Premium Internet & Hosting Services since 1995
909.933.3650 | www.keyway.net.

 For All Users    For Advanced Users

+ = Microsoft Warns of Major Security Flaws in Windows Explorer

Microsoft has released a crucial update in order to patch three security holes:

Phishing Bug: A flaw in the way that Internet Explorer displays URLs in the address bar. By opening a specially crafted URL an attacker can open a page that appears to be from a different domain from the current location.

Download Extension Spoofing Flaw: Allows malicious Web sites to spoof the file extension of downloadable files. Typically, an attacker could embed a CLS (define) ID in a file name to fool users into opening malicious files as "trusted" file types.

Cross Site Scripting Vulnerability: Allows a malicious web site operator to misuse another web site as a means of attacking users.

Click here to download the update.

+ = RealOne Player Critical Security Flaw

Due to three security vulnerabilities in RealOne Player, hackers could seize control of users' computers under certain conditions. The specific exploits are:

1) To operate remote Javascript from the domain of the URL opened by a SMIL file or other file.
2) To fashion RMP files which allow an attacker to download and execute arbitrary code on a user's machine.
3) To fashion media files to create “Buffer Overrun” errors.

Real Networks strongly urges users to apply the new security patch. Click here for security patch.

++ = Linux kernel patch 2.6.

New Linux kernel patch 2.6.2rc2 is now available, and is recommended to patch two memory-handling security holes.

++ = Mydoom Clears Path for Doomjuice

A new worm known as "Doomjuice" is expected to attack computers infected by "Mydoom." To date the new virus has infected at least 30,000 computers worldwide. Like Mydoom.A and Mydoom.B, the new worm is designed to strike Microsoft Corp.'s Windows operating systems and is programmed to launch a worldwide attack on the web site of SCO, one of the largest UNIX vendors in the world. Doomjuice does not spread via e-mail, but enters via backdoor left open by Mydoom.

Microsoft MSN Messenger - Sensitive Information Leak

When using MSN Instant Messenger recipients are able to view your IP address. Disclosure of such sensitive information should be avoided by upgrading to the new MSN Messenger 6.1. Click here to preview and download the upgraded software from Microsoft.

Microsoft Windows Tip - Viruses Posing as Updates

Some viruses will pose as Microsoft software updates. Microsoft does not distribute updates of any kind via mass e-mail, and recipients should delete such e-mails without opening or previewing. Microsoft Windows users should utilize Windows Update. Note Windows XP operating systems will offer secure Microsoft-authorized updates via the following notification:

Click here for manual Windows XP auto-update setup instructions

IIS Lockdown and Urlscan

Microsoft's IIS is a common target for attackers due to information exposure and exploited buffer overflow vulnerabilities. Internet-borne worms such as NIMDA and Code Red thrive in such environments. Such attacks can be prevented with the use of Urlscan in conjunction with IIS Lockdown, which provides templates for the major IIS-dependant Microsoft products. IIS Lockdown Wizard works by turning off unnecessary features thereby reducing attack surface available to attackers. To provide defense in depth, or multiple layers of protection against attackers, URLscan, with customized templates for each supported server role, has been integrated into the IIS Lockdown Wizard.

Microsoft Windows - DNS Server Vulnerability

DNS cache pollution can occur if Domain Name System spoofing has been encountered. This data can be redirected to an unauthorized DNS server which is likely malicious in nature. This will only affect customers running their own DNS server. Currently no patch from Microsoft is available, however possible solutions include making hard registry changes. Click here for detailed instructions to make these changes.

Microsoft Internet Explorer - ExecCommand Access Violation

The ExecCommand method could be used to allow script code to execute on a vulnerable system in the security domain of a website in another browser window. This occurs due to a violation of the browser security zone policy. A patch has been released and can be found by going to Windows Update.

Keyway's "Security Alerts" is a continuously growing knowledge base. Please e-mail security@keyway.net to request an addition.

Business:
Residential:

 

 

 
Keyway's Technology Partners

© 1995 Keyway Internet Services, Inc. All rights reserved.
Terms of Service
Acceptable Use Policy
Privacy Policy

inalienable inalienable
Who Counts on Keyway?