Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Security UPDATE, February 12, 2003

From: InfoSec News <isn () c4i org>
Date: Thu, 13 Feb 2003 03:28:13 -0600 (CST)
********************
Windows & .NET Magazine Security UPDATE--brought to you by Security
Administrator, a print newsletter bringing you practical, how-to
articles about securing your Windows Server 2003, Windows 2000, and
Windows NT systems.
   http://www.secadministrator.com
********************

~~~~ THIS ISSUE SPONSORED BY ~~~~

Experience How Real Time Monitoring Will Benefit YOU
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw07mN0Az

Windows & .NET Magazine Network Web Seminars
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw02lB0Ah
   (below IN FOCUS)

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: EXPERIENCE HOW REAL TIME MONITORING WILL BENEFIT YOU ~~~~
   A proactive Security Administrator installed TNT Software's ELM
Enterprise Manager 3.0 on his critical servers to assess the benefits
of real time monitoring. During the first week, EEM 3.0 paged him as a
disgruntled employee attempted to access confidential files, alerted
him when the QoS of his Exchange Server began to drop, and
automatically restarted a failed anti-virus service. As a result, ELM
Enterprise Manager was purchased and fully deployed during the second
week. Download your FREE 30 day full feature evaluation copy today and
experience how real time monitoring will benefit YOU.
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw07mN0Az
~~~~~~~~~~~~~~~~~~~~

February 12, 2003--In this issue:

1. IN FOCUS
     - Junk Mail and Spyware

2. SECURITY RISKS
     - Multiple Vulnerabilities in Microsoft IE
     - Unchecked Buffer in Windows XP Redirector

3. ANNOUNCEMENTS
     - Catch the Microsoft Mobility Tour--Time Is Running Out!
     - Black Hat Briefings & Training: Windows Security

4. SECURITY ROUNDUP
     - News: In-Stat/MDR Expects Broadband Security Market to Soar
     - News: IDC Says Security Market to Reach $45 Billion by 2006

5. SECURITY TOOLKIT
     - Virus Center
     - FAQ: How Can I Use Group Policy to Configure the Shutdown Event
       Tracker?

6. NEW AND IMPROVED
     - Ensure Logon Security Through Signature Authentication
     - Protect Lotus Notes/Domino Databases
     - Submit Top Product Ideas

7. HOT THREAD
     - Windows & .NET Magazine Online Forums
         - Featured Thread: Clear History When a User Exits Windows

8. CONTACT US
   See this section for a list of ways to contact us.

~~~~~~~~~~~~~~~~~~~~

1. ==== IN FOCUS ====
   (contributed by Mark Joseph Edwards, News Editor,
mark () ntsecurity net)

* JUNK MAIL AND SPYWARE

Unsolicited (aka junk) email is a big problem. I've written about such
email in a previous edition of Security UPDATE (see "Tired of Unwanted
Email? Try This Simple Solution" at the URL below). Solicitors can
find your email addresses many ways, some of which involve mining data
from public news groups and Web-based message forums.
   http://www.secadministrator.com/articles/index.cfm?articleid=27495

Other methods of obtaining your email address involve intrusive
software packages that include various types of data mining, such as
copying your contact list or address book contents. Such software is
typically referred to as "spyware." For one example of how others
gather data about you and those you know, read the Security UPDATE
commentary "Protect Your Contact List: Read the EULA!" at the URL
below.
   http://www.secadministrator.com/articles/index.cfm?articleid=27122

To help protect yourselves from some kinds of spyware, you need to
take several actions. First, don't let Java-based or ActiveX-based
code run on your systems through your Web browser and email client
software unless you're certain you can trust the content provider not
to spy on your system. Second, you need to scan your systems from time
to time to determine whether any known spyware might have slipped onto
your system.

One great tool to help scan your systems for spyware is Lavasoft's
Ad-Aware. Lavasoft recently released Ad-Aware 6.0. Although other
available tools perform similar tasks, the basic version of Ad-Aware
6.0 does a great job and is free.
   http://www.lavasoft.de/software/adaware/

Ad-Aware scans your system's registry and file systems looking for
keys and files that match known spyware programs. When Ad-Aware finds
such an item, you can have the software remove it from your system.
One useful feature of Ad-Aware is its ability to check for new spyware
signature update files. For example, as of February 10, Ad-Aware scans
for 4375 known spyware programs.

You must pay for the two more advanced versions of Ad-Aware: Ad-Aware
Plus will scan for spyware in realtime and help prevent it from
entering your system in the first place. Ad-Aware Professional can
perform scans of remote systems and contains many additional features.
For complete details about each version check the Web site at the URL
below and click on the specific product.
   http://www.lavasoft.de

Another useful tool for spyware identification is the SpyChecker.com
Web site, located at the URL below. The site maintains a database and
search engine in which you can enter a name to determine whether it's
listed as a spyware program or vendor.
   http://www.spychecker.com

Eliminating spyware from your systems won't eliminate junk email, but
it will probably help you keep the amount of unwanted junk mail you
receive to a minimum. It will also help keep marketing companies from
snooping on your system to learn your Internet use habits without your
knowledge and consent.

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: WINDOWS & .NET MAGAZINE NETWORK WEB SEMINARS ~~~~
   DON'T MISS OUR WEB SEMINARS IN MARCH!
   Windows & .NET Magazine has 3 new Web seminars to help you address
your security and storage concerns. There is no fee to attend "Selling
the Importance of Security: 5 Ways to Get Your Manager's Attention,"
"Building an Ultra Secure Extranet on a Shoe String," or "An
Introduction to Windows Powered NAS," but space is limited, so
register for all 3 events today!
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw02lB0Ah
~~~~~~~~~~~~~~~~~~~~

