Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
06 March 2006  
Untitled Document
Sections

Market
Management
Technology
 Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology - Article

Kean Insight

Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

Trojan for Mac OS X

Malware Top 10
PERL_SHELLBOT.AI
PERL_MARE.C
ELF_MARE.C
OSX_LEAP.A
OSX_INQTANA.A
TROJ_DROPPER.AKD
ELF_LUPPER.F
TROJ_BAGLE.CW
WORM_BAGLE.EW
WORM_BAGLE.EV

(Source: Trend Micro
Period: Feb 13 to 18)

Leap-A could be the first Trojan to target Apple Computer’s Mac OS X. The malicious software has been nicknamed OSX/Oompa-A and the Loompa Trojan Horse by security experts. Classified as both a worm and a Trojan, Leap-A appears to have begun its movement after it was posted at a forum for Mac-related rumours. The file appeared as an external link promising pre-release screenshots of the upcoming Mac OS X 10.5, also known as Leopard. The Trojan affects only the OS X 10.4 platform and spreads via the Apple iChat instant messaging program. The program forwards itself as a compressed file called “latestpics.tgz” to all the contacts on the infected user’s buddy list each time the program starts up.

As reported by Sophos, the worm deletes files from the computer once installed. It also has aliases such as CME-4, MacOS/Leap, MacOS/Leap!tgz, OSX.Leap.A and OSX/Leap. The worm attempts to spread via the iChat instant messaging system, sending itself to available contacts on the infected users’ buddy list in a file called latestpics.tgz.

McAfee comments on Windows vulnerabilities

Microsoft has identified seven new vulnerabilities in its products. These have been reviewed by McAfee AVERT labs which recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee.

The vulnerabilities are:

MS06-004 - WMF image parsing memory corruption.
MS06-005 - vulnerability in Windows Media Player could allow remote code execution.
MS06-006 - vulnerability in Windows Media player plug-in with non-Microsoft Internet browsers could allow remote code execution.
MS06-007 - vulnerability in TCP/IP could allow denial of service.
MS06-008 - vulnerability in Web client service could allow remote code execution.
MS06-009 - vulnerability in the Korean input method editor could allow elevation of privilege.
MS06-010 - vulnerability in PowerPoint 2000 could allow information disclosure.

Of the seven vulnerabilities, two affect Microsoft Windows Media Player, and five vulnerabilities affect Microsoft Windows and Office. The most severe of these vulnerabilities is MS06-004 and MS06-005 affecting Internet Explorer and Microsoft Windows Media Player with a severity rating of critical.

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.