Vulnerabilities plague Adobe Reader, Acrobat
Those who use Adobe Reader and Acrobat for Mac OS systems should update to version 7.0.2 to fix security holes attackers could exploit to compromise machines and launch malicious code. Danish security firm Secunia said in an advisory that two vulnerabilities have been reported:
- A security issue in the updater causes Safari Frameworks folder permissions to be elevated for all users when downloading updates.
The vulnerabilities affect versions 7.0 and 7.0.1 for Mac OS. The vendor has addressed the problems in version 7.0.2.
Bagle/Mitglieder back for more trouble
Security experts warn that a new variant of Bagle/Mitglieder is in the wild, disabling antivirus programs in the machines it infects. Finnish security firm F-Secure said on its Web site that the malcode -- known as both Mitglieder-CN and Bagle-BQ -- has been "spammed largely."
This latest activity resembles an attack earlier this month in which a trio of malicious programs worked together to hijack as many machines as they could in a short period. At the time, antivirus experts said the Glieder, Fantibag and Mitglieder Trojan horse programs were trying to grow an army of zombie machines that could be sold on the black market and used to steal identities, lift bank account numbers and launch other attacks.
Here's what F-Secure said about the latest activity: "When Mitglieder is first run, it copies itself to the Windows system directory as WINSHOST.EXE and drops a .dll file named WIWSHOST.EXE there. This .dll file is then injected into the Explorer.exe process." The WIWSHOST.EXE file has downloading functionality and can disable antivirus software, the firm said, adding, "When loaded, it may modify the HOSTS file. Then another piece of code responsible for disabling/altering services gets control." F-Secure said its software is among those the malcode targets. McAfee and Symantec are also affected.
Credit card users sue over recent data theft
Consumers and merchants in California are suing CardSystems Solutions, Visa and MasterCard over the recent data theft that exposed 40 million card holders to fraud. According to CNET News.com, the suit was filed Monday in California Superior Court in San Francisco. It accuses the companies of violating California law by failing to secure credit card systems and inform consumers of the breach at payment processor CardSystems in a timely fashion. MasterCard publicly announced the breach June 17. CardSystems Solutions has since acknowledged the breach happened and that it had no business holding onto the 40 million credit card accounts that were eventually compromised.
The lawsuit asks that CardSystems, Visa and MasterCard inform consumers whose personal information was exposed and give special notice to those whose data was confirmed stolen, CNET News.com reported. All involved should also get access to a credit-monitoring service, according to the suit. Additionally, the credit card companies should waive any charge-back fees or penalties to merchants in the case of fraudulent transactions that involve any of the credit cards involved in the security breach, Ira Rothken, the San Rafael, Calif.-based attorney who filed the suit, told CNET News.com.
IBM fixes database flaw
Attackers could exploit a security hole in the IBM DB2 Universal Database to gain extra user privileges, the French Security Incident Response Team [FrSIRT] said in an advisory. IBM has addressed the problem by releasing DB2 UDB version 8 FixPaks 6c, 7b, 8a and 9a.
"This flaw is due to an error when verifying the privilege level of users, which could be exploited by malicious users with 'SELECT' privilege to insert, update or delete the contents of certain tables, even if they do not hold the required insert, update and/or delete privileges," the advisory said. The flaw affects:
- DB2 UDB versions 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2
- DB2 UDB Enterprise Server Edition
- DB2 UDB Workgroup Server (all Editions)
- DB2 UDB Express Server (all Editions)
- DB2 UDB Personal Edition
Security hole in Linux kernel
Local attackers could exploit a vulnerability in the Linux kernel to cause a denial of service, Danish Security firm Secunia said in an advisory. "The vulnerability [specifically in Linux Kernel 2.6.0] is caused by an error in 'fault.c' and can cause the kernel to crash when handling specially crafted 'syscall()' arguments on the AMD64 platform when running in 32-bit compatibility mode," Secunia said, adding it is not aware of an official patch or updated version to fix the problem. The firm recommended network managers grant access only to trusted users.
Computer Associates acquires Tiny Software
New York-based Computer Associates [CA] said Monday it has acquired Tiny Software Inc., a private developer of endpoint security technology for Windows desktops and servers, including the Tiny Personal Firewall. Financial details of the all-cash transaction were not disclosed.
The acquisition extends CA's leadership in threat management, which began with antivirus technology and continued with recent moves into antispyware and antispam technology, the company said in a statement. The company will continue marketing Tiny Software solutions as standalone offerings as it incorporates them into its eTrust Integrated Threat Management software portfolio.
Tiny Software was founded in 1999 and is based in Santa Clara, Calif.