Monday, January 31, 2011

Security Patch For RealPlayer

RealNetworks has released updated version of their RealPlayer. New version contains a fix to following vulnerability:

CVE-2010-4393
RealPlayer vidplin AVI Header Heap Corruption Vulnerability
Affected software: Windows RealPlayer 14.0.1 and prior


Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Windows MHTML Vulnerability

There has been found a MHTML handling related vulnerability in all supported versions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various web sites, resulting in information disclosure.

At the moment, there is not a security update against the problem yet. Workaround for the issue is introduced in related security advisory.

More information:
http://blogs.technet.com/b/srd/archive/2011/01/28/more-information-about-the-mhtml-script-injection-vulnerability.aspx
http://www.microsoft.com/technet/security/advisory/2501696.mspx

Thursday, January 27, 2011

OpenOffice 3.3 Released

OpenOffice.org has released a new version of OpenOffice. The fresh version contains fixes for nine vulnerabilities:
- CVE-2010-2935 / CVE-2010-2936: Security Vulnerability in OpenOffice.org related to PowerPoint document processing
- CVE-2010-3450: Security Vulnerability in OpenOffice.org related to Extensions and filter package files
- CVE-2010-3451 / CVE-2010-3452: Security Vulnerability in OpenOffice.org related to RTF document processing
- CVE-2010-3453 / CVE-2010-3454: Security Vulnerability in OpenOffice.org related to Word document processing
- CVE-2010-3689: Insecure LD_LIBRARY_PATH usage in OpenOffice.org shell scripts
- CVE-2010-3702 / CVE-2010-3704: Security Vulnerability in OpenOffice.org's PDF Import extension resulting from 3rd party library XPDF
- CVE-2010-4008 / CVE-2010-4494: Possible Security Vulnerability in OpenOffice.org resulting from 3rd party library LIBXML2
- CVE-2010-4253: Security Vulnerability in OpenOffice.org related to PNG file processing
- CVE-2010-4643: Security Vulnerability in OpenOffice.org related to TGA file processing



More information about OpenOffice security fixes can be found here and about other changes can be read from Release Notes. OpenOffice 3.3 can be downloaded here.

Patch For Opera Released

Opera Software has released an update for their Opera web browser. Version 11.01 contains fixes to five security vulnerabilities.

critical:
* Large form inputs can allow execution of arbitrary code; advisory.

high:
* Clickjacking attacks may be carried out against internal opera: URLs; advisory.
* Web pages can gain limited access to files on the user's computer; advisory.

moderate:
* Email passwords are not immediately deleted when deleting private data; advisory.

low:
* The wrong executable may be used to display a downloaded file in its folder; advisory.



Opera users are strongly recommended to update to 11.01 version. New version can be downloaded here.

Thursday, January 20, 2011

New Twitter Worm Redirects To Rogue AV

Nicolas Brulez, Kaspersky Lab malware researcher, warns about new Twitter worm that's currently abusing Google's goo.gl redirection service to push surfers via chain of redirections to rogue AV site. Technical details and other related information can be read from correspondent Securelist blog entry.

Oracle Security Updates

Oracle has released updates for their products that fix 66 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in April 2011.

Tuesday, January 11, 2011

Microsoft Security Updates For January 2011

Microsoft has released security updates for January 2011. This month update contains two updates - one critical and one important.

Critical:
MS11-002 Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)

Important:
MS11-001 Vulnerability in Windows Backup Manager Could Allow Remote Code Execution (2478935)

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Friday, January 7, 2011

PHP 5.3.5 And PHP 5.2.17 Released

PHP development team has released new versions for 5.3.x and 5.2.x series of PHP scripting language.

PHP 5.3.5 for 5.3.x series and PHP 5.2.17 for 5.2.x series fix a critical issue where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers (CVE-2010-4645). The problem is known to only affect x86 32-bit PHP processes, no matter if the system hosting PHP is 32-bit or 64-bit. By running test script one can check if their system is affected. Nevertheless, all PHP users are recommended to update their versions to the latest one.

Migration guide to PHP 5.3.x for 5.2.x series users can be found here.

Thursday, January 6, 2011

MessageLabs Intelligence 2010 Annual Security Report

MessageLabs has published their Intelligence report wrapping up the year 2010 from security point of view.

The report can be viewed here.

Wednesday, January 5, 2011

Windows Graphics Rendering Engine Vulnerability

Microsoft is investigating public reports of a vulnerability in the Windows Graphics Rendering Engine. By exploiting the vulnerability successfully an attacker may be able to execute arbitrary code in affected system. Windows 7 and Windows Server 2008 R2 are not affected by this vulnerability.

Workaround for the issue is introduced in related security advisory.

More information:
http://blogs.technet.com/b/msrc/archive/2011/01/04/microsoft-releases-security-advisory-2490606.aspx
http://www.microsoft.com/technet/security/advisory/2490606.mspx

Sunday, January 2, 2011

Look Out For Untrusted Happy New Year E-card Links

Shadowserver Foundation is warning about a new malicious botnet that reminds of Storm worm. Links to malicious domains are sent in emails disguised as e-card notifications. Some email subjects that have been used in those scam messages:
Greeting for you!
Greeting you with heartiest New Year wishes
Greetings to You
Happy New Year greetings e-card is waiting for you
Happy New Year greetings for you
Happy New Year greetings from your friend
Have a happy and colorful New Year!
l want to share Greeting with you (Shadowserver note: the first letter is an L)
New Year 2011 greetings for you
You have a greeting card
You have a New Year Greeting!
You have received a greetings card
You've got a Happy New Year Greeting Card!


More details about the new threat can be read from Shadowserver Foundation Calendar here.