Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Symantec Security Response: Microsoft October

Symantec Security Response: Microsoft Oct. Security Bulletin

On Tuesday, November 9, Microsoft issued information on a new vulnerability in Microsoft ISA and Proxy Server impacting both consumer and enterprise users. Microsoft ISA and Proxy Server are prone to an Internet domain name spoofing vulnerability that could allow an attacker to spoof Internet sites. This threat is being rated as a moderate risk by Symantec. In order for an attack to occur, the attacker must entice a vulnerable user to visit a malicious website instead of the site they are attempting to access. The attacker could then present false forms to the user in an effort to gather personal information. To guard against this threat, Symantec strongly encourages all users not to click on links to unknown websites.

"With the increasing prevalence of Phishing attacks, this vulnerability may provide yet another platform for the gathering of identity information," said Oliver Friedrichs, senior manager, Symantec Security Response.

Symantec recommends a proactive approach to vulnerability management as an important element of security best practices. IT administrators can expedite and simplify the patching process by implementing solutions such as Symantec ON iPatch, which proactively scans computer systems, identifies missing security patches, reports on the patch status, and then begins deployment of missing patches. In addition, users and network administrators should keep all antivirus definitions up-to-date and use appropriate firewall settings.

In addition, Symantec has also identified a new Level 2 threat - W32.Mydoom.AH@mm. W32.Mydoom.AH@mm is a mass-mailing worm that spreads itself via email addresses found on an infected system. To date, Symantec has received a total of 25 submissions, with 20 submissions coming from corporate customers. This threat exploits a buffer overflow vulnerability in Microsoft Internet Explorer IFRAME. At this time, there is no patch available for this vulnerability. Symantec strongly advises that administrators deploy the following mitigation strategies:

* Block outbound access to TCP ports 1639 to 1649 as these ports are likely to be used by W32.Mydoom.AH to download malicious code after compromise

* Filter inbound TCP ports 1639 to 1649 traffic in order to prohibit other systems from accessing systems that may already be infected

* Block outbound access to TCP port 6667

* Disable ActiveX on all systems running Internet Explorer

* Keep AV systems up-to-date with the most recent definitions to detect this threat

"With vulnerabilities being announced regularly, organizations need to make patch management part of their ongoing systems maintenance process," said Friedrichs. "And since there is an ever-shrinking window of time between vulnerability announcement and vulnerability exploit, quick implementation of patches and mitigation strategies is critical to the integrity of a network."


© Scoop Media

Business Headlines | Sci-Tech Headlines


Mycoplasma Bovis: More Properties Positive

One of the latest infected properties is in the Hastings district, the other three are within a farming enterprise in Winton. The suspect property is near Ashburton. More>>


Manawatū Gorge Alternative: More Work Needed To Choose Route

“We are currently working closely and in partnership with local councils and other stakeholders to make the right long-term decision. It’s vital we have strong support on the new route as it will represent a very significant long-term investment and it will need to serve the region and the country for decades to come.” More>>


RBNZ: Super Fund Chief To Be New Reserve Bank Governor

Adrian Orr has been appointed as Reserve Bank Governor effective from 27 March 2018, Finance Minister Grant Robertson says. More>>


ScoopPro: Helping PR Professionals Get More Out Of Scoop has been a fixture of New Zealand’s news and Public Relations infrastructure for over 18 years. However, without the financial assistance of those using Scoop in a professional context in key sectors such as Public Relations and media, Scoop will not be able to continue this service... More>>

Insurance: 2017 Worst Year On Record For Weather-Related Losses

The Insurance Council of New Zealand (ICNZ) announced today that 2017 has been the most expensive year on record for weather-related losses, with a total insured-losses value of more than $242 million. More>>