Multiple versions of Microsoft Windows are vulnerable to a NULL pointer dereference error in the server driver, which attackers could exploit to crash a system using a specially crafted network packet. Atlanta-based vendor Internet Security Systems' (ISS) X-Force uncovered the glitch and released details Friday in an advisory, warning that an exploit is available in the wild.
"Attackers can reliably cause Microsoft Windows to [go to a] blue screen," ISS said. "Users must reboot to recover from the crash … As of this writing no patch is available for the vulnerability."
ISS said the security hole affects:
Symantec fixes Brightmail AntiSpam flaw
Cupertino, Calif.-based antivirus giant Symantec Corp. has fixed multiple flaws in its Brightmail AntiSpam product. Attackers could exploit the flaws to read or modify confidential system information, Symantec said in an advisory.
"Symantec Brightmail AntiSpam fails to fully sanitize file names passed to the DATABLOB-GET / DATABLOB-SAVE requests of directory traversal sequences," Symantec said. "This directory traversal vulnerability could result in confidential system information being exposed."
During the installation of email scanners, Symantec said three options are given for identifying the Brightmail AntiSpam control center that will control the scanner. The first option is a local control center. The second option is to identify the control center by its IP address, and the third option allows the control center to connect from any computer.
Symantec said the third option could allow an attacker to impersonate the control center, exposing the following vulnerabilities:
The solution is to upgrade to Symantec Brightmail AntiSpam version 6.0.4 or to Symantec Mail Security (SMS) for SMTP version 5.0.