tag:blogger.com,1999:blog-351425682011-12-14T21:37:48.536-05:00This is a backup to the real BugBlog at www.bugblog.comBruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comBlogger651100tag:blogger.com,1999:blog-35142568.post-38743803941608157262007-10-19T07:10:00.001-04:002007-10-19T07:10:55.049-04:00

In case you haven't guessed, both The BugBlog and the Backup BugBlog are on hiatus. Things are just too busy at the moment for blogging.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-27002285874463795912007-01-09T15:28:00.002-05:002007-01-09T15:29:07.817-05:00

A new feature in Microsoft Word 2007 is the Building Block Gallery. There is a content control with a drop-down list of galleries, but Microsoft says that not all the galleries are displayed. Some of the ones that aren't are the Bibliography, Watermark, and Cover Page galleries. At http://support.microsoft.com/kb/930201 they say this behavior is by design, but they don't say anything about how to

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-51381317347205921432007-01-09T15:28:00.001-05:002007-01-09T15:28:33.923-05:00

Two bugs have been discovered in Opera Software's Opera 9 web browser, that may allow attackers to sneak hostile code onto a computer. One bug is in the way Opera handles DHT markers in JPEG files. The other is in the matrices are handled in JavaScript and SVG. These bugs have been fixed in Opera 9.10, which you can get at http://www.opera.com/download/. Opera credits iDefense Labs for finding

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-83223349651366068982007-01-09T15:27:00.001-05:002007-01-09T15:27:58.576-05:00

There are a number of bugs in the Adobe Acrobat Plug-In for browsers, and in the free Adobe Reader 6 and 7. A malicious website may be able to caryy out cross-site scripting attacks because the browser plug-in doesn't correctly validate URI parameters. US CERT says that it appears the bugs were fixed in Adobe Reader 8. Read their report at http://www.kb.cert.org/vuls/id/815960. Stefano Di Paola,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-22328690324566391572007-01-09T15:26:00.000-05:002007-01-09T15:27:04.885-05:00

It appears that Google has fixed a bug in Gmail that would allow a cross-site scripting attack. If a user logged on to Gmail, using their browser, and then later visited a malicious website (without logging out of Gmail), the attackers may have been able to steal all the email addresses from the Contacts list. There have been conflicting reports on how rapidly, and how completely, Google fixed

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-53263163419659653872007-01-09T15:21:00.000-05:002007-01-09T15:26:30.879-05:00

There is a bug in the way that Apple Quicktime handles RTSP (Real time streaming protocol) links. It may be possible for an attacker to construct one of these links that would trigger a buffer overflow which could be used to run hostile code on your computer. According to the Secunia website at http://secunia.com/advisories/23540/, the bug has been verified in Quicktime 7.1.3.100 for Windows. It

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-12156236454822231312006-12-31T17:06:00.002-05:002006-12-31T17:07:23.957-05:00

Techcrunch reports on an issue where a number of people, who all appear to be Mozilla Firefox 2.0 users, reported a mass deletion of their Gmail emails, while they were logged in. Read more at http://www.techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/, including a link to a discussion of the problem at Google Groups, and a response from Google -- which indicates this

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-8104887369199431012006-12-31T17:06:00.001-05:002006-12-31T17:06:48.919-05:00

There is a new Linux 2.6 kernel for Novell SUSE Linux Enterprise Server 9 and SUSE Linux Enterprise 10. It fixes a bug in the UDF filesystem that sometimes caused the computer to hang when it was truncating files. It also plugged a struct file leak in the perfmon(2) system that happened when the OS was running on an Itanium-based system. Find out more at http://www.novell.com/linux/security/

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-80017740426383837012006-12-31T17:05:00.001-05:002006-12-31T17:06:10.052-05:00

If you want to view Adobe Acrobat PDF files within the Apple Safari web browser, you must be using Mac OS X 10.4.3 or later. Adobe says that the Adobe PDFViewer for Mac OS X won't work on older versions. Also, it will only work within Safari; it doesn't work with Firefox or Opera running on a Mac. See http://www.adobe.com/support/techdocs/333545.html for configuration information.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-69249832358488598512006-12-31T17:04:00.000-05:002006-12-31T17:05:01.568-05:00

