<< Small biz news this week - March 14, 2004 >>
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 03/15/04
- Next message: Bayo: "Apple mail Client"
- Previous message: Merv Porter [SBS-MVP]: "Re: Where is Exchange Admin in SBS 2000?"
- Next in thread: IBC: "Re: << Small biz news this week - March 14, 2004 >>"
- Reply: IBC: "Re: << Small biz news this week - March 14, 2004 >>"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 14 Mar 2004 23:59:43 -0800
This weeks Security bulletins.....
1. Windows media
known issues reported - none
2. Office/Outlook [now critical]
Known issues reported - YES see link
http://www.slipstick.com/outlook/ol2002sp3.htm#problems
3. MSN IM
Known issues - not SUSable, Not WUable and isn't [at least for me] being
prompted. I think this is a sneaker net patch folks.... I'll keep you
posted.
Microsoft Security Bulletin MS04-008 describes a possible DoS condition
within Windows Media Services. The issue affects only Microsoft Windows
2000 Server Service Pack 2, Microsoft Windows 2000 Server Service Pack
3, and Microsoft Windows 2000 Server Service Pack 4. The only vulnerable
version of Windows Media Services is version 4.1 for Windows Server
2000. If you are unable to patch an affected system, a possible
work-around would be to block port 7007 and 7778 at the firewall. Note:
Blocking port 7007 will keep multicast streams and playlists from being
streamed to the Internet. Blocking port 7778 will disable remote
administration of Windows Media Services. This issue is listed by
Microsoft as having a severity of "Moderate."
http://www.microsoft.com/technet/security/bulletin/MS04-008.mspx
Microsoft Security Bulletin MS04-009 describes a vulnerability in
Microsoft's HTML rendering code (on machines with Outlook 2002
installed) that could allow a malicious HTML to execute script code
within the "Local Machine" zone on an unprotected system. It appears
that anything that uses Microsoft's HTML rendering code on such a
machine could be vulnerable. The issue is caused by the way Outlook 2002
handles certain "mailto" URLs. Microsoft has listed this issue as having
a severity of "CRITICAL." {Note - this was revised on 4/10/2004 to be
critical}
http://www.microsoft.com/technet/security/bulletin/MS04-009.mspx
The third update, Microsoft Security Bulletin MS04-010, covers a
possible information disclosure in Microsoft MSN Messenger. This issue
affects Microsoft MSN Messenger versions 6.0 and 6.1, and does not
affect any versions of Microsoft Messenger. Because of a flaw in the way
that MSN Messenger handles file requests, a remote attacker could view
the contents of files at known locations on a user's system. Microsoft
has listed the severity of this issue as "Moderate."
http://www.microsoft.com/technet/security/bulletin/MS04-010.mspx
-----------------------------------
Wanting more training on Sharepoint?
Download details: SharePoint™ Developers' Conference 2003:
http://www.microsoft.com/downloads/details.aspx?familyid=d5bd33cb-4a0c-45c6-9bd3-091470db7943&displaylang=en
----------------------------------
News of interest this week....
SUS 2.0 readies for debut and beta
http://searchwin2000.techtarget.com/originalContent/0,289142,sid1_gci954219,00.html
http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=48499
---------------------------------
Security guide for smalll business
e-Security Guide for Small Business:
http://www.microsoft.com/smallbusiness/desktopsecurity/pdf.mspx
----------------------------------
http://www.microsoft.com/downloads/details.aspx?familyid=ed182a96-f3a6-4fdd-862b-1ae03dc130c1
The CopyProfile tool enables an administrator to copy the user profile
of one user to another user from the command line.
------------------------------------
Hacking:
1. 13-year-old hacker wiped out school records from computer system -
http://www.newsnet5.com/news/2910889/detail.html
2. Hosting company reveals hacks - http://www.securityfocus.com/news/8240
Internet:
MSN Messenger, Hotmail on the fritz -
http://news.com.com/2100-7355_3-5172979.html?part=rss&tag=feed&subj=news
Googling Up Passwords - http://www.securityfocus.com/columnists/224
The End of Passwords - "The way passwords are used is dangerous right now,"
said Michael Wood, vice president of sales at Lavasoft, a firm that produces
anti-spyware software. - http://www.ecommercetimes.com/perl/story/33103.html
Army to Gates: Halt the free software -
http://news.com.com/2100-1012_3-5171976.html?tag=nefd_lede
Vulnerability Advisory:
Potential Security Risk with Macromedia E-Licensing Client Activation Code -
http://www.securityfocus.com/advisories/6449
Eeye reports vulnerability with Symantec Internet Security & Personal
Firewall 2004 - http://www.eeye.com/html/Research/Upcoming/20040309.html
Spam:
Office XP update interferes with spam filters -
http://www.microscope.co.uk/articles/article.asp?liArticleID=129108&liArticleTypeID=1&liCategoryID=2&liChannelID=22&liFlavourID=2&sSearch=&nPage=1
Study: Spam Filters Often Lose E-Mails -
http://www.greenwichtime.com/technology/ats-ap_technology15mar11,0,3826728.story?coll=sns-technology-headlines
Spyware:
Spy vs Spy: Ad-aware vs Spybot S&D -
http://www.flexbeta.net/main/articles.php?action=show&id=39
Security Tools:
Symbiot launches DDoS counter-strike tool -
http://news.zdnet.co.uk/0,39020330,39148215,00.htm
------------------------------
- - - - - - - - - -
FBI adds to wiretap wish list
A far-reaching proposal from the FBI, made public
Friday, would require all broadband Internet
providers, including cable modem and DSL companies,
to rewire their networks to support easy wiretapping
by police. The FBI's request to the Federal
Communications Commission aims to give police ready
access to any form of Internet-based communications.
