Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts tagged with Endpoint Protection (AntiVirus) remove filter
Showing posts by Ollie Whitehouse remove filter
Security Issues & COTS Mobile Operating Systems – Some Very Rough Numbers
Ollie Whitehouse | 20 Nov 2007 | 0 comments

I was interested in getting some rough numbers on publicly disclosed vulnerabilities in Symbian and Windows CE/Mobile platforms and applications. I cannot say with any degree of confidence that what I present below is reflective, simply due to the fact that different bugs get categorized under different vendors, platforms, or keywords. What I can document is the method I used to arrive at the below numbers. I used cve.mitre.org and did the following:

• searched by vendor, platform for Windows Mobile & Windows CE
• searched for keyword MMS picking out those relevant
• searched for keyword SMS picking out those relevant
• searched for keyword Symbian
• searched for keyword Nokia picking out those relevant

So the summary is that there are 16 for Windows CE/Mobile and six for Symbian. I guess this demonstrates people are finding vulnerabilities in these two platforms. If we take out the third party applications on Windows CE/...

Read more
Windows CE & Mobile Advisories – Elvis has left the building!
Ollie Whitehouse | 08 Nov 2007 | 0 comments

Well, we’ve arrived at where we’ve been trying to get to for some time. That is to say that we now have the ability to release security advisories for Windows CE & Windows Mobile after working through the accepted responsible disclosure process with Microsoft. It hasn't been easy, with us initially reporting issues back in February 2006, but we’ve finally got here. This really marks a milestone for COTS mobile platforms even though we did achieve something similar back in 2003 with Nokia and their proprietary OS and recently with Palm OS, but getting vendor responses on mobile security issues (with maybe the exception of RIM) has historically been hard work.

A quick thanks to all those involved here at Symantec: Katie (before she left), Tyler, as well as the folks over...

Read more
Getting Ready to Respond to Mobile Security Issues
Ollie Whitehouse | 14 Oct 2007 | 0 comments

O.K. - firstly - long time no blog. Secondly, apologies for that - a mixture of vacation, work, and work travel has recently seen me distracted a little from my blogging duties (my plate spinning is improving, however). Anyway, with the apologies out of the way, onto the subject of this blog. Recently I was invited by Microsoft to speak at BlueHat on Windows CE/Mobile security, even being given a guest spot on their blog and doing a podcast for them. Pedram from TippingPoint has provided a good summary of the talks that saves me from...

Read more
North America SMS SPAM – The Case of the Recent Cross Carrier SPAM
Ollie Whitehouse | 27 Sep 2007 | 0 comments

Interesting tidbit: I subscribe to the Messaging Newsemail newsletter. (I don’t actually remember signing up for it – buthey ho). I couldn’t find this replicated on their site so I am going toquote the interesting bits of the newsletter.

What caught by eye was the title ‘Cell Phone Users Experience Text Spam’. We’ve discussed this before with the most interesting incident being when one operator took legal action. Anyway back to the Messaging News newsletter, they said the following:


“Across the country this past weekend, many folks received a spammessage for the first time. While a common problem with email, theshear volume that...

Read more
Windows Update used to distribute fixed ATI driver – but it's optional!
Ollie Whitehouse | 06 Sep 2007 | 0 comments

In my last post on the subject of Vista versus the battle of vulnerable and malicioussigned drivers, I said there was some conjecture about whetherMicrosoft was going to use Windows Update to distribute a patch for avulnerable ATI driver. Elia Florio on our Security Response Operations team in Ireland sent me a link to a notice at ISC which showed this is indeed what they are doing. The link to the AMD notice shows this is indeed meant to resolve the security issue.

It is kind interesting that Microsoft is making the update only‘...

Read more
It’s a bird! It’s a plane! It’s… well, it’s actually a plane
Ollie Whitehouse | 29 Aug 2007 | 0 comments

With the airline industry being as competitive as it is, many of today's airlines are in the process of implementing lavish in-flight entertainment systemsthat offer a wide range of options including TV, movies, music andgames. Gone are the days where they tossed you cheap headphones wrappedin plastic and that was it. Of course, to deliver all this rich mediacontent, the underlying embedded systems need to have the power todeliver, so it’s no surprise that several are running on Linux.

Coincidentally, I just put up a rant…er, commentary… around embedded systems securityand how it seems to be down there in the priority list with poshchocolate biscuits and free soda. While we're all waiting for such thisutopia to arrive, in the meantime, I can think I can safely...

Read more
What Does the Future Hold for Security?
Ollie Whitehouse | 28 Aug 2007 | 0 comments

Yes this could be a 500 page book, but I’m going to try to present the future of security in fewer than 1,200 words.

Up to now in this anniversary series, my fellow Symantecites have been discussing what has happened over the past 25 years around security and how Symantec and the industry have grown to meet these challenges in a number of areas, from malicious code and vulnerabilities through to modern day threats such as phishing. We’ve come from a world of floppy disks and modems into a world so connected and converged that few of us could have imagined how it would have become so in such a short time. The rate at which technology has evolved and been adopted has, at times, left security analysts scrabbling to catch up – which, in turn, has created significant risks.

First a little history: I’m one of the many people who came to work for Symantec via acquisition. I used worked for @stake in Europe for a number of years before the acquisition as a...

Read more
A call to embedded system developers – think of the consumers and users
Ollie Whitehouse | 26 Aug 2007 | 0 comments

Recently I bought a NAS (Network Attached Storage) solution for hometo manage backups for the ever increasing number of storage devices weall seem to be accumulating. I did as most people would and selected aconsumer solution from a well-known brand. The brand name on the box,as is not unusual in this day and age, was not the actual developer ofthe underlying reference design. Instead the system was developed by athird-party, including the controller and remote management software,which was subsequently modified to support some proprietary LEDs andgave the company license to slap their logo on it by the name on thebox.

Anyway, this solution was built using GPL software components(Linux, Lighttpd and Perl among others); the vendor and original OEMabided by this license and released all the code on their site(including configurations). I did some digging around and was somewhatdismayed to discover that this product had a number of significantsecurity issues. These...

Read more
ATI’s penicillin to PurplePill and the PatchGuard patch that wasn’t
Ollie Whitehouse | 23 Aug 2007 | 0 comments

Here is a short update to bring this latest chapter in Vista’s security fairytale finally to a close.

On Monday the 13th of August, ATI patched their Catalyst drivers to resolve the vulnerability that PurplePill exploited. ATI should be commended with the speed and agility theyresponded to the issue, although one has to wonder if Microsoft had ahand in this.

It’s still not clear on how they are going to deal with thedistribution of this update (there's some conjecture around usingWindows Update) and revocation of the old driver. Patching it is onething, but they can’t leave the old driver...

Read more
Is That a Hole in Your Kernel or Are You Just Pleased to See Me?
Ollie Whitehouse | 13 Aug 2007 | 0 comments

So, in the Future Watch section of the last Internet Security ThreatReport and in our Windows Vista research, we stated that drivers wereincreasingly being attacked and that we would expect this trend tocontinue. We also stated that these third-party drivers posed one ofthe greater areas of exposure to technologies such as driver signing,PatchGuard and general kernel integrity on Windows Vista 64bit. I recently blogged about an example of one third-party hardware driver from ATI and the issues it was causing Microsoft. Before that, I discussed a third-party driver which was specifically designed to allow the loading of arbitrary unsigned kernel drivers.

Anyway, before these came another example, though I've...

Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,791