Seven QuickTime bugs squashed

Security: Threat Alert This newsletter is sponsored by Secure Computing Webinar: Network Security Learn how token-based, one-time password authentication systems can help enterprises reduce business risk, better comply with regulations, are easy to manage and most importantly keep networks secure. Tune in to this webinar. Network World's Security: Threat Alert Newsletter, 11/08/07 Seven QuickTime bugs squashed By Jason Meserve Today's bug patches and security alerts: Apple patches seven QuickTime bugs Apple patched seven bugs in QuickTime Monday as it updated the media player to Version 7.3 for both Mac OS X and Windows. All but one of the vulnerabilities would be ranked critical by other vendors, but Apple does not rate flaws or assign an urgency score to patches. Instead, it uses the phrasing "arbitrary code execution" to note bugs that could be used by attackers to inject their own malicious software into an unpatched machine. Computerworld, 11/05/07. Webcast: Get the latest on NAC Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected. To learn more click here. Apple advisory US-CERT advisory ********** Microsoft to patch software driver vulnerability Microsoft has warned that a faulty driver used for copy protection could allow a hacker to gain high-level access to a PC. The problem lies with a driver called secdrv.sys, which is part Macrovision's SafeDisc software included with Windows Server 2003 and Windows XP. The software, which can block unauthorized copying of some media, also ships with Windows Vista, but that OS is not affected. Microsoft advisory ********** Macrovision patch service sports fatal flaw Macrovision Corp. yesterday patched a critical bug in the update service software it licenses to third-party developers as a researcher warned users to expect attacks. FLEXNet, an update add-on that Macrovision sells as an option to developers who use the company's InstallShield installer, includes an ActiveX control that sports a major design flaw, said Dave Zimmer, a security engineer at VeriSign's iDefense Labs. To exploit the bug, all hackers need to do is draw users who have the ActiveX control to a malicious site; the actual attack would be unnoticed. Computerworld, 11/01/07. Macrovision advisory ********** Salesforce.com falls for phishing scam, warns customers Salesforce.com is warning customers that they may be the targets of malicious software or phishing scams, after one of its employees was tricked into divulging a corporate password. In a note to customers, Salesforce said that online criminals have been sending customers fake invoices and, starting just a few days ago, viruses and key logging software. The e-mails were sent using information that was illegally obtained from Salesforce.com. IDG News Service, 11/06/07. Salesforce.com customer advisory ********** Seven new patches from Gentoo: Mono (buffer overflow, code execution) MadWifi (denial of service) libpng (denial of service) Python (code execution) Apache (multiple flaws) SiteBar (multiple flaws) Evolution (code execution) ********** Two new updates from rPath: Perl (code execution) pcre (multiple flaws) ********** Two new fixes from Ubuntu: CUPS (buffer overflow, code execution) libpng (denial of service) ********** Six new patches from Debian: gforge (temp files, denial of service) Iceape (multiple flaws) Perl (heap overflow, code execution) pcre3 (multiple flaws) perdition (format string, code execution) mono (integer overflow) ********** Four new updates from Mandriva: xfs (multiple flaws) netpbm (denial of service) ghostscript (denial of service) Perl (heap overflow, code execution) ********** Today's malware news: California Wildfire Scams Over the past week we have seen some scams purporting to be generating from the IRS. The scams are requesting donations for the wildfires that ravaged the Southern California region last week. Symantec Security Response blog, 11/06/07. Not a Good Sign Looks like the Mac Trojan we posted about last week was not an isolated incident. The gang behind it seems serious about targeting Mac users as well as Windows users. And they keep putting out slightly modified versions of the trojan for the Mac too. F-Secure Antivirus Research blog, 11/06/07. Spammers beg for money in pre-holiday blast A new spam campaign has emerged that tells stories of the hard-knock life, and then asks for money. According to security vendor Marshal, this new spam blast -- timed conveniently to coincide with the beginning of the holiday season of giving -- uses few technical tricks, relying instead on social engineering. In these e-mails, the spammer tells woeful life stories and asks for donations of used clothing, blankets and money. Network World, 11/07/07. ********** From the interesting reading department: Webroot warns of spoofed presidential campaign sites The growing use of the Internet as a communication and fund-raising medium by presidential candidates has a nasty new doppelganger -- an elaborate, if short-term, revenue stream flowing to online crooks. Computerworld, 11/02/07. Spam the vote: Ron Paul spam surfs into inboxes Spam supporting presidential hopeful Ron Paul filled inboxes this week as zombie computers spewed thousands of messages to recipients, according to spam experts. The spam supporting Paul was sent using the same illegal spam methods used to distribute masculinity enhancement products and pump-and-dump penny stock schemes. PC World, 11/05/07. Problem-driver database gets ticketed for security flaws The U.S. Department of Transportation isn't adequately protecting personal data stored in a national database that state motor-vehicle departments use to identify problem drivers, according to a report released last week by the DOT's inspector general. Computerworld, 11/05/07. Grand jury indicts ex-Fresno State students in grades-for-cash hack Two former Fresno State students were charged last week by a federal grand jury with hacking into the university's computer network as part of a grade-changing scheme. Computerworld, 11/05/07. Russian hacker gang goes dark to relocate; may be moving to China The Russian Business Network (RBN), a notorious hacker and malware hosting organization that operates out of St. Petersburg, Russia, has gone off the air, security researchers said today. Computerworld, 11/07/07. Editor's note: Starting the week of Nov. 19, subscribers to the HTML version of this newsletter will notice some enhancements to the layout that will provide you with easier and clearer access to a wider range of resources at Network World. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.   What do you think? Post a comment on this newsletter

MOST-READ STORIES: 1. 10 burning questions about Microsoft Office 2007 2. Cisco upgrades Catalyst switches for multimedia 3. Networking's 50 greatest arguments 4. Microsoft fires CIO 5. Linux guru's life, and life's work, hang in balance 6. Cell jamming a simple call for justice 7. Salesforce.com falls for phishing scam 8. Deconstructing the PC revolution 9. NY officials deny 'E-Z Pass speed trap' coming 10. 10G Ethernet data-center switch on tap FEATURED BUYER'S GUIDE: Unified Threat Management

Contact the author: Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog. Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair" This newsletter is sponsored by Secure Computing Webinar: Network Security Learn how token-based, one-time password authentication systems can help enterprises reduce business risk, better comply with regulations, are easy to manage and most importantly keep networks secure. Tune in to this webinar. ARCHIVE Archive of the Security: Threat Alert Newsletter. BONUS FEATURE 90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds. Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount) PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007