« Return to Thread: Advisory #230 - WinAmp, Multiple News
Advisory #230 - WinAmp, Multiple News
by Sunnet Beskerming Alert mailing list
::
Rate this Message:
Sûnnet Beskerming Alert List Advisory #230
You are receiving this message because you have subscribed to our
Information Security Alert Mailing List, or have been selected for a
specific one-off copy. If you believe that you are receiving this
message in error, please contact info@... to resolve the
error.
Why not upgrade to get same day notification on security threats?
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).
Why not go the next step and get delivery tailored just for your
company?
(http://www.beskerming.com/premium/focussed_advisory.html)
Contents
--------------------------------------------------------------------
1. SECURITY
--------------------------------------------------------------------
1.1 WinAmp
- Remote Hacker Manual Control
- Time Since Discovery - 7 Days
=======================================
/*
- Remote or Local - Can it be achieved through a network or does it
require physical access?
- Hacker - The bad guy
- Manual or Automatic - Does the vulnerability need to be manually
performed, or can it be automated?
- Control, Denial of Service or Data Theft - Will the hacker get
control of your system / website, will they prevent you from using
it, or will they steal data.
*/
--------------------------------------------------------------------
2. NEWS
--------------------------------------------------------------------
2.1 Microsoft Security Patch Advance Notice
2.2 Is The Security Industry Needed?
2.3 Microsoft To Acquire Yahoo!?
=====================================
1. SECURITY
1.1 WinAmp - Remote Hacker Manual Control
-- Products Affected --
WinAmp 5.34 and earlier
-- Technical Description --
Poor handling of exception condition with the MP4 plugin can lead to
arbitrary code execution. Reliable exploitation is difficult, though
the available exploit code is being refined.
-- Description --
The same researcher who discovered the image handling
vulnerabilities associated with Photoshop and Paint Shop Pro has also
discovered a vulnerability with the way that WinAmp handles MP4
files. If a user can be tricked into playing a malicious MP4 file
through the player, it could allow a remote attacker the ability to
run software of their choice on the system, and thus take control of it.
-- Recommended Action --
Avoid handling MP4 files from untrusted sources until updates can be
released.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 8 8 (Very High)
Corporate 8 8 (Very High)
=======================================
/*
Threat Matrix:
U - User
O - Operator
Harmless - 0 ----- 10 - Highly Critical
*/
=======================================
2. NEWS
2.1 Microsoft Security Patch Advance Notice
Microsoft's monthly Security Patch release is due next week and
Microsoft has provided advance notice of the patches that they are
expecting to release. It is important to note that the currently-
exploited vulnerability affecting the Microsoft DNS Server.
Microsoft are planning to release two patches for Windows, with a
maximum rating of Critical; three patches for Office, with a maximum
rating of Critical; one patch for Exchange, rated Critical; and one
patch for CAPICOM and BizTalk, rated as Critical.
2.2 Is The Security Industry Needed?
At his InfoSecurity Europe presentation noted security expert, Bruce
Schneier questioned whether an Information Security industry was
really needed. For the CTO of a major Information Security firm, and
founder of Counterpane Internet Security (the forerunner to BT
Counterpane), his comments raised many eyebrows and led to the
expected counterclaims and outcry.
In clarifying his comments, Bruce repeats his stance that if security
was improved before products went to market, then there would be no
need for an aftermarket security industry. This truism is obvious
enough, but it fails to recognise that the same problems exist in all
other spheres where security is needed. If we could build better
buildings, with more secure doors and windows, then we wouldn't need
security systems. In Information Technology, building the perfect
system rapidly becomes impossible as systems become more complex and
attackers find more esoteric methods to use when compromising defences.
Bruce's comments appear to suggest that the problem is one of
communication between vendors and clients, not that the industry is
no longer needed (although that would be a nice outcome). The
increasing trend of Information services becoming treated as a
utility (commoditisation of services) is a significant step in this
direction. Although he didn't mention it in his coverage, or his
clarifying remarks, Bruce has stated that nothing is going to change
until vendors can be held accountable for the failure of their
security services (i.e. being able to successfully sue a company for
the failure of its products).
2.3 Microsoft To Acquire Yahoo!?
Following the acquisition of DoubleClick by Google, rumours have
begun to circulate that Microsoft has now turned attention towards
Yahoo!, with talk of a $50 billion takeover bid. Not only would this
remove one of the major competitors in the search market, it will
also provide Google with control over one of the biggest online
advertising companies.
If such a takeover bid is successful, it will make for a very
interesting online environment - where Google and Microsoft become
the main search and online advertising providers for the majority of
the Internet.
=======================================
Sincerely,
Sûnnet Beskerming Team
info@...
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444
** Sûnnet Beskerming Pty. Ltd. **
Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.
_______________________________________________
Alertmailinglist mailing list
Alertmailinglist@...
http://skiifwrald.com/mailman/listinfo/alertmailinglist_skiifwrald.com
You are receiving this message because you have subscribed to our
Information Security Alert Mailing List, or have been selected for a
specific one-off copy. If you believe that you are receiving this
message in error, please contact info@... to resolve the
error.
