PREVIOUS GNEWSPREVIOUS GNEWS

• 7 Patches – 11 bugs addressed• Affecting Windows, Windows Servers, Vista, Media Player, DirectX,

Macrovision (DRM)

• Other updates, MSRT, Defender Definitions, Junk Mail Filter

Patch Tuesday

• 7 Security Patches - 3 Critical, 4 Important– MS07-063 – SMBv2 (Vista) - Remote Code Execution– MS07-064 – DirectX (Directx 7 – 10) - Remote Code Execution– MS07-065 – Message Queuing Service (2K, XP) – Remote Code Execution– MS07-066 – Windows Kernel (Vista) - Privilege Escalation– MS07-067 – Macrovision Driver (XP, 2003) – Local Privilege Escalation– MS07-068 – Media File Format (Runtime 7 - 11) - Remote Code Execution– MS07-069 – IE Cumulative Update

Holes / Patches• Samba, Overflow in “reply_netbios_packet()” and GETDC (patch

available)

• FLAC file format, eEye reports 14 vulns

• Lotus Notes 1-2-3 File Viewer, Overflow in 123sr.dll (patch available)

• Avaya OpenSSL, Overflow in “SSL_get_shared_ciphers()” (work around available)

• Cygwin, Overflow in cygwin1.dll (patch available)

• Avast, Tar handling (patch available)

• Skype, Overflow in sykpe4com.dll (patch available)

Hacking

• FBI brags on BotNet hunting, “Operation Bot Roast II”– 8 controllers in 5 months

• AT&T plans decommissioning of payphones over next year– RIP 1889 - 2008

• MS 27 Mhz Keyboards cracked, Expect Logitech to follow

• Sun announces open-source rewards program– Code a thousand hours get a magazine subscription

• Oak Rodge National Lab compromised via phishing– Possible link to China

Holes / Patches (more)• Apple Patch Release 2007-008

– 41 patches

• Apple QuickTime, Overflow in “content-type” header– Multiple exploits posted to Milw0rm

• Mozilla Firefox, Multiple vulns multiple updates

• OpenOffice, bypass security restrictions in HSQLDB engine (patch available)

• Media Player, Overflow in 3ivx MPEG-4 5.0.1– Exploit posted to Milw0rm

• BitDefender ActiveX , Overflow in “InitX()” (patch available)– Exploit posted to Milw0rm

Games• Blizzard and Activision announce merger

• Sony game “ICO” for PS2 violates GPL

Corp. Hell• OLPC “Give one, Get one” extended to Dec 31 2007

– 45,000 ordered (24 Nov 2007)– MS and Intel turn up competitive heat

• Nigerian Company claims patent infringement against OLPC’s XO laptop– Multilingual keyboard technology– Prior fraud record

• Devorak says food more important than computers

• Verizon Wireless to open network to 3rd party devices– Google Android on the supported list

• Germany deems network locked iPhones legal • Nokia Claims ogg as proprietary format

• PDF is no ISO 32000

• Facebook allows Beacon to be disabled in light of privacy concerns

Film / Music• Comcast targets fan-sub anime

• Free Software Foundation launches “Expert Witness Defense Fund”

• EMI to decrease funding of industry groups (RIAA, IFPI)

• Blade Runner: The Final Cut

Papers• German Botnet Study, “Characterizing the IRC-based

Botnet Phenomenon”

• NIST, “Guide to Industrial Control Systems (ICS) Security”– SCADA, DCS, PLC

• Vista SP1 Preview

• Nikto 2.00

• Medusa 1.4 (passwd cracker)

• EFF ISP Forgery Detection Toolkit / pcapdiff

• Iodine 0.4.1 (dns tunnel)

• Swift Intruder (flash runtime analysis)

• Snort 2.8.0.1

• FireFox 2.0.0.12 (and 2.0.0.10 and 2.0.011)

Updates

Legal• HushMail follow-up, Warning users of required compliance with

legal “back-doors”

• FCC cable TV vote delayed– Measure would allow more FCC control of industry

• All US border crosses to get terrorist risk profiles and kept for 40 years

• Japan to fingerprint all foreigners

• Canadian Passport website allowed access to personal data

• ISC2 claims Google and Yahoo indexing infringes on Trademarks

CON Results

• Hack In The Box Malaysia 2007 (sept), videos no on-line

• Undisclosed MS bugs demo’ed at KiwiCon– WPAD– Ethical hacker, Beau Butler– 160,000 PCs in New Zealand reported vulnerable

CON Events• Completed Cons

– LISA, 11 - 16 Nov 2007 - Dallas TX– OWASP + WASC, 12 -15 Nov - San Jose CA– BreakPoint, 15 - 18 Nov - Mexico– SecTor, 20 – 21 Nov – Toronto Canada– PacSec 2007, 29 – 30 Nov - Tokyo

• Future Cons– Chaos Communication Congress, 27 - 30 Dec 2007 - Berlin– l

All images scavenged without permission

All images scavenged without permission