Special Note: Internet Storm Center Webcast

Today (Wednesday) at 14:00 EST / 20:00 CEST. For details, see

http://www.sans.org/webcasts/show.php?webcastid=90491
Note that this webcast will start one hour later then most of our
other SANS webcasts.
Windows XP SP2 Experience Forum




Windows XP Service Pack 2 was officially released to the world yesterday (as noted in yesterday's Handlers Diary and numerous other trade magazines and websites). While most users should not have significant problems with SP2, others stumble upon cases where home grown web applications or other 3rd party software may not work properly after installation. The Internet Storm Center has set up a forum to collect the experiences of others in the security community. It is the hope of the ISC that users will be able to share information on problems they have encountered and/or steps they used to help remedy these issues. If you would like to submit your experiences, please see the following URL:

http://isc.sans.org/xpsp2.php
Microsoft Exchange 5.5 Security Bulletin (MS04-026)




Today is the regularly scheduled Microsoft Patch Day. While most people are focused on Windows XP SP2, those that are using Exchange 5.5 need to take heed of today's security bulletin. An update was released today to resolve a problem within the Outlook Web Access service of Exchange version 5.5 involving cross-site scripting and the ability of an attacker to convince users to run malicious scripts. Though the bulletin rates the severity of the exposure as only Moderate, it is still a wise idea to patch your Outlook 5.5 Servers at the nearest maintenance time administrators have available. There are plenty of "click-happy" end-users that could create some headaches to many administrators if attackers start using this vulnerability in junk or malicious email. Also, continue to try to raise security awareness when it comes to those clicking on links or attachments without regard. For more technical information on the vulnerability and available patch, please see the following URL:

http://www.microsoft.com/technet/security/Bulletin/MS04-026.mspx?pf=true
Apple Mac OS X Bulletins (APPLE-SA-2004-08-09)

Yesterday, two bulletins were released by Apple. The first bulletin involved the libpng (Portable Network Graphics) vulnerability that has been in numerous patches in the Unix and Linux world in the past 2 weeks. The Mac OS X CoreGraphics and AppKit frameworks have been updated to protect against the flaws in the reference library. The software update is available for these versions of OS X:
* Mac OS X v10.3.4 "Panther"

* Mac OS X Server v10.3.4 "Panther"

* Mac OS X v10.2.8 "Jaguar"

* Mac OS X Server v10.2.8 "Jaguar"
The second bulletin announced the availability of Mac OS X v 10.3.5. The new version of OS X includes the patch for libpng, and also includes security updates for the Safari Web Browser and the TCP/IP stack (the rose fragmentation attack).
For more information on either of these, please see the following URLs:

http://docs.info.apple.com/article.html?artnum=61798

http://www.apple.com/support/downloads/
---

Scott Fendley - Handler on Duty

University of Arkansas

scottf /at/ uark /dot/ edu