Once you have installed Windows XP Media Center Edition 2005 Update Rollup 2, you may have problems with Windows Media Digital Rights Manager files. Try to play back one of the protected files, and you may get an error message similar to one of these: Restricted Content: Restrictions set by the broadcaster and/or originator of the content prohibit playback of the program on this computer

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-55817738700237442122006-12-31T17:03:00.002-05:002006-12-31T17:04:21.414-05:00

TThe Microsoft Security Response Center may have had a slight delay in the beginning of their Christmas holiday, with reports of a public exploit against the Client Server Run-Time Subsystem in Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems. According to their blog, the attacker must have authenticated access to a computer system in

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-30652313729786946922006-12-31T17:03:00.001-05:002006-12-31T17:03:37.687-05:00

There is a bug in the way that Mozilla Firefox 2.0 and 1.5.0.8, Thunderbird 1.5.0.8, and SeaMonkey 1.0.6 set the CSS (Cascading Style Sheet) cursor property. The bug may cause a buffer overflow as the custom cursor is converted to a Windows bitmap. This can possibly be exploited by a malicious website to install hostile code on your computer. This has been fixed in Firefox 2.0.0.1 and 1.5.0.9,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-16665737584723392792006-12-31T17:02:00.000-05:002006-12-31T17:03:05.351-05:00

Apple has hired some creative writers for their Knowledge Base. They say "As if it were a swarm of bees, you should stay away from the SyncServices folder" for Mac OS X 10.4. If you don't heed their advice you could end up with duplicate data in your address book or iCal. Even worse, you may lose some data. If you don't know where that folder is (and remember that you shouldn't go there), it's in

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-71602314226717790792006-12-31T17:01:00.002-05:002006-12-31T17:02:29.074-05:00

The anti-phishing shield in Microsoft Internet Explorer 7 may cause the browser to bog down and run slowly if you visit a web page that has lots of frames, or if you browse through many different frames over a short period of time. Microsoft has a fix for this. IE 7 users can get it at http://support.microsoft.com/kb/928089.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-85194570899101271462006-12-31T17:01:00.001-05:002006-12-31T17:01:47.443-05:00

Yahoo (I'm not putting in the exclamation point) says there is a bug in their Yahoo Messenger due to a bad ActiveX control. The bug may trigger a buffer overflow, which could be activated by visiting a maliciously designed web page. Yahoo says you may be vulnerable if you installed Yahoo Messenger before 11/2/06 (although they didn't post this notice until 12/8/06). You can get an update that

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-76658124022905179112006-12-31T17:00:00.000-05:002006-12-31T17:01:09.663-05:00

Microsoft has changed the way that the Microsoft Update Standalone packages work for Windows Vista. The old way to view the contents or extract the contents of one of the packages will not work -- especially if you are trying to do this on a non-Vista computer. It's because they use the "New and Improved" (those are air-quotes) Intra-Package Delta (IPD) compression technology. You will need to

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-49246421263646083042006-12-31T16:59:00.002-05:002006-12-31T17:00:30.980-05:00

A security patch for Microsoft Office for the Mac was accidently released ahead of time via auto-update. According to the Microsoft Security Response Center blog, they are still testing this patch, and a pre-release version was accidently released. They've taken the patch out of circulation, and they also recommend that you uninstall the patch. See http://blogs.technet.com/msrc/archive/2006/12/13

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-67263330798980113612006-12-31T16:59:00.001-05:002006-12-31T16:59:54.083-05:00

There are two critical bugs in Windows Media Format files that can affect almost all current versions of Microsoft Windows. One bug is in the way that Windows handles Advanced Systems Format (ASF) files, and the other is in Advanced Stream Redirector (ASX) files. Run into one of the maliciously-designed files at a website or in email, and the attacker may be able to take control of your system.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-68804594039541149502006-12-31T16:58:00.002-05:002006-12-31T16:59:18.526-05:00

