Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Three new security bulletins - 13 July 2005

Three new security bulletins - 13 July 2005

Today, Microsoft issued three new security bulletins. Symantec Security response identified the following two vulnerabilities to be the most serious.

Buffer Overflow in Microsoft Colour Management Module

Microsoft has announced a security patch for a vulnerability within the Microsoft Colour Management Module (CMM), a component included within most Windows systems. CMM processes image files for a wide variety of formats including JPEG, EXIF, TIFF, PNG, PDF, PICT, PostScript, JDF (Job Definition Format), SVG, and CSS3. This vulnerability may be exploited remotely through malicious web sites or emails. It may be possible to exploit Outlook users by just previewing the email. Other applications that use CMM could be vulnerable as well, including Internet Explorer and MSN Messenger. Symantec Security Response has rated this threat as critical.

Microsoft Internet Explorer Javaprxy.DLL COM Object Heap Overflow

Microsoft has also introduced a security patch for a vulnerability in Javaprxy.dll, an interface to a debugger in the Microsoft Java Virtual Machine. An attacker could exploit this vulnerability through malicious web pages and run code on the local system resulting in complete control of the affected computer. Symantec Security Response has rated this threat as critical.

"While these are high-risk vulnerabilities, there are many steps users can take to protect themselves," said Oliver Friedrichs, senior manager, Symantec Security Response. "In addition to applying patches immediately, users should never open files or click on links from unknown sources. Computer users should keep software running with the least privileges possible and deploy network intrusion detection systems to monitor network traffic for signs of suspicious activity."

Symantec recommends the following actions for enterprises: · Evaluate the possible impact of these vulnerabilities to their critical systems. · Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions. · Take proactive steps to protect the integrity of networks and information. · Verify that appropriate data backup processes and safeguards are in place and effective. · Remind users to exercise caution in opening all unknown or unexpected email attachments and in following web links from unknown or unverified sources.

Symantec recommends the following actions for consumers: · Regularly run Windows Update and install the latest security updates to keep software up to date. · Avoid opening unknown or unexpected email attachments or following web links from unknown or unverified sources. · Consider using an internet security solution such as Norton Internet Security 2005 AntiSpyware Edition to protect against today's known and tomorrow's unknown threats.

Additional information can be found at:

Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Oceans: NOAA Declares Third Ever Global Coral Bleaching Event

As record ocean temperatures cause widespread coral bleaching across Hawaii, NOAA scientists confirm the same stressful conditions are expanding to the Caribbean and may last into the new year, prompting the declaration of the third global coral bleaching event ever on record. More>>

Scoop Business: A Decade Of Government Pre-Seed Investment

More publicly-funded science is being commercialised after a decade of government ‘pre-see’d investment, according to an independent review. More>>


Solid Energy: Plan To Shut Unprofitable Huntly East Mine

Solid Energy, the state-owned coal miner in voluntary administration, plans to shut down its unprofitable Huntly East mine and lay off 65 staff after deciding the site stands "no chance whatsoever" of finding a buyer. More>>


E Tū: Merger Creates NZ's Biggest Private Sector Union

E tū has been created by the merger of the Engineering, Printing and Manufacturing Union and Service and Food Workers’ Union. It represents more than 50,000 working New Zealanders in industries as diverse as aviation, construction, journalism, food manufacturing, mining and cleaning. More>>


Internet: NZ Govt Lifts Target Speeds For Rural Broadband

The government has lifted its expectations on faster broadband speeds for rural New Zealand as it targets increased spending on research and development in the country's information and communications technology sector, which it sees as a key driver for export growth. More>>


Banks: Westpac Keeps Core Government Transactions Contract

The local arm of Westpac Banking Corp has kept its contract with the New Zealand government to provide core transactions, but will have to share peripheral services with its rivals. More>>


Science Investment Plan: Universities Welcome Statement

Universities New Zealand has welcomed the National Statement of Science Investment released by the Government today... this is a critical document as it sets out the Government’s ten-year strategic direction that will guide future investment in New Zealand’s science system. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news