Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

The August roundup

Created: 11 Sep 2006 07:00:00 GMT • Updated: 23 Jan 2014 18:57:11 GMT
Marc Fossi's picture
0 0 Votes
Login to vote

The end of summer is upon us—everyone isback from their holidays and the kids are headed back to school. Itseems that we were given a bit of a jolt in August to wake us all upfrom our relaxation, though. There were plenty of security headlines tokeep us all on our toes.

In early August, AOL publicly posted 20 million search keywords thathad been entered by its users. The data was supposed to be used byresearchers and was listed using numerical identifiers in order togroup specific keywords per user, instead of identifying the actualusers’ names. Unfortunately, some of the AOL users had entered searchterms that personally identified them, such as their own names or namesof family members. AOL pulled the keyword lists offline, but the listshad already been copied and posted in other forums. While those of usin the security industry have told people for years to be careful ofentering personal information into questionable Web sites, I don’tthink search engines were really included in that list.

On the second Tuesday of August, Microsoft released their regularround of security bulletins, including one that addressed an overflowin the Server service.The existence of a remotely exploitable vulnerability in a defaultservice sent the usual suspects into a frenzy; less than a week later,we had Wargbot. Naturally, infecting your computer wasn’t enough, so Wargbot also downloads a friend called Ranky. So, while Wargbot lets someone control your computer, Ranky helps them relay spam and phishing messages.

As part of the Microsoft bulletin roundup, some patches werereleased to address a couple of vulnerabilities in Internet Explorer.Alas, one of these patches introduced yet another new vulnerability.To make matters worse, this new vulnerability could be exploited by amalicious Web site to execute arbitrary code in the context of theuser. So, applying this particular patch would introduce a problem assevere as the ones being fixed to begin with. Luckily, an updated patchwas released a couple of days later to fix everything properly.

If this is how our summer has ended up, I have to wonder what the fall has in store for us.