PDF flaws patched; exploit in the wild

Security: Threat Alert This newsletter is sponsored by Sterling Commerce 10 Questions to Find the Best Tech Partner You can find the best technology partner for your company by answering 10 key questions about each vendor. After internal capabilities, resources and budgets are reviewed, IT professionals need to cut through the noise to learn important facts about each potential partner. Learn how. Download this whitepaper now. Network World's Security: Threat Alert Newsletter, 10/25/07 PDF flaws patched; exploit in the wild By Jason Meserve Today's bug patches and security alerts: Adobe patches critical PDF vulnerability Adobe patched its Reader and Acrobat programs today to fix a flaw that exposed most Windows XP users to exploits arriving in malicious PDF files. The patches are included in updates to Reader, the for-free PDF rendering utility, and Acrobat, Adobe's full-featured application; both have been tagged as Version 8.1.1. Webcast: Get the latest on NAC Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected. To learn more click here. Adobe advisory US-CERT advisory Also: Attack PDF prowls for unpatched Adobe Reader, Acrobat Russians behind attack PDFs, security researcher says ********** IBM fixes four flaws in Notes e-mail, Domino server IBM patched four vulnerabilities in its Notes and Domino e-mail software to plug holes that could be used to access information or infect systems with malicious code. Collectively ranked as "moderately critical" by Copenhagen-based bug tracker Secunia ApS, the four vulnerabilities involve Notes' Internet Message Access Protocol (IMAP) service; its scripting language, LotusScript; the Domino server's command console; and how both Notes and Domino map memory in Windows when they're used in a shared environment such as Citrix. Users can download the appropriate update from Lotus' Upgrade Central. Also: Symantec advisory: Lotus Notes Memory Mapped Files Vulnerability iDefense advisory: IBM Lotus Domino IMAP Buffer Overflow Vulnerability ********** Cisco investigating DoS flaw in EAP protocol Cisco is looking into a reported flaw in its Extensible Authentication Protocol (EAP) that could be exploited in a denial-of-service attack against devices running the protocol. Only a handful of access points are affected. ********** Asterisk team warns of SQL injection bug in add-on The cdr_addon_mysql add-on for the Asterisk open source PBX is vulnerable to SQL injection. Attackers could exploit this to view and corrupt data. A fix is available. ********** Seven new patches from Ubuntu: gnome-screensaver (authentication bypass) Thunderbird (multiple flaws) Firefox (multiple flaws) OpenSSL (denial of service, code execution) util-linux (security bypass) nagios-plugins (multiple flaws) dhcp (code execution) ********** Two new fixes from Debian: xfce4-terminal (code execution) reprepro (authentication bypass) ********** Three new updates from Mandriva: Firefox (multiple flaws) hplip (code execution) Tk (buffer overflow, code execution) ********** Five new patches from Gentoo: MLDonkey (authenication bypass) OpenOffice.org (heap overflow, code execution) Star (directory traversal) TRAMP (non-secure temp files) TikiWiki (code execution) ********** Today's malware news: Storm worm strikes back at security pros The Storm worm is fighting back against security researchers that seek to destroy it and has them running scared, Interop New York show attendees heard Tuesday. Network World, 10/24/07. ********** From the interesting reading department: TJX data breach affected 94 million cards, banks allege The TJX data breach affected more than 94 million credit and debit card accounts, more than twice the number acknowledged by the big retailer, a group of banks allege in a new court filing. TJX has previously acknowledged that 45.7 million card numbers were stolen in data breaches beginning in 2005. Network World, 10/24/07. Phishers (almost) scam grocery giant out of $10 million Apparently it's not just unwary individuals that fall victim to online scammers. Even large corporations, it seems, can get suckered into parting with their money by devious phishers. Case in point: Eden Prairie, MN.-based grocery chain Supervalu Inc., which earlier this year got conned into depositing more than $10 million into two fraudulent bank accounts before recognizing the ruse. Details of the case are contained in court documents filed in connection with two forfeiture cases stemming from the incident. Computerworld, 10/22/07. Malware on the rise as criminals target vulnerable firms Malicious code that installs files such as Trojans, password stealers, keyboard loggers and other malware on users' systems registered a fivefold increase in the first half of 2007, according to research released by Microsoft at the RSA Security conference in London. Computerworld, 10/23/07. ActiveX File Overwrite/Delete Vulnerabilities These days a new type of vulnerability is becoming more popular. It is an arbitrary file overwrite/delete vulnerability that can be exploited by attackers to overwrite or delete arbitrary files on an affected computer. These vulnerabilities exist particularly because of a registered ActiveX control failing to restrict which domains may load the control for execution. An attack exploiting this vuln can lead to arbitrary code execution by a remote attacker. Symantec Security Response blog, 10/23/07. Hackers gain access to private hotel network using Cisco VoIP Two security experts at hacker conference ToorCon9 in San Diego this week hacked into their hotel's corporate network using a Cisco VoIP phone. Cisconet blog, 10/22/07.   What do you think? Post a comment on this newsletter

MOST-READ STORIES: 1. Storm worm strikes back at security pros 2. Top 20 Firefox extensions 3. Unlimited gall to cost Verizon $1 million 4. 'Fire blogging' tech expert on the frontlines 5. Cisco's $330M buy into WiMAX 6. Ballmer disses Google on wireless plans 7. Why swearing at work is a good thing 8. ID thieves have 50% chance of going to prison 9. Wireless video transfers 100X faster than WiFi 10. Gartner's top 10 strategic technologies for 2008 MOST-DOWNLOADED PODCAST: Twisted Pair: Rumor Mill — Who's Buying Who?

Contact the author: Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog. Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair" This newsletter is sponsored by Sterling Commerce 10 Questions to Find the Best Tech Partner You can find the best technology partner for your company by answering 10 key questions about each vendor. After internal capabilities, resources and budgets are reviewed, IT professionals need to cut through the noise to learn important facts about each potential partner. Learn how. Download this whitepaper now. ARCHIVE Archive of the Security: Threat Alert Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007