There is a new zero-day attack against Microsoft Word, apparently unrelated to the zero-day attack discussed in the 12.6 BugBlog. It affects Word 2000, 2002, 2003, and the Word Viewer 2003. However, the brand new Word 2007 is not affected. (A cynical person would say this is all a marketing ploy to get people to upgrade. Luckily, I'm not cynical.) The issue is being actively exploited, according

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-20869536437963609582006-12-31T16:58:00.001-05:002006-12-31T16:58:38.518-05:00

There is a buffer overflow bug in an ActiveX control in AOL 7, 8 and 9 that may allow a malicious website to run their code on your system. You would need to visit the website with Microsoft Internet Explorer, and AOL 9.0 Security Edition revision 4156.910 or earlier (including America Online 7.0 revision 4114.563, AOL 8.0 revision 4129.230). The bug was discovered by Secunia Research, who say

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-51323893347115965062006-12-31T16:57:00.000-05:002006-12-31T16:58:12.511-05:00

Adobe says that Acrobat 7 and the Adobe Reader 7 have a number of critical bugs that need to be fixed. Attackers may be able to design a malicious PDF file that takes advantage of these to take control of your computer. Users of the free Adobe Reader 7 need to upgrade to the free Reader 8 at http://www.adobe.com/products/acrobat/readstep2.html. Users of Acrobat 7.x should see the fix information

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-15502502950382078202006-12-31T16:56:00.000-05:002006-12-31T16:57:38.468-05:00

There is a new zero-day attack against Microsoft Word 2000, XP, 2003, Word for the Mac, and Microsoft Works. Users could only be affected if they opened up a maliciously designed Word document. Microsoft itself claims in their security advisory that attacks have been limited, but hostile code is circulating on various malware sites. We are a week away from the next Patch Tuesday, so I'm guessing

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165680035366985942006-12-09T11:00:00.000-05:002006-12-09T11:00:35.366-05:00

Security researchers at Websense Security Labs report on a worm that is exploiting a bug on MySpace, along with the Apple QuickTime player's support of Javascript, to infect webpages on MySpace. After the infection, links on a MySpace profile may get replaced with links to phishing sites. If you see an empty QuickTime video, or it looks like your links have been changed, you may have been

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165680010106268772006-12-09T10:59:00.000-05:002006-12-09T11:00:10.106-05:00

You will not be able to install the Microsoft Zune software on a Microsoft Windows XP Media Center 2005 computer unless you have installed the Rollup Update 2 for the Media Center. Without it, you will get this blunt error message: "Operating System Not Supported" To achieve compatibility, get the update at http://support.microsoft.com/kb/900325. Also, the Zune software is

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165679975072429872006-12-09T10:58:00.001-05:002006-12-09T10:59:35.073-05:00

The latest in a series of ActiveX problems gives Microsoft another "win".http://www.bjkresearch.com/bugblog/month/index.cfm

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165679922838193832006-12-09T10:58:00.000-05:002006-12-09T10:58:42.836-05:00

If you have upgraded to Windows Vista from Windows XP, and then on the same computer upgrade to Microsoft Office 2007 from some earlier version of Office, you may have a problem doing searches in Outlook 2007. If Outlook 2007 uses Rich Text Format (RTF) as its file type, none of your searches will find results within RTF messages. Microsoft has a fix for this. See the details at http://

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165679888263026762006-12-09T10:57:00.000-05:002006-12-09T10:58:08.263-05:00

Microsoft officially launched Vista on November 30. That's also the day that the anti-virus firm Sophos said that some malware already known to be on the Web can bypass Vista's defenses if downloaded through third-party Web-based email. Even if the malware gets through, however, other parts of Vista may still be able to stop it from causing damage. Read the whole thing at http://

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1165679852700250772006-12-09T10:56:00.000-05:002006-12-09T10:57:32.720-05:00

There is a bug in an ActiveX control for Adobe Reader 7.0.x and Adobe Acrobat 7.0.x that may allow an attacker to crash a computer after opening a corrupt PDF. However, it only affects you if you click on a link within Microsoft Internet Explorer to view a PDF file. Adobe's suggested workaround is to delete the ActiveX control. This means you won't be able to view PDFs from within IE; however,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1164213575362986442006-11-22T11:39:00.000-05:002006-11-22T11:39:35.363-05:00

