|
[networknewsletters]
||
[Date Prev]
[12-2006 Date Index]
[Date Next]
||
[Thread Prev]
[12-2006 Thread Index]
[Thread Next]
[ECP] IN FOCUS: Tracking Zero-Day Vulnerabilities
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 19 Dec 2006 05:00:00 -0500
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com
Add your K12 SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/
Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/
Educational CyberPlayGround Network Newsletters Mailing List ©1994
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
=== CONTENTS ===================================================
IN FOCUS: Tracking Zero-Day Vulnerabilities
NEWS AND FEATURES
- FastMP3Search Dubbed Baddest of the Bad
- Websense Now Protects Citrix-based Virtual Applications
- Microsoft Word Vulnerable to Remote Code Execution
- Recent Security Vulnerabilities
PRODUCTS
- Improved Spam Filter for Postfix
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== IN FOCUS: Tracking Zero-Day Vulnerabilities ================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Zero-day vulnerabilities (vulnerabilities that are published before the
vendor has made a fix available) have been a part of computing since
computers were invented. Publishing information about vulnerabilities
too soon places the public at extreme risk, so you need to know about
zero-day vulnerabilities as soon as possible.
You can learn about new vulnerabilities through many channels. Mailing
lists are the primary method for disclosing zero-day vulnerabilities,
so you should subscribe to those lists that you think are important for
your security work. Web sites are another source of information about
zero-day vulnerabilities, and several track both vulnerabilities and
associated exploit code.
eEye Digital Security recently launched a new site called Zero-Day
Tracker. Although the eEye Research Team doesn't always post zero-day
vulnerabilities on day zero, you will find that new vulnerabilities do
appear on the site within a few days of their publication. What I find
most interesting about the site is that not only can you use it to
learn about new vulnerabilities, but you can use it to mine data
related to how vendors respond to zero-day vulnerabilities.
http://list.windowsitpro.com/t?ctl=435E2:7EB890
The site tracks the date of publication of new zero-day vulnerabilities
along with their perceived severity level, and eventually the date the
vendor releases a patch. This data provides a clear view of how long
the public is exposed to a given risk before the vendor provides some
sort of official fix to correct the problem.
For example, a quick glance at the site shows five high-risk
vulnerabilities in Microsoft products for which there is no patch. As I
write this, the newest of those is a Word vulnerability published a
couple days ago, and the oldest is a problem with an ActiveX control in
Visual Studio 2005 that has remained unpatched for 124 days.
You can view similar data for vulnerabilities for which the vendor has
released a patch. And the site doesn't confine itself to Microsoft
vulnerabilities, it also lists other mainstream vendors that provide
solutions for Windows platforms. So if you need to catch up on new
vulnerabilities and exploits for Windows-related products, the site is
a good place to visit. Consider bookmarking it.
Speaking of zero-day vulnerabilities, Windows Vista, recently released
to enterprises, has one, but it primarily affects Microsoft itself and
not so much the users of Vista.
Microsoft publishes a key management service that lets enterprise users
of Vista handle product activation without contacting Microsoft. With
the key management service in place, Vista periodically contacts the
service to keep the OS activated, and therein resides the
vulnerability.
Someone figured out how the key management service works, created a
hacked version, and published it on the Internet as an easily loadable
virtual machine (VM) image. So now people can download a copy of that
VM, place it on their network, and effectively run pirated copies of
Vista. This of course will cost Microsoft a lot of money in lost
licensing fees.
You might consider taking a look at the VM to figure out ways to detect
it so that you can ensure that nobody runs a copy on your network. You
can find a link to it on various Torrent tracker sites and standalone
Web sites. To find related info, search the Internet for the string
"Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates".
=== SECURITY NEWS AND FEATURES =================================
FastMP3Search Dubbed Baddest of the Bad
StopBadware.org undertakes an initiative to fight a plug-in that
secretly disables Windows Firewall and downloads several other malware
packages.
http://list.windowsitpro.com/t?ctl=435E4:7EB890
Websense Now Protects Citrix-based Virtual Applications
Websense Enterprise and Websense Web Security Suite have been
integrated with Citrix Presentation Server 3.0 and 4.0 to protect
browsers, email clients, and other applications.
http://list.windowsitpro.com/t?ctl=435E6:7EB890
Microsoft Word Vulnerable to Remote Code Execution
A newly reported vulnerability in Microsoft Word could allow an
intruder to launch remote code on an affected system.
http://list.windowsitpro.com/t?ctl=435E5:7EB890
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=435DC:7EB890
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=435E8:7EB890
No IT pro today works in a completely homogeneous environment, and with
virtualization, your chances of dealing with multiple OSs is
increasing. Attend TechX World--available online December 14--and find
out about virtualization, OS interoperability, directory and security
integration, and data interoperability. Register today for free!
http://list.windowsitpro.com/t?ctl=435E3:7EB890
Sure, you know you've got compliance mechanisms in place. But do you
have ways to easily and efficiently prove that your mechanisms are
working? Join us for this free seminar to learn how you can demonstrate
regulatory compliance for multiple regulations with fewer headaches.
You'll also find out what "evidence" means to the auditor and make sure
that you're collecting all the information you need!
http://list.windowsitpro.com/t?ctl=435D5:7EB890
Maximize your investment in your VoIP network by using all of its
capabilities. Learn to integrate Fax for IP to reduce TCO and increase
ROI for your investment. On-Demand Web Seminar
http://list.windowsitpro.com/t?ctl=435D6:7EB890
Discover a wealth of information about how to protect and secure your
data in the event of a disaster. You may not be able to predict the
exact details of a disaster, but you can be prepared with a solid
response for when one strikes. Disaster can strike anywhere--not just
where severe weather can hit--so make sure you're ready when it does.
Download your free copy of this eBook today!
http://list.windowsitpro.com/t?ctl=435DB:7EB890
Information is the "I" in "IT." Do you know where your information is?
Is it protected? Backed up? Download this free podcast today to find
out the top 5 reasons that you should be considering storage
consolidation.
http://list.windowsitpro.com/t?ctl=435D9:7EB890
=== FEATURED WHITE PAPER =======================================
The average enterprise spends nearly $10 million annually on IT
compliance. Download this free white paper today to streamline the
compliance lifecycle, and dramatically reduce your company's costs!
http://list.windowsitpro.com/t?ctl=435D7:7EB890
Bonus: Register for any white paper from Windows IT Pro during
December, and you could win a Nintendo Wii! View the full list of white
papers at http://list.windowsitpro.com/t?ctl=435ED:7EB890 --
and remember, the more you download, the better your chances of
winning.
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround Network Newsletters Mailing List
Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Copyright statements to be included when reproducing
annotations from the
Educational CyberPlayGround Network Newsletter
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Network Newsletters copyright
Email Prefrences - Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
