at a website or in email, and the attacker may be able to take control of your system. It affects Windows 2000, Windows XP, and Windows Server 2003, but not Windows Vista. It affects all versions of Microsoft Windows Media Format 7.1 through 9.5 Series Runtime, but version 11 is not affected. Microsoft has patches available at http://www.microsoft.com/technet/security/Bulletin/MS06-078.mspx.

Labels: ,

Another MS Word Attack

There is a new zero-day attack against Microsoft Word, apparently unrelated to the zero-day attack discussed in the 12.6 BugBlog. It affects Word 2000, 2002, 2003, and the Word Viewer 2003. However, the brand new Word 2007 is not affected. (A cynical person would say this is all a marketing ploy to get people to upgrade. Luckily, I'm not cynical.) The issue is being actively exploited, according to Microsoft. At this point, it does not appear that there will be a fix for either of these issues in time for the 12/12 Patch Tuesday Security Releases. See http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx for more.

Labels: , ,

AOL ActiveX Control Allows Attack

There is a buffer overflow bug in an ActiveX control in AOL 7, 8 and 9 that may allow a malicious website to run their code on your system. You would need to visit the website with Microsoft Internet Explorer, and AOL 9.0 Security Edition revision 4156.910 or earlier (including America Online 7.0 revision 4114.563, AOL 8.0 revision 4129.230). The bug was discovered by Secunia Research, who say that using the automatic update function for AOL will get you a version of AOL 9 that is fixed. See http://secunia.com/advisories/23043/ for the details.

Security Bugs with Acrobat and Adobe Reader

Adobe says that Acrobat 7 and the Adobe Reader 7 have a number of critical bugs that need to be fixed. Attackers may be able to design a malicious PDF file that takes advantage of these to take control of your computer. Users of the free Adobe Reader 7 need to upgrade to the free Reader 8 at http://www.adobe.com/products/acrobat/readstep2.html. Users of Acrobat 7.x should see the fix information at http://www.adobe.com/support/security/bulletins/apsb06-20.html.

Zero Day Attack Against MS Word

There is a new zero-day attack against Microsoft Word 2000, XP, 2003, Word for the Mac, and Microsoft Works. Users could only be affected if they opened up a maliciously designed Word document. Microsoft itself claims in their security advisory that attacks have been limited, but hostile code is circulating on various malware sites. We are a week away from the next Patch Tuesday, so I'm guessing that Microsoft is working fast to get a fix ready. Read more at http://www.microsoft.com/technet/security/advisory/929433.mspx

Saturday, December 09, 2006

Worm Reports on MySpace

Security researchers at Websense Security Labs report on a worm that is exploiting a bug on MySpace, along with the Apple QuickTime player's support of Javascript, to infect webpages on MySpace. After the infection, links on a MySpace profile may get replaced with links to phishing sites. If you see an empty QuickTime video, or it looks like your links have been changed, you may have been infected. See http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708 for more.

Update Windows XP Media Center to Appease Zune

You will not be able to install the Microsoft Zune software on a Microsoft Windows XP Media Center 2005 computer unless you have installed the Rollup Update 2 for the Media Center. Without it, you will get this blunt error message:
"Operating System Not Supported"
To achieve compatibility, get the update at http://support.microsoft.com/kb/900325. Also, the Zune software is totally incompatible with both Windows XP Media Center Edition 2002 and Microsoft Windows XP Media Center Edition 2004. If you are using those versions, I guess you can always stick with iTunes.

Microsoft Wins Bug of the Month

The latest in a series of ActiveX problems gives Microsoft another "win".
http://www.bjkresearch.com/bugblog/month/index.cfm

Vista and Office 2007 Together Bring Bugs

If you have upgraded to Windows Vista from Windows XP, and then on the same computer upgrade to Microsoft Office 2007 from some earlier version of Office, you may have a problem doing searches in Outlook 2007. If Outlook 2007 uses Rich Text Format (RTF) as its file type, none of your searches will find results within RTF messages. Microsoft has a fix for this. See the details at http://support.microsoft.com/kb/927595.

Vista Officially Launched , And Threat Identified

Microsoft officially launched Vista on November 30. That's also the day that the anti-virus firm Sophos said that some malware already known to be on the Web can bypass Vista's defenses if downloaded through third-party Web-based email. Even if the malware gets through, however, other parts of Vista may still be able to stop it from causing damage. Read the whole thing at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005542.

Adobe ActiveX Control May Cause Crash

There is a bug in an ActiveX control for Adobe Reader 7.0.x and Adobe Acrobat 7.0.x that may allow an attacker to crash a computer after opening a corrupt PDF. However, it only affects you if you click on a link within Microsoft Internet Explorer to view a PDF file. Adobe's suggested workaround is to delete the ActiveX control. This means you won't be able to view PDFs from within IE; however, you will still be able to open them in the stand-alone Adobe Reader or Acrobat. See http://www.adobe.com/support/security/advisories/apsa06-02.html for the details on how to delete the file, if you use IE.

Wednesday, November 22, 2006

Apple Archive May Mean Adobe Activation Again

According to Apple, if you do an Archive and Install of a Mac OS X 10.4 computer, and you have Adobe software installed, you might have to re-activate the software. To find the various ways that activation of Adobe software might screw you up, see http://www.adobe.com/support/techdocs/331418.html.

Adobe Has Another Flash Update

Adobe has an updated Flash Player 9.0.28.0 that patches a security bug that affects Flash Player 7.x, 8.x, and 9.x. The bug lets remote attackers modify HTTP headers which could then lead to HTTP Request Splitting attacks. Users of Flash Player 7-9 should get the latest player at http://www.adobe.com/go/getflashplayer. Note that Microsoft also issued a security bulletin on the same day about Flash Player -- but this bulletin was about a bug in Flash Player 6, a bug fixed by Adobe two months earlier.

Microsoft Agent Bug

Microsoft says that their Microsoft Agent software technology has a critical bug that may allow a hostile website to completely control your computer. To fall victim, you would need to visit a website that links to a malicious .ACF file. This is a Critical bug for Windows 2000 and Windows XP, and a Moderate bug for Windows Server 2003. There is information on a temporary workaround, plus links to a permanent fix, at http://www.microsoft.com/technet/security/Bulletin/MS06-068.mspx. If you really aren't that familiar with Microsoft Agent (I wasn't) you can learn about it at http://www.microsoft.com/msagent/default.asp.

Cisco Secure Desktop is Insecure

Cisco says their Cisco Secure Desktop (CSD) 3.1.1.33 and earlier software has three bugs that lessen security. One bug may leave information from an Internet browsing session using SSL VPN (Secure Socket Layer on a Virtual Private Network) on a computer after the session ends. Another bug will let users leave the Secure Desktop when they shouldn't, and then third lets local users gain extra privileges. Cisco has fix information at http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml.

Less Importing in Office 2007

Microsoft eliminated a number of file import filters for some really old file formats. According to Microsoft, Excel 2007 won't be able to open or save in these formats: WK1 (1-2-3), WK4 (1-2-3), WJ3 (1-2-3 Japanese) (.wj3), WKS (1-2-3) WK3 (1-2-3), WK1,FMT(1-2-3), WJ2 (1-2-3 Japanese) (.wj2), WJ3, FJ3 (1-2-3 Japanese), DBF 2 (dBASE II), WQ1 (Quattro Pro/DOS), WK3,FM3(1-2-3), Microsoft Excel Chart (.xlc), WK1,ALL(1-2-3), WJ1 (1-2-3 Japanese) (.wj1) WKS (Works Japanese) (.wks). Chances are, if you've been plugging away on a DOS version of Lotus 1-2-3, I guess you aren't the type of computer user contemplating a jump to Office 2007.

Tuesday, November 14, 2006

Mozilla Patches Digital Signature Bug

There is a bug in the way that Mozilla Firefox, Thunderbird, and SeaMonkey handle RSA digital signatures. If the signatures use a low exponent, they could be forged. Mozilla fixed this in Firefox 2, but the fix was incomplete in Firefox 1.5.0.7. They have come out with a bug fix release, Firefox and Thunderbird version 1.5.0.8, and SeaMonkey 1.0.6, to take care of this and a few other bugs. Mozilla credits Ulrich Kuehn for finding this bug.
f you are a WordPress blogger, (hmm, maybe I shouldn't mention that here at Blogger) it's time to upgrade. WordPress has released WordPress 2.0.5, which has around 50 bug fixes. Some of the fixes tighten security, including in the wp-db-backup plug-in. You can get the upgrade at http://wordpress.org/download/.

Microsoft XML Bug

Microsoft has issued a Security Advisory about a bug in the XMLHTTP 4.0 ActiveX Control. This control is part of Microsoft XML Core Services 4.0 on Windows, which should be present on Windows 2000, Windows XP, and Windows Server 2003 computers, even if the users don't know it. However, Windows Server 2003 users running with Enhanced Security Configuration on will not be vulnerable. An attack could be mounted if you browse to a maliciously designed page, resulting in hostile code running on your computer. Microsoft is working on a patch which will be coming in a future Patch Tuesday. Read the details at http://www.microsoft.com/technet/security/advisory/927892.mspx.

MacBook Cure for "Random System Shutdown"

There is a new SMC firmware update for Apple MacBooks running Mac OS X 10.4.7 and 10.4.8. This update is supposed to improve stability and also cure unexpected shutdowns, what outsiders (but not Apple) refers to as "random shutdown syndrome." Get the update at http://www.apple.com/support/downloads/macbooksmcfirmwareupdate11.html.

Monday, November 06, 2006

IE 7 Causes Problems for McAfee Updates

McAfee reports that after you upgrade to Microsoft Internet Explorer 7, you will have problems updating McAfee Consumer 2006 products. By their count, you will see nine different yellow Information Bar warnings before you will be able to update their products. If you need help, McAfee has a 25 step workaround listed at http://ts.mcafeehelp.com/faq3.asp?docid=410052.

IE 7 Plays Havoc With Windows XP Repair

Once you have installed Microsoft Internet Explorer 7, you must take special precautions before you do a Windows XP repair installation. If you don't, you will break Internet Explorer. (Probably because the repair installation will write a whole bunch of older IE 6 DLL files.) Microsoft says you must uninstall IE 7 before doing the repair installation -- assuming your computer is functioning well enough for that. After the repair, you can reinstall IE 7. Read the details from Microsoft at http://support.microsoft.com/kb/917964/.

xBox 360 May Not Like Windows Media Player 11

If you first install Microsoft Windows Media Player 11 on a Windows XP computer, and then you try to authorize your Microsoft Xbox 360 to use it with Windows Media Connect, you may get an error message and the authorization won't take place. Microsoft has a workaround for this listed at
http://www.microsoft.com/windows/windowsmedia/player/11/readme.aspx#ErrorwhensettingupXbox360softwareafter
WindowsMedi