Good ol' Microsoft Internet Explorer has another major problem - and the bad guys are using it!
More trouble for Microsoft and for those of us who have Unix/Linuxservers there's a problem with Sendmail too.
The Internet Storm Center (http://isc.sans.org/) has moved to Yellow
Alert with the release of an exploit for the current major problem found
in Internet Explorer. Please see the notice at
http://isc.sans.org/diary.php?storyid=1212 for details.
Microsoft's bulletin is at:
http://www.microsoft.com/technet/security/advisory/917077.mspx
In order to get infected you have to visit a compromised web site - and
you know you should not be browsing the web to unknown places from any
machine you don't want contaminated with stuff anyway, so hopefully you
won't find the currently obscure sites that have this one on them. But
be prepared as it only takes hours for this type of thing to be picked
up by lots of bad-uglies out there and put almost anywhere.
This one can be nasty - it can allow execution of "arbitrary
code" (meaning anything the bad-ugly wants to run) and the exploit noted
by ISC puts a "Spybot" variant (keystroke logger and otherwise major
insecurity program) - see:
http://www.symantec.com/avcenter/venc/data/w32.spybot.worm.html for more
info about it.
The consensus is that if you must use IE, you should turn off "Active
Scripting". Of course you should be using Firefox
http://www.mozilla.com/ or some other browser for your main web surfing
and only use IE when it is absolutely necessary (and you KNOW the site
is one you trust)
-------------------------------
Sendmail (the mail transport agent, or MTA, that most Internet e-mail
runs through) has a major hole in it which so far there is no exploit
for - but you don't want to wait since it can be VERY bad. RedHat has
already released updates for their commercial offerings and other
distributions are following quickly. If you need help, give me a call.
See the bulletin at: http://isc.sans.org/diary.php?storyid=1210 They're
very concerned!
Fortunately most of our systems here use EXIM instead of Sendmail - and
some of my customers are running Qmail (via such things as PLESK or
Courier) so these systems are not vulnerable. BUT - if you have an older
Linux/Unix server that is not behind a firewall (or which is directly
receive incoming e-mail for local distribution via settings in the
firewall) then you should make the effort ASAP to get it updated. Again,
call me if you need help!
----------------------------
In other news, one of my customers, Hancock House Publishing, has a new
feature we're just getting set up with - live (and excellent quality)
video streaming from an Eagle's nest on Hornby Island near Vancouver
Island. Check out the article at:
http://forum.hancockhouse.com/article.php/20060321210558763 for more
information and a link to the stream (sorry, it is Windows Media Player
but I didn't have any say in this ;)
The eagles have one egg now, and another is expected any time (typically
3 days from laying of first one which was on the 21st)
enjoy!
richard
What's Related