New IE flaw could enable phishing attacks
Microsoft customers are waiting for a patch to fix the already-exploited createTextRange flaw in Internet Explorer. But now it appears they have a new security hole to worry about, and it remains to be seen if this one will be addressed in next week's scheduled browser fix.
A vulnerability researcher by the name of Hai Nam Luke has discovered a race condition that appears when browser windows load Web content and Macromedia Flash files. A race condition occurs when a device or system simultaneously tries to perform two or more operations that must be performed in sequence. Malicious people could exploit the flaw to conduct spoofing and phishing attacks. An attacker could spoof the address bar of the browser, causing a user to trust the spoofed domain.
Danish vulnerability clearinghouse Secunia has confirmed the flaw on a fully patched machine running Internet Explorer 6.0 and Windows XP SP1/SP2.
Secunia said users can block the threat by disabling Active Scripting support, though this may disrupt the functionality of certain Web sites.
Cisco patches a variety of flaws
San Jose, Calif.-based networking giant Cisco Systems Inc. has patched a variety of flaws in its Optical Networking System 15000 Series and Transport Controller, as well as its 11500 Series Content Services switches. Attackers could exploit the flaws to cause a denial of service and execute arbitrary commands.
Among the vulnerabilities:
- Attackers could exploit errors in various management services to force control cards on the network to exhaust memory resources. The network would then be unable to open any new socket connections.
- Attackers could reset control cards by exploiting a couple errors in how malformed IP packets are processed.
- Attackers could also reset control cards by exploiting an error in how malformed Open Shortest Path First (OSPF) packets are handled.
- Attackers could run arbitrary commands by exploiting errors in the Cisco Transport Controller (CTC) Launcher where insecure permissions are granted to any software originating from the codeBase or source at http://*/fs/LAUNCHER.jar.
- Attackers could cause a vulnerable device to reload by sending a valid but obsolete or specially crafted HTTP request, exploiting an error in the HTTP compression functionality.
HP patches printer software
Hewlett-Packard has patched a security hole in software included with two its color LaserJet printer products. Attackers could exploit the flaw to access sensitive files on Windows machines.
"This potential security vulnerability allows a remote unauthorized malicious user to retrieve arbitrary files from a Microsoft Windows computer when the HP Color LaserJet 2500 and 4600 Toolbox is in the default configuration," HP said in its advisory.
HP has made HP Color LaserJet 2500/4600 Software Update version 3.1 available to close the security hole. The advisory includes download instructions.