Friday, Feb 4, 2005
Internet Security Weekly Review
Recently Linux vendors Red Hat, Novell and Mandrakesoft released patches for several vulnerabilities. The patches range from flaws to buffer overflows. Secunia rated five of the updates "highly critical". SuSE issued updates to resolve flaws including a vulnerability that could allow malicious code to cause a local denial-of-service attack. Red Hat issued recently a package of updates for its desktop and enterprise software.
The Spanish security company Panda Software warned last week that several companies are apparently using Microsoft Media Player's digital rights management (DRM) tool to fool people into downloading spyware and viruses.
Microsoft responded that the security risk does not arise from a flaw in its tool. It was found that some sites can use Windows Media Player to pop up a Web page with information about a video or song, and here the page was apparently loaded with automatic spyware. Microsoft representatives said that the automatic downloads would be blocked on any computer running the Service Pack 2 release of Windows.
<< Home