According to Apple, if you do an Archive and Install of a Mac OS X 10.4 computer, and you have Adobe software installed, you might have to re-activate the software. To find the various ways that activation of Adobe software might screw you up, see http://www.adobe.com/support/techdocs/331418.html.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1164213534682772672006-11-22T11:38:00.000-05:002006-11-22T11:38:54.683-05:00

Adobe has an updated Flash Player 9.0.28.0 that patches a security bug that affects Flash Player 7.x, 8.x, and 9.x. The bug lets remote attackers modify HTTP headers which could then lead to HTTP Request Splitting attacks. Users of Flash Player 7-9 should get the latest player at http://www.adobe.com/go/getflashplayer. Note that Microsoft also issued a security bulletin on the same day about

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1164213504322609852006-11-22T11:37:00.001-05:002006-11-22T11:38:24.323-05:00

Microsoft says that their Microsoft Agent software technology has a critical bug that may allow a hostile website to completely control your computer. To fall victim, you would need to visit a website that links to a malicious .ACF file. This is a Critical bug for Windows 2000 and Windows XP, and a Moderate bug for Windows Server 2003. There is information on a temporary workaround, plus links to

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1164213465496239712006-11-22T11:37:00.000-05:002006-11-22T11:37:45.496-05:00

Cisco says their Cisco Secure Desktop (CSD) 3.1.1.33 and earlier software has three bugs that lessen security. One bug may leave information from an Internet browsing session using SSL VPN (Secure Socket Layer on a Virtual Private Network) on a computer after the session ends. Another bug will let users leave the Secure Desktop when they shouldn't, and then third lets local users gain extra

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1164213431018545032006-11-22T11:36:00.000-05:002006-11-22T11:37:11.033-05:00

Microsoft eliminated a number of file import filters for some really old file formats. According to Microsoft, Excel 2007 won't be able to open or save in these formats: WK1 (1-2-3), WK4 (1-2-3), WJ3 (1-2-3 Japanese) (.wj3), WKS (1-2-3) WK3 (1-2-3), WK1,FMT(1-2-3), WJ2 (1-2-3 Japanese) (.wj2), WJ3, FJ3 (1-2-3 Japanese), DBF 2 (dBASE II), WQ1 (Quattro Pro/DOS), WK3,FM3(1-2-3), Microsoft Excel

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1163526419796600192006-11-14T12:46:00.000-05:002006-11-14T12:46:59.796-05:00

There is a bug in the way that Mozilla Firefox, Thunderbird, and SeaMonkey handle RSA digital signatures. If the signatures use a low exponent, they could be forged. Mozilla fixed this in Firefox 2, but the fix was incomplete in Firefox 1.5.0.7. They have come out with a bug fix release, Firefox and Thunderbird version 1.5.0.8, and SeaMonkey 1.0.6, to take care of this and a few other bugs.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1163526382121034742006-11-14T12:45:00.001-05:002006-11-14T12:46:22.123-05:00

f you are a WordPress blogger, (hmm, maybe I shouldn't mention that here at Blogger) it's time to upgrade. WordPress has released WordPress 2.0.5, which has around 50 bug fixes. Some of the fixes tighten security, including in the wp-db-backup plug-in. You can get the upgrade at http://wordpress.org/download/.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1163526341389159752006-11-14T12:45:00.000-05:002006-11-14T12:45:41.390-05:00

Microsoft has issued a Security Advisory about a bug in the XMLHTTP 4.0 ActiveX Control. This control is part of Microsoft XML Core Services 4.0 on Windows, which should be present on Windows 2000, Windows XP, and Windows Server 2003 computers, even if the users don't know it. However, Windows Server 2003 users running with Enhanced Security Configuration on will not be vulnerable. An attack

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1163526310488206312006-11-14T12:44:00.000-05:002006-11-14T12:45:10.503-05:00

