Vulnerabilities


Microsoft Confirms IIS FTP Zero-Day Flaw

Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.
A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.  Read the advisory [microsoft.com]  See workaround information on the SR&D blog [technet.com]

Firefox Add-on Spies on Google Search Results

Security researchers have intercepted a fake Flash Player update creating a Firefox add-on that spies on the user’s Google search results.
The malicious Firefox extension, called “Adobe Flash Player 0.2,” injects ads into the user’s Google search results pages and even has the capability to monitor the user’s browsing activities, particularly Google search queries using the Firefox browser. It then sends the information it gathers to a hacker-controlled server.

Exploit Code Published for New Microsoft IIS FTP Flaw

There is exploit code circulating for a newly discovered vulnerability in the FTP service of Microsoft IIS, a flaw which could enable an attacker to run his own code on a remote server. The flaw mainly affects older versions of IIS, Microsoft’s Web server product, but the existence of a working exploit and the popularity of IIS make the vulnerability a serious concern.


Officials at MicroSolved, the security services company that was involved in the penetration test that set off concerns about malware-infected CDs being sent to credit unions, have posted a detailed explanation of the technique and how it turned into a national news story.

A software engineer who created Trojans for the Swiss authorities to intercept Voice-over-IP (VoIP) phone calls has published the source code to his programs in order to draw attention to the surveillance threat posed by such software. Read the full story [idg.no]

The most trusted websites, such as search engines, mainstream news sites and some blogs, are increasingly at risk of hosting malicious links that pass malicious code to their visitors, according to the latest data collected by researchers with IBM’s X-Force security team.
The report [ibm.com] outlines a sharp increase in new malicious Web links and consistent attacks against Web applications that could undermine the security of some database servers.  Read the full story  [techtarget.com]

Apple’s commercials may give the impression that Macs are virus-free but the company isn’t taking any chances with the newest Mac OS X refresh.

Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in malicious files embedded in pirated copies of Mac-specific software. Read the full story [zdnet.com]

From ZDNet (Dancho Danchev)

According to a research published by Trusteer earlier this month, 79.5% of the 2.5 million users of their Rapport security service run a vulnerable version of Adobe Flash, with 83.5% also running a vulnerable version of Acrobat.

The company has also criticized Adobe by insisting that their update mechanism “does not meet the requirements of a system that is used by 99% of users on the Internet and is highly targeted by criminals“, but is praising the update mechanism of Google’s Chrome and Firefox, whose silent updates close the window of opportunity for malicious attackers to take advantage of.  Read the full story [zdnet.com]  See the Trusteer study [PDF]

From C|Net (Elinor Mills)

Cisco Systems wireless local area network equipment used by many corporations around the world is at risk of being used in denial-of-service attacks and data theft, according to a company that offers protection for WLANs.

Researchers at AirMagnet, which makes intrusion-detection systems for WLANs, discovered the vulnerability, which affects all lightweight Cisco wireless access points, as well as the exploit that could be used against networks that have the Over-the-Air-Provisioning (OTAP) feature turned on.  Read the full story [cnet.com]

From internetnews.com (Sean Michael Kerner)
 
Tens of millions of people around the world use Adobe’s Flash and PDF reader technologies. How many of them update regularly?

The issue of updated Flash and Adobe Acrobat PDF clients is an important one, as Adobe recently patched both technologies for security vulnerabilities that could expose users to risk. Yet security vendor Trusteer recently examined its own users and found that at least 80 percent were running unpatched versions of Flash and Adobe Acrobat. Read the full story [internetnews.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.