2. ==== SECURITY RISKS ====
   (contributed by Ken Pfeil, ken () winnetmag com)

* MULTIPLE VULNERABILITIES IN MICROSOFT IE
   Andreas Sandblad discovered two new vulnerabilities in Microsoft
Internet Explorer (IE) that can result in information disclosure or
the execution of arbitrary code on the vulnerable system. These
vulnerabilities stem from a flaw in IE's showHelp function that
results in incomplete security checking, which lets a Web site access
information in another domain. An attacker can misuse certain dialog
boxes to run malicious scripts and obtain that data. Microsoft has
released Security Bulletin MS03-004 (Cumulative Patch for Internet
Explorer) to address this vulnerability and recommends that affected
users apply the appropriate patch mentioned in the bulletin. This
patch addresses all previously discovered IE vulnerabilities.
   http://secadministrator.com/articles/index.cfm?articleid=37973

* UNCHECKED BUFFER IN WINDOWS XP REDIRECTOR
   A new vulnerability in the Microsoft Windows Redirector can result
in the execution of arbitrary code on the vulnerable system. This
vulnerability stems from an unchecked buffer that Windows XP uses to
receive parameter information. By providing malformed data to the
Windows Redirector, a potential attacker can cause the system to fail
or run code of the attacker's choice. Microsoft has released Security
Bulletin MS03-005 (Unchecked Buffer in Windows Redirector Could Allow
Privilege Elevation) to address this vulnerability and recommends that
affected users apply the appropriate patch mentioned in the bulletin.
   http://www.secadministrator.com/articles/index.cfm?articleid=37974

3. ==== ANNOUNCEMENTS ====
   (brought to you by Windows & .NET Magazine and its partners)

* CATCH THE MICROSOFT MOBILITY TOUR--TIME IS RUNNING OUT!
   This outstanding seven-city event will help you support your
growing mobile workforce. Industry guru Paul Thurrott discusses the
coolest mobility hardware solutions around, demonstrates how to
increase the productivity of your "road warriors" with the unique
features of Windows XP and Office XP, and much more. You could also
win an HP iPAQ Pocket PC. There is no charge for these live events,
but space is limited, so register today! Sponsored by Microsoft, HP,
and Toshiba.
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw06Kw0A6

* BLACK HAT BRIEFINGS & TRAINING: WINDOWS SECURITY
   Attend the world's premier technical event for Windows and .NET
security experts, February 24-27, 2003, in Seattle. You'll find six
tracks, seven training sessions, and full support from Microsoft. See
for yourself what the Black Hat buzz is all about. Register today!
   http://list.winnetmag.com/cgi-bin3/flo/y/ePZo0CJgSH0CBw0pHV0AT

4. ==== SECURITY ROUNDUP ====

* NEWS: IN-STAT/MDR EXPECTS BROADBAND SECURITY MARKET TO SOAR
   According to In-Stat/MDR, the market for broadband-based security
solutions will grow to $829 million by the end of 2004, up from $71
million in 2000. The company attributes the expected growth rates to
expanding use of broadband connectivity solutions.
   http://www.secadministrator.com/articles/index.cfm?articleid=37948