There is a new SMC firmware update for Apple MacBooks running Mac OS X 10.4.7 and 10.4.8. This update is supposed to improve stability and also cure unexpected shutdowns, what outsiders (but not Apple) refers to as "random shutdown syndrome." Get the update at http://www.apple.com/support/downloads/macbooksmcfirmwareupdate11.html.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1162861034951361362006-11-06T19:56:00.001-05:002006-11-06T19:57:14.953-05:00

McAfee reports that after you upgrade to Microsoft Internet Explorer 7, you will have problems updating McAfee Consumer 2006 products. By their count, you will see nine different yellow Information Bar warnings before you will be able to update their products. If you need help, McAfee has a 25 step workaround listed at http://ts.mcafeehelp.com/faq3.asp?docid=410052.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1162860999353439742006-11-06T19:56:00.000-05:002006-11-06T19:56:39.353-05:00

Once you have installed Microsoft Internet Explorer 7, you must take special precautions before you do a Windows XP repair installation. If you don't, you will break Internet Explorer. (Probably because the repair installation will write a whole bunch of older IE 6 DLL files.) Microsoft says you must uninstall IE 7 before doing the repair installation -- assuming your computer is functioning well

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1162860957917436432006-11-06T19:55:00.000-05:002006-11-06T19:55:57.940-05:00

If you first install Microsoft Windows Media Player 11 on a Windows XP computer, and then you try to authorize your Microsoft Xbox 360 to use it with Windows Media Connect, you may get an error message and the authorization won't take place. Microsoft has a workaround for this listed at http://www.microsoft.com/windows/windowsmedia/player/11/readme.aspx#

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161993646307394042006-10-27T20:00:00.000-04:002006-10-27T20:00:46.306-04:00

Secunia has a report of a bug in Microsoft Internet Explorer 7. It may be possible for attackers to create a pop-up window that will have a spoofed and misleading address bar, with only part of the address displayed. This could be used as part of a phishing scheme to trick users into disclosing information to a malicious website. You can see the details at http://secunia.com/advisories/22542/,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161993594045681422006-10-27T19:59:00.000-04:002006-10-27T20:00:05.666-04:00

The newly-released Mozilla Firefox 2 includes a Session Restore feature. This means that connections to some sites that log you in via cookies, like Gmail, will automatically be restored after a browser crash. You may not want that to happen if you share a computer. If so, you will need to turn off this feature via the browser.sessionstore.resume_from_crash setting. If you are not familiar with

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161880463058738662006-10-26T12:33:00.000-04:002006-10-26T12:34:23.116-04:00

Anti-virus signatures for Symantec AntiVirus were shipped that apparently triggered a false positive alert that the sfc.dll file in Windows XP and 2000 (which powers Windows File Protection) was the Infostealer.Banpaes virus. Symantec then disabled sfc.dll, and prompts you to reboot the computer. When you try to reboot, a Windows XP computer may reboot continuously, and Windows 2000 may blue

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161725719586940522006-10-24T17:34:00.000-04:002006-10-24T17:35:19.586-04:00

Microsoft has re-released their MS06-061 Security Bulletin, which fixed a bug in Microsoft XML Core Services. The first version of their patch did not correctly kill off the flawed version of the Microsoft XML Parser 2.6 if you are running Windows 2000 Service Pack 4. This is a critical security update that helps prevent remote attackers from running their code on your computer. If you haven't

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161725673426284352006-10-24T17:33:00.000-04:002006-10-24T17:34:33.436-04:00

The first bug in Microsoft Internet Explorer 7 is being discussed. It is a problem in redirection handling with the "mhtml:" URI handler. However, according to the Internet Storm Center, this bug is actually something left over from IE 6. It appears that for compatibility reasons, Microsoft included an older MSXML ActiveX component that had this bug, which they say was announced at http://

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161605498933207302006-10-23T08:11:00.000-04:002006-10-23T08:11:38.933-04:00

Microsoft Internet Explorer 7 can no longer be considered beta software - so it's time for the BugBlog to start taking a look. The good news is that IE 7 imposes a lot more security on ActiveX controls. That's good -- although it was Microsoft who foisted ActiveX on us in the first place. This review of IE 7 at eWeek talks about the increased security, which is a definite bug fix. Read the whole

