Security Bytes: Skype dodges attackers

Meanwhile: A worm hijacks IE and spreads via Yahoo IM, Ohio University reorganizes IT department after data theft; and Symantec accuses Microsoft of misusing technology.

Skype flaw fixed
Skype Technologies S.A. has fixed a flaw attackers could exploit to compromise Windows machines running the Skype telephony application.

The Luxembourg-based Internet telephony service provider, which enables customers to make free calls between computers or low-cost calls to regular telephones, said the problem is that the parameters passed by the URL handler are parsed incorrectly. "An attacker who constructs a Skype URL that is malformed in a specific way can initiate the transfer of a single named file from one Skype user to another," the vendor said, "provided that the sender follows the malicious link and that the recipient has previously authorized the sender."

The problem affects Skype for Windows, specifically all releases prior to and including 2.0.*.104; and release 2.5.*.0 to and including 2.5.*.78. Skype recommends customers upgrade to version 2.0.*.105 or 2.5.*.79.

Worm hijacks IE, spreads via Yahoo IM
A new worm hijacks the Internet Explorer (IE) homepage, spreads through Yahoo Messenger and leads users to a site that drops spyware on their PCs, Foster City, Calif.-based FaceTime Communications Inc. warned in an analysis on its Web site.

The company has labeled the worm yhoo32.explr. It hijacks the IE homepage, leading users to the spyware site that installs a program called 'Safety Browser'.

"Because Safety Browser uses the IE icon, users can easily mistake it for Internet Explorer," FaceTime said. "This is the first recorded incidence of malware installing its own Web browser on a PC without the user's permission."

The self-propagating worm spreads the infection to contacts on a victim's Yahoo Messenger list. It does so by sending a Web site link that loads a command file onto the user's PC, subsequently installing Safety Browser.

"This is one of oddest and more insidious pieces of malware we have encountered in years," Tyler Wells, senior director of research at FaceTime Security Labs, said in a statement. "This is the first instance of a complete Web browser hijack without the user's awareness. Similar 'rogue' browsers, such as 'Yapbrowser,' have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers."

Ohio University suspends technician over data theft
At least one technician at Ohio University has been placed on paid administrative leave as part of a major reshuffling of the university's computer services department. The reorganization comes on the heels of recent news that thieves hijacked at least three campus servers.

Bill Sams, Ohio University's CIO, initiated the reorganization Friday, according to CNET News.com. It reported that one of the compromised servers, which held the Social Security numbers of 137,000 people, was penetrated by U.S.- and overseas-based hackers for at least a year and possibly longer.

"That's unbelievable," Avivah Litan, security analyst with research firm Gartner told CNET News.com in response to the revelation. "I have never heard of that much of a delay. Why would it take a year to discover this? It doesn't make any sense."

Attackers have gone after university systems with particular zeal. In the past year, schools like Notre Dame, Georgetown and Purdue universities have been hit.

Symantec accuses Microsoft of misusing technology
It's the AV giant vs. the software giant.

According to published reports, Cupertino, Calif.-based Symantec Corp. has filed suit against Microsoft for allegedly misusing technology from Veritas Software, which Symantec acquired last year.

Specifically, Symantec claims Microsoft misused trade secrets it gained through a Veritas licensing deal to create its own products, including features being added to the Windows platform, Michael Schallop, Symantec's director of legal affairs, told eWeek. The trade secrets were related to Symantec's VolumeManager, which the company acquired as part of the Veritas acquisition.

Schallop said Microsoft's actions -- incorporating the technology into its upcoming Vista operating system, for example -- violates the mutual licensing agreement originally signed by the companies in 1996.

Operating systems use VolumeManager to store and extend large amounts of data to help bypass storage hardware limitations. It also has data recovery and recreation capabilities.

Symantec also accuses Microsoft of concealing its misappropriation of the Veritas technology by denying Symantec access to the software giant's source code, access Microsoft is apparently required to give to Symantec under its agreement.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close