In a recent email from @Risk (SANS) two things jumped out that might have been missed in some IT shops. There have been many patches this week, from Microsoft and Oracle just to name two, but notices about Intel and Adobe stood out.
As the week ends, here is a list of some of the more demanding security problems announced online. (IMG:J.Anderson)
Intel is vulnerable to a remote attack on the 2200BG and 2915ABG wireless network cards. The cards are common, and found in almost all laptops sold using the Intel chipset. The interesting thing is that the advisory from Intel is dated January 12, 2007. However, Milw0rm (http://milw0rm.com/exploits/5461) has exploit code available to target unpatched drivers.
“Security vulnerabilities have been identified in the Microsoft Windows drivers for the Intel 2200BG and 2915ABG PRO/Wireless Network Connection Hardware (w22n50.sys, w22n51.sys, w29n50.sys, w29n51.sys), which could potentially be exploited by attackers within range of the Wi-Fi station to execute arbitrary code on the target system with kernel-level privileges. These flaws are due to a memory corruption while parsing certain frames,” Intel says.
If you have not patched the cards, Intel’s drivers are here:http://support.intel.com/support/wireless/wlan/sb/cs-010623.htm
Adobe’s PDF file format is still being selected as a target in various attacks online. “Dating back to the end of February, we have been tracking test runs of malicious PDF messages to very specific targets. These PDF files exploit the recent vulnerability CVE-2008-0655,” a recent SANS ISC diary says.
If the malicious PDF attack fails, you will get an error telling you the file is invalid. The successful attacks will show Adobe opening and instantly closing and opening again displaying a PDF file.
“Acrobat Reader is proving to be an interesting target because users are not very much inclined to upgrade manually. The file format is relatively stable and users of Acrobat Reader 7 may not always feel a need to upgrade,” Maarten Van Horenbeeck reported.
If you have not done so already, update to Adobe Reader 8.1.2.
Also related to Adobe are vulnerabilities related to how Photoshop CS3, After Effects CS3, and Album Starter handle Bitmap (BMP) files. Malicious BMP images can trigger a buffer overflow, which could lead to code execution.
Adobe is aware of the vulnerabilities, but there is no patch available. Details of the vulnerability are here: http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0551.html
One patch that is likely to be deployed this weekend by many IT shops is related to Oracle. Oracle released their April updates that fix several problems including code execution, information disclosure, and SQL Injection.
Details:http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2008.html
There are currently no comments for this article. Be the first to comment!
Advertising
There are currently no comments for this article. Be the first to comment!