If approved as drafted, the proposal could dramatically
expand the scope of the agency's wiretap powers,
raise costs for cable broadband companies and
complicate Internet product development.
http://zdnet.com.com/2100-1105_2-5172948.html
http://news.com.com/2100-1028_3-5172948.html
- - - - - - - - - -
House Democrats score DHS on IT inadequacies
Democrats on the House Homeland Security Committee
say the new department is not doing enough to defend
the nation’s information infrastructure or to leverage
IT in its own activities. “The administration should
have as its goal nothing less than ‘network-centric
homeland security’ akin to ‘network-centric warfare,’”
which proved so successful in the Iraq conflict,
the Democrats said in a recent report.
http://www.gcn.com/vol1_no1/daily-updates/25249-1.html
- - - - - - - - - -
- - - - - - - - - -
Internet companies launch major legal attack on spammers
The nation's largest Internet service providers
announced lawsuits against some of the biggest
spammers Wednesday, saying they will use a new
federal anti-spam law to put them out of business.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8152162.htm
http://zdnet.com.com/2100-1105_2-5172038.html
http://www.cnn.com/2004/LAW/03/10/spam.suits.ap/index.html
http://www.wired.com/news/business/0,1367,62606,00.html
http://www.theregister.co.uk/content/55/36167.html
http://www.washingtonpost.com/wp-dyn/articles/A46048-2004Mar10.html
http://msnbc.msn.com/id/4496759/
http://www.usatoday.com/tech/news/2004-03-10-spam-suit_x.htm
- - - - - - - - - -
Anti-piracy directive could expose consumers
The Intellectual Property Rights Enforcement
Directive, passed by the European Parliament
on Tuesday, could mean significant legal changes
for firms and individuals, say civil liberties
groups.
http://news.zdnet.co.uk/0,39020330,39148212,00.htm
Consumers challenge FCC antipiracy rules
http://news.com.com/2100-1025_3-5172171.html
The rethinking of computer security
http://news.com.com/2010-1071_3-5171969.html
Private Sector and Cybersecurity
http://discuss.washingtonpost.com/wp-srv/zforum/04/r_technews_white031004.htm
- - - - - - - - - -
Hacking tools tipped to become weapons of the state
Cyberspace will soon come under much greater legal
control, according to one expert - who forecasts
that denial of service attacks will eventually
be ordered by courts of law against offenders.
Governments could soon be using hacker tools
for law enforcement and the pursuit of justice,
according to an expert on IT and Internet law.
http://news.zdnet.co.uk/business/0,39020645,39148211,00.htm
- - - - - - - - - -
Identity breach risk accelerates
Security breaches resulting from identity management
flaws are rising and creating huge problems for
businesses, research shows.
http://www.vnunet.com/News/1153394
Computer crime: information for consideration
http://www.crime-research.org/news/03.10.2004/126
- - - - - - - - - -
Extrusion: The story of 'trusted' digital insider theft
"The risk of cyber attacks continues to be high.
Even organizations that have deployed a wide range
of security technologies fall victim to significant
losses. ...The percentage of incidents that are
reported to law enforcement agencies remains low ...
Attackers may reasonably infer that the odds against
heir being caught and prosecuted remain strongly
in their favor."
http://computerworld.com/securitytopics/security/story/0,10801,90952,00.html
- - - - - - - - - -
Outlook flaw riskier than thought
Microsoft has raised the severity rating of an
Outlook flaw to "critical," the highest level,
after its initial analysis was challenged by
the researcher who found the security hole.
The vulnerability in Outlook 2002, first publicized
on Tuesday, when Microsoft released a patch, could
allow an attacker to use a malicious Web site
to cause an affected PC to download and execute
a program.
http://news.com.com/2100-1002_3-5172179.html
http://www.newsfactor.com/story.xhtml?story_title=Microsoft_Patches_Non_Critical_Flaws&story_id=23326
Microsoft issues March security bulletins
http://www.pcpro.co.uk/?http://www.pcpro.co.uk/news/news_story.php?id=54633
Cisco slammed despite upgrades
http://news.zdnet.co.uk/communications/networks/0,39020345,39148206,00.htm
- - - - - - - - - -
Apple OS X Server is most secure system
An independent study by British cyber security firm,
mi2g, has found Apple's OS X Server and the Berkely
Software Distribution (BSD) open source systems on
which it is based, to be the most secure online server
operating systems in the world, according to a recent
report published at www.maccentral.com.
http://www.itweb.co.za/sections/computing/2004/0403090813.asp
-- http://www.sbslinks.com/really.htm
- Next message: Bayo: "Apple mail Client"
- Previous message: Merv Porter [SBS-MVP]: "Re: Where is Exchange Admin in SBS 2000?"
- Next in thread: IBC: "Re: << Small biz news this week - March 14, 2004 >>"
- Reply: IBC: "Re: << Small biz news this week - March 14, 2004 >>"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
