Week in Review: Web Insecurity and Fixes for Stuxnet

Web insecurity was in the news this week, with a major flaw in the security of ASP.NET and some sobering statistics on Web site infections. When your bank account gets hacked – is it your fault? And, with a patch out for one of four (!) zero day exploits used by Stuxnet, security experts wonder if its the most sophisticated malware…ever!? 

MS Offers SharePoint Zero Day Workaround

Microsoft offered an interim work-around for a SharePoint bug that involved disabling access to the help system by running a pair of commands from the command prompt. The commands modify the access control list (ACL), Windows’ list of file access permissions. Read the full article. [Computerworld]

Novell Patches Critical eDirectory Flaw

Novell has released a security update for its eDirectory server to remedy a heap overflow vulnerability.  Attackers can remotely exploit the flaw to
crash or penetrate a server. The vendor says that the vulnerability can
be exploited with a specially crafted NDS Service Request. Read the full article. [The H Security] Read the original advisory.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.