Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 


Three new security bulletins - 13 July 2005

Three new security bulletins - 13 July 2005

Today, Microsoft issued three new security bulletins. Symantec Security response identified the following two vulnerabilities to be the most serious.

Buffer Overflow in Microsoft Colour Management Module

Microsoft has announced a security patch for a vulnerability within the Microsoft Colour Management Module (CMM), a component included within most Windows systems. CMM processes image files for a wide variety of formats including JPEG, EXIF, TIFF, PNG, PDF, PICT, PostScript, JDF (Job Definition Format), SVG, and CSS3. This vulnerability may be exploited remotely through malicious web sites or emails. It may be possible to exploit Outlook users by just previewing the email. Other applications that use CMM could be vulnerable as well, including Internet Explorer and MSN Messenger. Symantec Security Response has rated this threat as critical.

Microsoft Internet Explorer Javaprxy.DLL COM Object Heap Overflow

Microsoft has also introduced a security patch for a vulnerability in Javaprxy.dll, an interface to a debugger in the Microsoft Java Virtual Machine. An attacker could exploit this vulnerability through malicious web pages and run code on the local system resulting in complete control of the affected computer. Symantec Security Response has rated this threat as critical.

"While these are high-risk vulnerabilities, there are many steps users can take to protect themselves," said Oliver Friedrichs, senior manager, Symantec Security Response. "In addition to applying patches immediately, users should never open files or click on links from unknown sources. Computer users should keep software running with the least privileges possible and deploy network intrusion detection systems to monitor network traffic for signs of suspicious activity."

Symantec recommends the following actions for enterprises: · Evaluate the possible impact of these vulnerabilities to their critical systems. · Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions. · Take proactive steps to protect the integrity of networks and information. · Verify that appropriate data backup processes and safeguards are in place and effective. · Remind users to exercise caution in opening all unknown or unexpected email attachments and in following web links from unknown or unverified sources.

Symantec recommends the following actions for consumers: · Regularly run Windows Update and install the latest security updates to keep software up to date. · Avoid opening unknown or unexpected email attachments or following web links from unknown or unverified sources. · Consider using an internet security solution such as Norton Internet Security 2005 AntiSpyware Edition to protect against today's known and tomorrow's unknown threats.

Additional information can be found at: http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx

Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.

ENDS

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Sky City : Auckland Convention Centre Cost Jumps By A Fifth

SkyCity Entertainment Group, the casino and hotel operator, is in talks with the government on how to fund the increased cost of as much as $130 million to build an international convention centre in downtown Auckland, with further gambling concessions ruled out. The Auckland-based company has increased its estimate to build the centre to between $470 million and $530 million as the construction boom across the country drives up building costs and design changes add to the bill.
More>>

ALSO:

RMTU: Mediation Between Lyttelton Port And Union Fails

The Rail and Maritime Union (RMTU) has opted to continue its overtime ban indefinitely after mediation with the Lyttelton Port of Christchurch (LPC) failed to progress collective bargaining. More>>

Earlier:

Science Policy: Callaghan, NSC Funding Knocked In Submissions

Callaghan Innovation, which was last year allocated a budget of $566 million over four years to dish out research and development grants, and the National Science Challenges attracted criticism in submissions on the government’s draft national statement of science investment, with science funding largely seen as too fragmented. More>>

ALSO:

Scoop Business: Spark, Voda And Telstra To Lay New Trans-Tasman Cable

Spark New Zealand and Vodafone, New Zealand’s two dominant telecommunications providers, in partnership with Australian provider Telstra, will spend US$70 million building a trans-Tasman submarine cable to bolster broadband traffic between the neighbouring countries and the rest of the world. More>>

ALSO:

More:

Statistics: Current Account Deficit Widens

New Zealand's annual current account deficit was $6.1 billion (2.6 percent of GDP) for the year ended September 2014. This compares with a deficit of $5.8 billion (2.5 percent of GDP) for the year ended June 2014. More>>

ALSO:

Still In The Red: NZ Govt Shunts Out Surplus To 2016

The New Zealand government has pushed out its targeted return to surplus for a year as falling dairy prices and a low inflation environment has kept a lid on its rising tax take, but is still dangling a possible tax cut in 2017, the next election year and promising to try and achieve the surplus pledge on which it campaigned for election in September. More>>

ALSO:

Job Insecurity: Time For Jobs That Count In The Meat Industry

“Meat Workers face it all”, says Graham Cooke, Meat Workers Union National Secretary. “Seasonal work, dangerous jobs, casual and zero hours contracts, and increasing pressure on workers to join non-union individual agreements. More>>

ALSO:

Get More From Scoop

 
 
Standards New Zealand

Standards New Zealand
 
 
 
 
 
 
 
 
Sci-Tech
Search Scoop  
 
 
Powered by Vodafone
NZ independent news