Smokey's Security Weblog

veritas odium parit

An excellent openSUSE 11 Review & Tutorial by Dedoimedo aka Mrkvonic

Like usual, Dedoimedo aka Mrkvonic have written an excellent review and tutorial, this time it concern openSUSE 11.

Mrkvonic:

“This review/tutorial including the use and installation on a laptop, so you can expect to see the following:

Wireless support, multimedia support (MP3, Java, Flash, VLC, K3B, DVD), NTFS support, Samba sharing, virtualization – VMware Server, including running Windows and Linux guests from remote Windows and Linux machines, all using wireless, games, an extensive guide on partitioning and installation and the use of the Updater (updating system, adding repositories, zypper), and more.”

To the openSUSE adherents this review is an absolute must!

Full review: Dedoimedo

November 15, 2008 Posted by Smokey | Advisories, Friends, News, Uncategorized | , , | No Comments Yet

AVG, what the heck are you doing lately? Shame on you!

AVG/Grisoft, no excuse can or will save you anymore from the 2008 Hall of Shame Award.
The continuous serial false alarms have shaked customers confidence in your product considerable.
False alarms by anti-virus scanners are a well-known occurence, however 3 times a false positive concerning (important) system files and (security) software in less than a month is not to defend. It is obvious that your Quality Department need radical cleaning.

Your first false positive hitted CheckPoint’s Zone Alarm, you categorised it as a Trojan.
The second blooper concerned Windows system file user32.dll, I already blogged about it. You was the opinion that this file was a Trojan too.
Your recent false postive have labeled Adobe Flash now also malicious (falsely as Trojan horse generic PSW.Generic6.AQPD, object is \windows\system32\macromed\flash\flashutil10a.exe)

It is incredible. After the user32.dll FP debacle you stated:

“AVG Technologies apologizes again for the inconvenience caused to our customers and wishes to assure our users worldwide that the company is actively putting new processes in place to avoid similar occurrences in the future”.

It is obvious that statement isn’t made with any serious intentions at all. You misleaded with it your customers, by giving them the wrong impression you are serious working on your problems.

Therefore, to me it is a pleasure to award you with the “honorable” title:

AVG/Grisoft – Smokey’s Security Weblog 2008 Hall of Shame Winner.

Update Dec. 20, 2009

AVG’s stay in the Hall of Shame will not be prolonged, reason: considerable improvement in combating False Positives, and bringing them back to an acceptable level. Congrats AVG with the hard work to improve your products! :)

November 15, 2008 Posted by Smokey | Advisories, Alerts, Friends, Malware, News, Security, Vulnerabilities | , , , , , , , , , , | 10 Comments

Sun StarOffice/StarSuite 7.x/8.x Multiple Highly Vulnerabilities reported

After the Apple Safari 3.x alert, another alert today.

It concern highly critical vulnerabilities in Sun StarOffice/StarSuite 7.x/8.x for SPARC, x86, Linux, and Windows platform and StarSuite 8 Impress Standalone for the Windows platform.

Impact

- A security vulnerability with the way StarOffice/StarSuite 7 and 8 process EMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.
- A security vulnerability with the way StarOffice/StarSuite 7 and 8 process Windows Metafile (.wmf) files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.

Original advisories: Sun Documents 242627 and 243226.

According to Secunia there are partial fixes available. Extended info and download locations: Secunia.

November 15, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Malware, Security, Vulnerabilities | , , , , , , , , | No Comments Yet

Multiple Highly Critical Vulnerabilities in Apple Safari 3.x for Windows and Mac OS X

Multiple highly critical vulnerabilities are reported in Apple Safari 3.x for Mac OS’s and Safari 3.x for Windows XP and Vista, it concern all versions prior to 3.2

Impact of the vulnerabilities

- Multiple vulnerabilities exist in zlib 1.2.2, the most serious of which may lead to a denial of service.
- Processing an XML document may lead to an unexpected application termination or arbitrary code execution.
- Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
- Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
- Viewing a large maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution.
- Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution.
- Sensitive information may be disclosed to a local console user.
- Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
- Visiting a maliciously crafted website may lead to the disclosure of sensitive information.

Original Advisory: Apple

Vendor patches to close these vulnerabilities are available, please update to version 3.2 asap.

Downloads

Safari 3.2 for Windows: here
Safari 3.2 for Tiger: here
Safari 3.2 for Leopard: here

November 15, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Malware, Security, Vulnerabilities | , , , , , , , , , | 1 Comment