Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Three new security bulletins - 13 July 2005

Three new security bulletins - 13 July 2005

Today, Microsoft issued three new security bulletins. Symantec Security response identified the following two vulnerabilities to be the most serious.

Buffer Overflow in Microsoft Colour Management Module

Microsoft has announced a security patch for a vulnerability within the Microsoft Colour Management Module (CMM), a component included within most Windows systems. CMM processes image files for a wide variety of formats including JPEG, EXIF, TIFF, PNG, PDF, PICT, PostScript, JDF (Job Definition Format), SVG, and CSS3. This vulnerability may be exploited remotely through malicious web sites or emails. It may be possible to exploit Outlook users by just previewing the email. Other applications that use CMM could be vulnerable as well, including Internet Explorer and MSN Messenger. Symantec Security Response has rated this threat as critical.

Microsoft Internet Explorer Javaprxy.DLL COM Object Heap Overflow

Microsoft has also introduced a security patch for a vulnerability in Javaprxy.dll, an interface to a debugger in the Microsoft Java Virtual Machine. An attacker could exploit this vulnerability through malicious web pages and run code on the local system resulting in complete control of the affected computer. Symantec Security Response has rated this threat as critical.

"While these are high-risk vulnerabilities, there are many steps users can take to protect themselves," said Oliver Friedrichs, senior manager, Symantec Security Response. "In addition to applying patches immediately, users should never open files or click on links from unknown sources. Computer users should keep software running with the least privileges possible and deploy network intrusion detection systems to monitor network traffic for signs of suspicious activity."

Symantec recommends the following actions for enterprises: · Evaluate the possible impact of these vulnerabilities to their critical systems. · Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions. · Take proactive steps to protect the integrity of networks and information. · Verify that appropriate data backup processes and safeguards are in place and effective. · Remind users to exercise caution in opening all unknown or unexpected email attachments and in following web links from unknown or unverified sources.

Symantec recommends the following actions for consumers: · Regularly run Windows Update and install the latest security updates to keep software up to date. · Avoid opening unknown or unexpected email attachments or following web links from unknown or unverified sources. · Consider using an internet security solution such as Norton Internet Security 2005 AntiSpyware Edition to protect against today's known and tomorrow's unknown threats.

Additional information can be found at:

Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.


© Scoop Media

Business Headlines | Sci-Tech Headlines


DIY: Kiwi Ingenuity And Masking Tape Saves Chick

Kiwi ingenuity and masking tape has saved a Kiwi chick after its egg was badly damaged endangering the chick's life. The egg was delivered to Kiwi Encounter at Rainbow Springs in Rotorua 14 days ago by a DOC worker with a large hole in its shell and against all odds has just successfully hatched. More>>


Trade: Key To Lead Mission To India; ASEAN FTA Review Announced

Prime Minister John Key will lead a trade delegation to India next week, saying the pursuit of a free trade agreement with the protectionist giant is "the primary reason we're going" but playing down the likelihood of early progress. More>>



MYOB: Digital Signatures Go Live

From today, Inland Revenue will begin accepting “digital signatures”, saving businesses and their accountants a huge amount of administration time and further reducing the need for pen and paper in the workplace. More>>

Oil Searches: Norway's Statoil Quits Reinga Basin

Statoil, the Norwegian state-owned oil company, has given up oil and gas exploration in Northland's Reinga Basin, saying the probably of a find was 'too low'. More>>


Modern Living: Auckland Development Blowouts Reminiscent Of Run Up To GFC

The collapse of property developments in Auckland is "almost groundhog day" to the run-up of the global financial crisis in 2007/2008 as banks refuse to fund projects due to blowouts in construction and labour costs, says John Kensington, the author of KPMG's Financial Institutions Performance Survey. More>>


Health: New Zealand's First ‘No Sugary Drinks’ Logo Unveiled

New Zealand’s first “no sugary drinks logo” has been unveiled at an event in Wellington... It will empower communities around New Zealand to lift their health and wellbeing and send a clear message about the damage caused by too much sugar in our diets. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news