Why not upgrade to get same day notification on security threats?
Details and rates available online -
(http://www.beskerming.com/premium/generic_advisory.html).
Why not go the next step and get delivery tailored just for your
company?
(http://www.beskerming.com/premium/focussed_advisory.html)
Contents
--------------------------------------------------------------------
1. SECURITY
--------------------------------------------------------------------
1.1 WinAmp
- Remote Hacker Manual Control
- Time Since Discovery - 7 Days
=======================================
/*
- Remote or Local - Can it be achieved through a network or does it
require physical access?
- Hacker - The bad guy
- Manual or Automatic - Does the vulnerability need to be manually
performed, or can it be automated?
- Control, Denial of Service or Data Theft - Will the hacker get
control of your system / website, will they prevent you from using
it, or will they steal data.
*/
--------------------------------------------------------------------
2. NEWS
--------------------------------------------------------------------
2.1 Microsoft Security Patch Advance Notice
2.2 Is The Security Industry Needed?
2.3 Microsoft To Acquire Yahoo!?
=====================================
1. SECURITY
1.1 WinAmp - Remote Hacker Manual Control
-- Products Affected --
WinAmp 5.34 and earlier
-- Technical Description --
Poor handling of exception condition with the MP4 plugin can lead to
arbitrary code execution. Reliable exploitation is difficult, though
the available exploit code is being refined.
-- Description --
The same researcher who discovered the image handling
vulnerabilities associated with Photoshop and Paint Shop Pro has also
discovered a vulnerability with the way that WinAmp handles MP4
files. If a user can be tricked into playing a malicious MP4 file
through the player, it could allow a remote attacker the ability to
run software of their choice on the system, and thus take control of it.
-- Recommended Action --
Avoid handling MP4 files from untrusted sources until updates can be
released.
-- Source --
(Paid subscription required to access)
-- Updates Available --
(Paid subscription required to access)
-- External Tracking Data --
(Paid subscription required to access)
-- Threat Matrix --
U O
Home User 8 8 (Very High)
Corporate 8 8 (Very High)
=======================================
/*
Threat Matrix:
U - User
O - Operator
Harmless - 0 ----- 10 - Highly Critical
*/
=======================================
2. NEWS
2.1 Microsoft Security Patch Advance Notice
Microsoft's monthly Security Patch release is due next week and
Microsoft has provided advance notice of the patches that they are
expecting to release. It is important to note that the currently-
exploited vulnerability affecting the Microsoft DNS Server.
Microsoft are planning to release two patches for Windows, with a
maximum rating of Critical; three patches for Office, with a maximum
rating of Critical; one patch for Exchange, rated Critical; and one
patch for CAPICOM and BizTalk, rated as Critical.
2.2 Is The Security Industry Needed?
At his InfoSecurity Europe presentation noted security expert, Bruce
Schneier questioned whether an Information Security industry was
really needed. For the CTO of a major Information Security firm, and
founder of Counterpane Internet Security (the forerunner to BT
Counterpane), his comments raised many eyebrows and led to the
expected counterclaims and outcry.
In clarifying his comments, Bruce repeats his stance that if security
was improved before products went to market, then there would be no
need for an aftermarket security industry. This truism is obvious
enough, but it fails to recognise that the same problems exist in all
other spheres where security is needed. If we could build better
buildings, with more secure doors and windows, then we wouldn't need
security systems. In Information Technology, building the perfect
system rapidly becomes impossible as systems become more complex and
attackers find more esoteric methods to use when compromising defences.
Bruce's comments appear to suggest that the problem is one of
communication between vendors and clients, not that the industry is
no longer needed (although that would be a nice outcome). The
increasing trend of Information services becoming treated as a
utility (commoditisation of services) is a significant step in this
direction. Although he didn't mention it in his coverage, or his
clarifying remarks, Bruce has stated that nothing is going to change
until vendors can be held accountable for the failure of their
security services (i.e. being able to successfully sue a company for
the failure of its products).
2.3 Microsoft To Acquire Yahoo!?
Following the acquisition of DoubleClick by Google, rumours have
begun to circulate that Microsoft has now turned attention towards
Yahoo!, with talk of a $50 billion takeover bid. Not only would this
remove one of the major competitors in the search market, it will
also provide Google with control over one of the biggest online
advertising companies.
If such a takeover bid is successful, it will make for a very
interesting online environment - where Google and Microsoft become
the main search and online advertising providers for the majority of
the Internet.
=======================================
Sincerely,
Sûnnet Beskerming Team
info@...
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: +61 (0) 410 707 444
** Sûnnet Beskerming Pty. Ltd. **
Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.
_______________________________________________
Alertmailinglist mailing list
Alertmailinglist@...
http://skiifwrald.com/mailman/listinfo/alertmailinglist_skiifwrald.com
« Return to Thread: Advisory #230 - WinAmp, Multiple News
| Free Forum Powered by Nabble | Forum Help |