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161605463607721052006-10-23T08:10:00.000-04:002006-10-23T08:11:03.620-04:00

Opera 9 has a heap overflow bug that may cause the browser to crash when it tries to handle a very large link. Opera says they have fixed this in Opera 9.02, and that the impact of the bug is a denial of service attack. They also credit iDefense for finding this bug. According to iDefense, the size of the link only has to top 256 characters, and it can be hidden in an iframe. They also say that

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161258255455540932006-10-19T07:43:00.000-04:002006-10-19T07:44:15.466-04:00

Netflix has fixed a bug on their site that may allow an attack called Cross Site Request Forgery. This type of attack may allow an outsider to change your address, add movies to your queue, and otherwise manipulate your account. An attack like this works if you normally stay logged in to a site, and you visit another hostile website that includes code to take advantage of the weakness. Other Web

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161093790271793632006-10-17T10:02:00.000-04:002006-10-17T10:03:10.273-04:00

One of the Microsoft Excel 2003 financial functions will give you the wrong answer under a particular set of inputs. If you are using the YIELD function, and the security settlement date is the 30th or 31st of the month, the maturity date is the 30th or the 31st of the same month, and the Basis parameter is 4. Microsoft has a hotfix at http://support.microsoft.com/kb/925797, which must be applied

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161093750938558492006-10-17T10:01:00.000-04:002006-10-17T10:02:30.940-04:00

With the official release of Microsoft Internet Explorer 7 soon upon us, you may want to know that Microsoft's IEBlog is reminding everyone that they recommend that you temporarily turn off all you anti-virus and and anti-spyware applications before you install IE7. They say that the installation makes so many Registry changes that it may look suspicious to your AV software, which may interfere

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1161093649010255512006-10-17T10:00:00.000-04:002006-10-17T10:00:49.023-04:00

When you install America Online 9.0 Security Edition, it installs an ActiveX control, AOL.PicDownloadCtrl.1t, that is marked as being safe for scripting. Security researchers at iDefense discovered a buffer overflow in this control, which means it is not safe for scripting. A malicious website could take advantage of this to run code on your computer. If you use AOL 9.0 or AOL 9.0 Security

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160668023626195332006-10-12T11:46:00.000-04:002006-10-12T11:47:03.640-04:00

There are two bugs in Microsoft Windows Server Services, that affect Windows 2000, Windows XP, and Windows Server 2003. According to Microsoft, these bugs may allow a remote attacker to trigger a denial of service attack via a network message. According to eEye Digital Security, there is also a risk of the attacker running their code on your computer. By default, most firewalls are configured to

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160587155324393722006-10-11T13:18:00.000-04:002006-10-11T13:19:15.350-04:00

Another bug in an ActiveX control puts users of Windows 2000, Windows XP, and Windows Server 2003 in jeopardy. The bug is in the WebViewFolderIcon ActiveX control, and if you visit a malicious website (using Microsoft Internet Explorer) that tries to exploit this bug, the bad guys may take complete control of your system. This is rated a Critical bug for Windows 2000 and Windows XP by Microsoft,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160344475226062192006-10-08T17:54:00.000-04:002006-10-08T17:54:35.240-04:00

October 10 is Patch Tuesday, and it will be an extra special one. Microsoft has announced that there will be six security bulletins for Windows, and at least one of them is rated Critical. There will be four security bulletins for Microsoft Office, and at least one will be Critical. There will also be one security bulletin for the Microsoft .NET Framework. That one is only rated Moderate. Look

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160162583652068102006-10-06T15:21:00.000-04:002006-10-06T15:23:03.660-04:00

Security researchers at Tipping Point found a number of buffer overflow bugs in CA BrightStor ARCserve Backup R11.5, BrightStor Enterprise Backup 10.5, BrightStor ARCserve Backup v9.01, and CA Server Protection Suite r2. The bugs may let remote attackers run code against the various CA products. Fix information is at http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160102852202629142006-10-05T22:46:00.000-04:002006-10-05T22:47:32.203-04:00

If it's worth an early patch, it's worth the Bug of the Month.Read the whole thing here

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160102770491533952006-10-05T22:45:00.000-04:002006-10-05T22:46:10.493-04:00

When using the ATI Multimedia Center 9.15 software with an ATI multimedia card, you may sometimes get a corrupted database for the TV listings. This may prevent the TV Guide software from starting. Fix this by going to the Windows XP Control Panel Add/Remove Programs applet. Select the Gemstar GUIDE Plus+ program, and then select Repair. After repairing, when you run the GUIDE again you will need

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160044462676178542006-10-05T06:33:00.000-04:002006-10-05T06:34:22.676-04:00

The 10/2 Mozilla JavaScript bug report was a hoax. While there is a bug that may be used to crash your browser, attackers can't use it to run hostile code on your computer. Any other claims by the two researchers, who probably won't be invited back to make any more presentations, should also be considered fraudulent. While the BugBlog often reports on what independent researchers say (and these

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1160044407070931322006-10-05T06:32:00.000-04:002006-10-05T06:33:27.080-04:00

There is a bug in McAfee ProtectionPilot 1.1.0 and McAfee ePolicy Orchestrator 3.5.0 that may allow remote attackers to run their own code on the "protected" computer. This happens via a boundary error when dealing with long source errors. You can find links to the patches at http://secunia.com/advisories/22222/. According to at least one news story, McAfee was alerted to the bug in July, but the

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1159899533927729782006-10-03T14:18:00.000-04:002006-10-03T14:19:37.343-04:00

There is a bug in Mozilla Firefox's implementation of JavaScript, and it may allow malicious websites to run their code on your computer due to a stack overflow error. The bug was found by Mischa Spiegelmock, of SixApart, and Andrew Wbeelsoi. A spokesperson for Mozilla said that the issue looks genuine. Also, enough details were disclosed during the presentation that attacks may be mounted. Read

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1159817084508138032006-10-02T15:23:00.000-04:002006-10-02T15:24:44.510-04:00

There is a bug in the way that Mac OS X 10.4.x computers view JPEG2000 images. An attacker may be able to construct one of these images that can either crash the application viewing it, or run hostile code on your machine. Apple has fixed this in the Security Update 2006-006 and have also patched it in Mac OS X 10.4.8. They credit Tom Saxton of Idle Loop Software Design for finding this bug.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1159646777632638422006-09-30T16:05:00.000-04:002006-09-30T16:06:17.633-04:00

Adobe says that you may get an error message in Macromedia Dreamweaver that says:Parameter is incorrect.(That happens to be an error message that I run into a lot in Dreamweaver.) Adobe says this may happen when you try to save a file to an offline mapped networked drive, when you do a File>New>Templates tab command, or when you Put, Get or Synchronize files to or from a remote server. (Alas,

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1159646684069752692006-09-30T16:03:00.000-04:002006-09-30T16:04:44.076-04:00

At the risk of turning the BugBlog into "All Microsoft, All of the Time" -- US-CERT reports on another bug in an ActiveX control, which will cause a security problem for Microsoft Internet Explorer. This time it is the Microsoft Windows WebViewFolderIcon ActiveX control, and because of an integer overflow a remote attacker may be able to run their code on your computer. There is no fix for

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.comtag:blogger.com,1999:blog-35142568.post-1159398266720377032006-09-27T19:03:00.000-04:002006-09-27T19:04:26.720-04:00

Microsoft has issued an out-of-cycle security bulletin (meaning they didn't wait for Patch Tuesday) for the VML Buffer Overrun bug in Microsoft Internet Explorer. This bug was being actively exploited by hostile web sites, and could completely take over your computer, as shown in the 9/26 and 9/20 BugBlogs. Get the patch at http://www.microsoft.com/technet/security/bulletin/ms06-055.mspx.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.com0tag:blogger.com,1999:blog-35142568.post-1159398103993854262006-09-27T19:00:00.000-04:002006-09-27T19:01:44.003-04:00

In case something ever happens to the real BugBlog (at www.bjkresearch.com/bugblog) this can serve as a backup.

Bruce Kratofilhttp://www.blogger.com/profile/16012744889552812919noreply@blogger.com0