    
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Network Security
Welcome to our security bulletin for February 2006;
Major new vulnerability - Windows Metafiles (.wmf)
A major new vulnerability has been dicovered which enables malicious code to be executed (source: theregister.co.uk). This can be disguised as .jpg or .gif
files. The problem is so serious that Microsoft's usual policy of issuing patches monthly has been disregarded.
Affected Windows versions are as follows:
Windows 2000 Service Pack 4, XP SP 1 and SP 2 XP Professional x64 Edition Windows Server 2003 and Server 2003 SP 1 Windows Server 2003 x64 Edition.
Microsoft considers a patch unnecessary for older versions of Windows Windows 98, 98 Second Edition and Millennium Edition.
Windows NT and pre-servive pack 4 versions of Windows 2000 are considered obsolete and also have no patch; rather the advice is to upgrade to a later
version.
Download the patch at http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx.
Several new issues have come to light concerning Apple's QuickTime. Users are advised to update to version 7.0.4 for the Mac OS X and Microsoft Windows operating systems. More details available at http://gtoc.iss.net/issEn/delivery/gtoc/index.jsp.
Microsoft has launched some new anti-spyware - not a complete replacement for Spybot or Adware but useful nonetheless. Download it at http://www.microsoft.com/downloads/details.aspx?FamilyI d=321CD7A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en.
Finally, a new threat from rootkits - malicious programs which allow root (system administrator) privileges to undetected third parties. More details from http://www.theregister.co.uk/ concerning Sony's digital rights management included with its music CDs.
Old security bulletins are stored in our archive
If you have a security issue or are looking for Internet security services, contact us to see what we can do for you.
