Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
13 December 2004  
Untitled Document
Sections

Market
Management
Technology
Technology Life
Colour In Office

Columns

Between The Bytes

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp. Hotelier & Caterer
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Technology - Article

Updates

A compilation of the latest information about Virus, Security and Patches which could be vital for your system Java plugin vulnerable

Finnish security researcher Jouko Pynnonen has found a vulnerability in the Java plugin from Sun Microsystems that is used by most Web browsers. A malicious applet can circumvent the Java sandbox by exploiting this vulnerability. Java Runtime 1.4.2_05 and older versions are vulnerable. As the vulnerability is in the Java plugin, it affects all popular browsers on Windows and Linux. Experts recommend that you patch the Java runtime on your system from http://java.sun.com/j2se/1.4.2/ download.html

A sober worm

WORM_SOBER.I has been rated a medium risk with high damage potential. The worm arrives in an email message that appears to be sent by somebody you know. The message body is:

*-*-* Mail_Scanner: No Virus

*-*-* <domain>- Anti_Virus Service

*-*-* http://www.<domain>

The worm is attached to this message. It executes and infects when you double click the attachment whereupon it displays a fake WinZip message box designed to trick users into thinking that the worm file is damaged and isn’t actually running. In fact, by the time you see this dialog box, your system will have been infected. The worm isn’t expected to have a significant impact upon corporate mail servers as it does not get email targets from global address books restricting itself to files upon the infected computer. This worm runs on all desktop versions of Windows.

Winamp buffer overflow

Researcher Brett Moore of Security-Assessment.com has announced that the popular MP3 player, Winamp 5.05 and 5.06 have a remotely exploitable stack based buffer overflow. Nullsoft has confirmed that this bug affects Winamp 3.0, 5.0 and 5.0 Pro or newer versions.

The overflow can be caused in many ways, the most dangerous being through a malformed .m3u playlist file. When hosted on a website, these files will be automatically downloaded and opened in Winamp without any user interaction. This is enough to cause the overflow that would allow a malicious playlist to overwrite EIP and execute arbitrary code.

The short-term solution is to disassociate “.cda” and “.m3u” extensions from Winamp until a fixed version is made available by the vendor.

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Bombay) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Bombay) Limited. Site managed by BPD.