[virusinfo] Panda Weekly summary - 26/03/05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Sat, 26 Mar 2005 10:43:01 -0800

From; Panda Oxygen3:

"Be brief, for no discourse can please when too long". 
      Miguel de Cervantes (1547 - 1616); Spanish author & poet

                       - Weekly summary -
  Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, March 26 2005 - Over the last week, Oxygen3 24h-365d has covered
the following news stories -summarized below- which can be read in full at:
http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp 

- System downtime due to vulnerabilities will triple before 2008 (03/21/05).
 
According to Gartner, system downtime caused by software vulnerabilities
will triple before 2008, if companies don't take proactive security steps.
Companies that don't include security as a criterion when buying or
developing software will witness downtime caused by security
vulnerabilities increase from the 5 percent observed in 2004 to 15 percent
in 2008.

- Security updates for Apple Mac OS X (03/22/05). 

Apple has released an update to resolve nine security problems affecting
its MAC OS. The update includes the fix for problems in the server (AFP),
in Bluetooth devices, in Core Foundation, in Cyrus IMAP, in Mailman and in
the Safari browser.

- Panda Software warns of a new, sophisticated and dangerous online fraud
technique: pharming. (03/23/05).

Pharming involves altering DNS (Domain Name System) addresses so that the
web pages that a user visits are not the original ones, but others created
specifically by cyber-crooks to collect confidential data, especially
information related to online banking. 

- Vulnerability in Java Web Start. (03/24/05) 

Sun has reported a vulnerability in Java Web Start that could allow
privilege elevation of a non-trusted application and indiscriminate
permission to read, write and execute on the local system. Java Web Start
is a platform that allows developers to deploy complete applications to
final users accessible from any browser.

- Drag and drop vulnerability in Thunderbird and Firefox. (03/25/05) 

A vulnerability has been reported which affects both the Firefox browser
and the Thunderbird mail client and which can be exploited by remote
attackers to insert malware on a user's system. The problem is that images
dragged and dropped from a web page to the desktop retain their name and
extension.  If the file has an executable extension, it could run instead
of being opened by the corresponding multimedia application..

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Panda Weekly summary - 26/03/05

1. Home
2. virusinfo
3. Archive
4. 03-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---