* NEWS: IDC SAYS SECURITY MARKET TO REACH $45 BILLION BY 2006
   IDC reports that it expects the IT security market to reach $45
billion in revenues by 2006. The predicted figures include software,
hardware, and services. Revenues in 2001 were about $17 billion.
   http://www.secadministrator.com/articles/index.cfm?articleid=37945

5. ==== SECURITY TOOLKIT ====

* VIRUS CENTER
   Panda Software and the Windows & .NET Magazine Network have teamed
to bring you the Center for Virus Control. Visit the site often to
remain informed about the latest threats to your system security.
   http://www.secadministrator.com/panda

* FAQ: HOW CAN I USE GROUP POLICY TO CONFIGURE THE SHUTDOWN EVENT
TRACKER?
   ( contributed by Brett Hill, http://www.iisanswers.com )

A. You can use Group Policy to configure the Shutdown Event Tracker by
performing the following steps:
   1. Open Group Policy, then load the group policy to which you want
to apply the change.
   2. Expand Computer Configuration, Administrative Templates, System.
   3. Double-click Display Shutdown Event Tracker.
   4. Select Enabled.
   5. Select the Never option, then click OK.
   6. Click OK to close all dialog boxes.

6. ==== NEW AND IMPROVED ====
   (contributed by Sue Cooper, products () winnetmag com)

* ENSURE LOGON SECURITY THROUGH SIGNATURE AUTHENTICATION
   Security Biometrics released BIOSign, a biometric signature
authentication solution to replace text-based password and PIN logon
systems in Windows XP and Windows 2000. BIOSign is powered by Security
Biometrics' PenFlow technology, which analyzes the way in which a
signature is signed, not how it looks. To verify your users'
identities, the software compares the pen's force, speed, and
directional vectors to profile data. Contact Security Biometrics at
866-522-3888 and info () sigbio com.
   http://sigbio.xplorex.com

* PROTECT LOTUS NOTES/DOMINO DATABASES
   Symantec announced Symantec AntiVirus/Filtering for Domino, an
integrated virus protection and filtering solution for Lotus
Notes/Domino databases. The software now offers rules-based content
filtering and realtime protection from malicious and spam attacks.
Supports Lotus/Domino databases running AIX, iSeries, Linux, Solaris,
Windows 2000 and Windows NT. Contact Symantec on its Web site.
   http://enterprisesecurity.symantec.com.

* SUBMIT TOP PRODUCT IDEAS
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Do you know of a terrific
product that others should know about? Tell us! We want to write about
the product in a future What's Hot column. Send your product
suggestions to whatshot () winnetmag com.

7. ==== HOT THREAD ====

* WINDOWS & .NET MAGAZINE ONLINE FORUMS
   http://www.winnetmag.com/forums

Featured Thread: Clear History When a User Exits Windows
   (One message in this thread)

A user writes that he wants to be able to clear the Microsoft Internet
Explorer (IE) history folder and delete all temporary Internet files
and folders when a user logs off. Lend a hand or read the responses:
   http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=54145

8. ==== CONTACT US ====
   Here's how to reach us with your comments and questions:

* ABOUT IN FOCUS -- mark () ntsecurity net

* ABOUT THE NEWSLETTER IN GENERAL -- letters () winnetmag com (please
mention the newsletter name in the subject line)

* TECHNICAL QUESTIONS -- http://www.winnetmag.com/forums

* PRODUCT NEWS -- products () winnetmag com

* QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Customer
Support -- securityupdate () winnetmag com

* WANT TO SPONSOR SECURITY UPDATE? emedia_opps () winnetmag com

********************

   This email newsletter is brought to you by Security Administrator,
the print newsletter with independent, impartial advice for IT
administrators securing a Windows 2000/Windows NT enterprise.
Subscribe today!
   http://www.secadministrator.com/sub.cfm?code=saei25xxup

   Receive the latest information about the Windows and .NET topics of
your choice. Subscribe to our other FREE email newsletters.
   http://www.winnetmag.com/email

|-+-|-+-|-+-|-+-|-+-|

Thank you for reading Security UPDATE.

MANAGE YOUR ACCOUNT
   You can manage your entire Windows & .NET Magazine Network email
newsletter account on our Web site. Simply log on and you can change
your email address, update your profile information, and subscribe or
unsubscribe to any of our email newsletters all in one place.
   http://www.winnetmag.com/email

Thank you!
__________________________________________________________
Copyright 2003, Penton Media, Inc.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: