ep's blog

Microsoft Security Bulletin Advance Notification for April 2010 including 8 remote vulnerabilities

http://www.microsoft.com/technet/security/bulletin/ms10-apr.mspx

Tuesday, April 13, 2010 is patch Tuesday. Microsoft released this
bulletin summarizing the patches it will release.

8 of these patches mitigate remotely exploitable vulnerabilities.

Users should install these patches during their regular patch Tuesday
patch window.

Thanks,
Brian

MIT Kerberos kadmind 'server_stubs.c' Remote Denial Of Service Vulnerability

http://www.securityfocus.com/bid/39247

"MIT Kerberos is prone to a remote denial-of-service vulnerability in
'kadmind'.

An attacker may exploit this issue to cause the affected application to
crash, denying service to legitimate users.

MIT Kerberos 5 1.5 through 1.6.3 are vulnerable. "

Patches are available for MIT Kerberos, RHEL and Ubuntu. It is
recommended that users upgrade to the latest release to avoid exploitation.

Thanks,
Brian

PDF Execution function deemed dangerous

http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_functio...

A design feature in PDF allows for the execution of a program from
within the PDF. Most PDF readers supply a warning about executing the
program before continuing.

A researcher last week showed how the warning message could be rewritten
by a malicious PDF and trick the user into allowing it to execute. It
could potentially infect other PDFs or run whatever the attacker desired.

Apple Safari for Windows Prior to 4.0.5 Integer Overflow Vulnerability

http://www.securityfocus.com/bid/38674

"Safari is prone to an integer overflow vulnerability.

Successfully exploiting this issue may allow remote attackers to execute
arbitrary code in the context of the application. Failed attacks will
likely cause denial-of-service conditions."

Apple has released version 4.0.5 of the software. It is recommended
that users update to this release.

Thanks,
Brian

Apple iPhone Malformed VML Data Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/38990/discuss

A POC exploit has been written that can crash Safari on the Apple iPhone
when the user visits a maliciously crafted webpage. This affects:

Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 3.1
Apple iPhone 3.0

The POC claims the ability to execute arbitrary code via this exploit.
Apple has not yet released a patch or verified this issue.

90 percent of Windows 7 flaws fixed by removing admin rights

http://arstechnica.com/microsoft/news/2010/03/half-of-windows-flaws-miti...

Thanks to David for this article.  In it Ars Technica covers a report by BeyondTrust on Windows vulnerabilities in 2009.  It compares the vulnerability on Windows 2000 through Windows 7, and whether a user has admin rights or not.

If nothing else, this article speaks to why regular users are better protected if they run without administrative privileges.

Thanks,
ep

Broadcom NetXtreme Ethernet Card possible remote vulnerability

http://www.kb.cert.org/vuls/id/512705

"A buffer overflow vulnerability exists in the Broadcom NetXtreme
management firmware. This vulnerability may allow a remote attacker to
execute arbitrary code on an affected device."

This affects the firmware on the card itself, regardless of whether the
machine is turned on or off. Both Dell and HP use these cards in their
desktops and servers.

The following devices/firmwares are affected:

Pages