CNET también está disponible en español.

Ir a español

Don't show this again


Odds and Ends: QuickTime security flaw; New virus spoofs; clarification on Citibank hoax list; Knowledge Base updates

Odds and Ends: QuickTime security flaw; New virus spoofs; clarification on Citibank hoax list; Knowledge Base updates

QuickTime security flaw An advisory from notes a "high severity" vulnerability in Apple's QuickTime software that "allows malicious code to be executed with little user interaction." No further details are available, as's policy is to provide details to the affected vendor but not release those details to the public until the vulnerability has been patched by the vendor. 14 days ago

New virus spoofs and other domains A new Windows virus, W32.Beagle.K@amm (actually a variant of the earlier W32.Beagle.J@mm virus) is making the rounds, according to a Symantec security response article. What's interesting about this particular virus is that it spoofs the return address so that it appears to come from an administrator in a common domain; a number of users report receiving versions that claim to be sent from administrators of Apple's .Mac service. (This virus' email messages generally begin with "Some of our clients complained about the spam [negative e-mail content] outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe,follow the instructions")

Clarification on Citibank hoax list On Tuesday we posted a note from a reader regarding a Citibank Web page listing known email hoaxes that appear to come from Citibank. To clarify, the reason we posted that story was to alert users that many banks and other institution compile such lists, which are helpful for figuring out if a message that appears to come from the institution did indeed originate there. The reader comments we quoted, which implied some degree of "lack of protection" on the behalf of Citibank, were most likely not an accurate representation of the situation. These "spoofs" (an example of which is described in the previous item) are common, and in fact the Citibank spoof in question was most likely sent to millions of people -- so the odds were such that some of whom, like the reader quoted, actually are Citibank customers. It's highly unlikely that Citibank customer email addresses were actually compromised.

New/Updated Knowledge Base Articles

  • advisory
  • Symantec security response
  • Mac OS X: Nothing happens ...
  • iTunes updated iPod, but where's the music?
  • iPod mini wakes up when yo...
  • iPod mini shows "OK to Disconnect" screen until you disconnect it
  • More from Odds and Ends: