General discussion

NEWS - February 10, 2005

Symantec flaw leaves opening for viruses
By Robert Lemos CNET February 9, 2005, 1:47 PM PT

Symantec has issued a patch for a flaw in its scanning software that could cause a virus to execute, rather than catch it.

The vulnerability affects an antivirus library used by the majority of Symantec's antivirus and antispam products, including Norton SystemWorks 2004 and Symantec Mail Security for Exchange, the security provider said on Tuesday.

The software is aimed at a range of systems, from consumer desktops to large corporate mail servers, meaning the flaw could be used to take control of key corporate systems or to install programs to grab people's identity data.

"The impact of this vulnerability is exaggerated by the fact that many e-mail and other traffic routing gateways make use of file-scanning utilities that make use of the vulnerable library," Symantec said in an advisory. "This could allow an attacker to potentially exploit high-profile systems used to filter malicious data, and potentially allow further compromise of targeted internal networks."

more here

Discussion is locked

Reply to: NEWS - February 10, 2005
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - February 10, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Pfizer and Microsoft Strike at Alleged Spammers
- Collapse -
Vigilantes launch attack on scam sites

Internet vigilantes have launched a 48-hour bandwidth attack against spammers who allegedly defraud people online.

The 419 Flash Mob, supported by Artists Against 419, has declared war on criminals who host fake bank Web sites in the hope of luring victims to deposit money there. The attacks began Wednesday.

According to Artists Against 419's Web site, "This flash mob is in celebration of Chinese New Year...Our aim is to shut down eight fake bank web sites in less than 48 hours!"

- Collapse -
'New' spam method a very old one: researcher

A number of spam researchers have criticized the claims of Spamhaus and MessageLabs that a new spamming technique could make blocking technologies useless. Jakub Kaminski, researcher at Computer Associates' labs in Melbourne, Australia, notes that this technique -- using a zombie computer to connect to a service provider's mail server -- was actually the tactic originally used by mass-mailing worms before they started carrying their own SMTP (simple mail transfer protocol) engines. Mr. Kaminski believes the new tactic only makes the shortcomings of e-mail blacklists obvious. The tactic could also break the Sender Policy Framework, which is meant to verify the return path on e-mails. However, spam filters that analyze content and not just e-mail addresses should work even against spams that appear to come directly from internet service providers.

- Collapse -
Columnist Slams Windows for UI, Virus Problems
- Collapse -
Symantec Press Publishes "The Art Of Computer Virus Research

The book is authored by Peter Szor, security architect for Symantec Security Response, and provides an insider's view of how computer virus research is conducted and how threats are analyzed for the sake of better security measurement.

Szor's book focuses primarily on self-replicating malicious code from the perspective of all three infection techniques - file/storage, in-memory, and network. As a result, Szor has developed a detailed technical guide for IT and security professionals, along with academicians and students, for understanding the methodology of computer virus analysis and protection.

More in

- Collapse -
Microsoft probes anti-spyware Trojan

Published: February 10, 2005, 12:11 PM PST
By Dan Ilett
Special to CNET

Microsoft is investigating a piece of malicious code that targets the recently released beta version of its AntiSpyware product.

On Wednesday, antivirus company Sophos reported a new Trojan horse, dubbed "Bankash-A," which suppresses warning messages displayed by Microsoft AntiSpyware and deletes all of the files in the program's folder. The Trojan also steals passwords and online-banking details from Windows users.

"Microsoft is actively investigating new public reports of a criminal attack, known as the 'Bankash-A Trojan'," the company wrote in an e-mail statement. "Microsoft is not aware of any significant customer impact resulting from the Trojan. Microsoft continues to recommend customers evaluate the Microsoft AntiSpyware beta and encourage customers to follow the three steps to help keep your PC protected (at)"

more here

- Collapse -
Yahoo Fires Up Toolbar for Firefox Users

Decision shows the increasing popularity of the alternative browser.

Scarlet Pruitt, IDG News Service
Thursday, February 10, 2005
Yahoo released a beta version of its Web browser toolbar for users of the Mozilla Firefox browser on Thursday, offering bookmarks, newsfeeds, and search and translation tools.

The beta version of the toolbar requires Firefox 1.0 for Windows and is available as a free download. It also includes features such as the ability to search a site, Yahoo Mail notifications and alerts, and buttons for access to the Internet company's games, finance, news, and sports sites, among others.


CNET Forums

Forum Info