ep's blog

Wordpress 2.9.2 security update

http://core.trac.wordpress.org/ticket/11922

Release overview:
http://core.trac.wordpress.org/query?
status=closed&group=resolution&order=priority&milestone=2.9.2&resolution
=fixed

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Tabnabbing phishing attack

http://searchbliss-webmaster.blogspot.com/2010/05/tabnabbing-new-phishin...

Apparently, when you move to another tab in your web browser, the tab you were originally using can detect that it has lost focus.  A malicious website can take the opportunity to load new content in the tab, change its title and appear to be a different website.

When you return, if you try to login using your credentials, you could be handing them over to a malicious source.

ClamAV 0.94 and older end of life and disabled on 2010-04-15

http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/

ClamAV has released an announcement that versions older than 0.95 will
be disabled after 2010-04-15.

ClamAV would like to release longer malware signatures that aren't
supported by pre-0.95 versions of ClamAV. For this reason, earlier
versions of ClamAV will break when new signatures are released.

Microsoft Security Bulletin Advance Notification for April 2010 including 8 remote vulnerabilities

http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx

Tuesday, April 13, 2010 is patch Tuesday. Microsoft released this
bulletin summarizing the patches it will release.

8 of these patches mitigate remotely exploitable vulnerabilities.

Users should install these patches during their regular patch Tuesday
patch window.

Thanks,
Brian

MIT Kerberos kadmind 'server_stubs.c' Remote Denial Of Service Vulnerability

http://www.securityfocus.com/bid/39247

"MIT Kerberos is prone to a remote denial-of-service vulnerability in
'kadmind'.

An attacker may exploit this issue to cause the affected application to
crash, denying service to legitimate users.

MIT Kerberos 5 1.5 through 1.6.3 are vulnerable. "

Patches are available for MIT Kerberos, RHEL and Ubuntu. It is
recommended that users upgrade to the latest release to avoid exploitation.

Thanks,
Brian

PDF Execution function deemed dangerous

http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_functio...

A design feature in PDF allows for the execution of a program from
within the PDF. Most PDF readers supply a warning about executing the
program before continuing.

A researcher last week showed how the warning message could be rewritten
by a malicious PDF and trick the user into allowing it to execute. It
could potentially infect other PDFs or run whatever the attacker desired.

Pages