I’m not quite sure if I’m willing to attribute to design, what I could attribute to a mistake… but, slashdot has pointed out that Steve Gibson in his latest Security Now! podcast (link is to transcript), is suggesting that it appears as though the WMF vulnerability of recent weeks appears (to him) to have been INTENTIONALLY included as a means of a remote backdoor.
For several years now, I’ve used Mondorescue as a backup solution for those customers with a Linux server. It makes for a nice, easily scriptable backup that can go ahead and burn to disc, *(or tape or another pc….) My preferred way of doing this has been a full mondorescue backup to dvd (usually one or two discs) and a couple “incremental” backups each week. The client site handles swapping the discs as needed *(I’ve got reminder emails scripted) and they rotate through two sets of discs. Since mostly, these backups are kept onsite, once a month I burn a copy to move offsite.
I’ve got a couple of older Mandrake 10.0 servers that I’m still maintaining. They’re systems that it hasn’t been practical (yet) to do an upgrade to a more recent release of the base operating system. Two of those are currenlty using Clamantivirus for their mailscanning. So, with the recent security vulnerability an update was needed. I basically took the clamav 0.88 source rpm from cooker and rebuilt on a 10.0 system. For convenience I’m posting ALL of these for download. So…. I’ll post the original src rpm from Mandriva cooker. (Which you could make use of to rebuild for another release of Mandrake.) And also the resulting built rpm’s….
Good news for Windows XP users (especially XP Home). Microsoft has extended the support period for XP Home and Pro. Originally, security patch related support was expected to end December 31st of this year. According to the article for XP Home…
So for the consumer versions of Windows XP, mainstream support was going to end on December 31, 2006 and there was no guarantee of any security hot-fixes beyond that time. Microsoft has now extended the mainstream support deadline for the consumer versions to an undefined date that is two years after the release of the follow-on operating system.
There are a number of vulnerabilites reported with Apple Quicktime player related to the way it handles various file formats. Quicktime Player 7.0.4 is the current released GOOD version, everything from 7.0.3 and prior are vulnerable. The Security Fix has some details. There were a total of about 8 vulnerabilities fixed in 7.0.4 and they affect both Windows And Mac….
Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and vulnerability patching for the last 2 years from Microsoft. (That is for vulnerabilities that were submitted to Microsoft through the normal process…)
The identities of 50,000 customers of the Atlantis resort in the Bahamas has been lost. The information was copied from the hotel’s customer database and can include credit card information as well as social security numbers as well.
There has been a bugfix release to Crossover Office, released by Codeweavers. Crossover Office is an offshoot of the Wine project, which is a windows compatibility suite for Linux, to allow Windows applications to run under modern Linux operating systems. It was found recently that wine suffered from the WMF vulnerability just the same as Windows. The new release is 5.0.1, notes on what has changed can be found here.
Brian Krebs at the SecurityFix has the story. Symantec, has fixed a problem with their SystemWorks and SystemWorks premier software that could allow malicious software to hide in the Norton Protected Recycle Bin. That software, could have used the nprotect directory to evade detection by antivirus and antispyware programs.
There’s a good post at Spyware Confidential about the removal of the SpyAxe and SpywareStrike pests that are circulating widely these days. There is a good CastleCops Wiki page with Malware removal information on SpyAxe (With screenshots). Also, there is a good walkthrough of removal here, which includes instructions for smitremfix.
Bookmark this site now by pressing Ctrl+D
