Lucky 7 patches from Microsoft this week

Virus and Bug Patch Alert This newsletter is sponsored by Cisco/Verizon Multicast on Private IP The information in this paper illustrates the basics of multicast along with a discussion of multicast across the Private IP network. Click here to read more now! Network World's Virus and Bug Patch Alert Newsletter, 05/07/07 Lucky 7 patches from Microsoft this week By Jason Meserve Today's bug patches and security alerts: Microsoft: Seven patches coming this week Two of the seven bulletins slated for the May 8 release involve Windows, three affect Microsoft Office, and one each impact Microsoft Exchange and the cryptography API within BizTalk Server. At least five of the seven updates will be pegged critical, Microsoft's highest threat score in its four-level system, according to the advance notification posted Thursday. Computerworld, 05/03/07. Network World Security Buyer's Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyer's Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyer's Guide now. Also: Microsoft promises DNS patch Tuesday ********** Montage update fixes bugs Mariner Software on Wednesday released Montage 1.2.2, a free update to their screenwriting software for Mac OS X. MacWorld, 05/02/07. ********** Ubuntu patches net-snmp A flaw in the way Ubuntu's net-snmp handles certain TCP packets could be exploited by an attacker in a denial of service attack against an affected system. An update is available. ********** Mandriva patches xscreensaver A flaw in the xscreensaver could be exploited by an attacker to crash an affected system's network connection and bypass xscreensaver's authentication system. An update is available. ********** Five new updates from rPath: gimp (code execution) net-snmp (denial of service) xscreensaver (authentication bypass) lftp (code execution) kernel (multiple flaws) ********** Malware news of the day: Trojan impersonates Windows activation to snatch data Symantec researchers Friday warned of an in-the-wild Trojan horse that poses as a Windows activation program to dupe users into entering credit card information in an attempt to reanimate their machines. Computerworld, 05/04/07. ********** From the interesting reading department: New bug-a-day project targets Microsoft's ActiveX Another bug-a-day campaign surfaced Tuesday as the "Month of ActiveX Bugs" debuted. Although some researchers have already dismissed the project as copycat, others are warning its findings might put Windows users at risk of attack. Computerworld, 05/02/07. Microsoft rolls out client-based spyware tool Forefront Client Security is a time saver for busy administrators, but may not be a definitive answer for enterprise malware protection. Network World, 05/05/07. Reading LCD Displays at a Distance We all know that CRT displays radiate like mad, and someone with the right equipment can read them at a distance. Marcus Kuhn demonstrates how to do the same thing with LCD displays. Schneier on Security blog, 05/04/07.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Homeless man disrupts Internet2 service 2. Top 15 all-time 'network-iest' TV characters 3. Top 15 controversial Microsoft quotes 4. The 50 best consumer tech products ever 5. Is MPLS alternative DOA? 6. Google home page bug strikes again 7. Court rejects Vonage request for retrial 8. Slideshow: Cisco's New Catalyst 6500 blade 9. What's a Microsoft-Yahoo merger mean for Google? 10. Provider exec: SLAs are just 'marketing fodder' MOST DOWNLOADED PODCAST: Don't take DNS for granted

Contact the author: Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog. Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair" This newsletter is sponsored by Cisco/Verizon Multicast on Private IP The information in this paper illustrates the basics of multicast along with a discussion of multicast across the Private IP network. Click here to read more now! ARCHIVE Archive of the Virus and Bug Patch Alert Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007