Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-06-09 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS06-015 will not provide patch for windows 98 and ME.

Published: 2006-06-09
Last Updated: 2006-06-09 20:28:44 UTC
by William Stearns (Version: 1)
0 comment(s)
    Microsoft announced that they will not provide a patch for Windows 98 and ME for MS06-015 "Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)".  The choice appears to be related to the amount of effort needed to patch the problem and the fact that those Operating systems reach the end of their lifecycle on June 11th.
    The suggested workaround is blocking incoming traffic to TCP port 139 on any unpatched systems.  This should at best be a temporary step; unsupported operating systems are a greater liability than supported ones.
    Many thanks to everyone that sent us a pointer to this story.

    More details can be found at:
http://www.microsoft.com/technet/security/Bulletin/MS06-015.mspx
http://blogs.technet.com/msrc/archive/2006/06/09/434300.aspx

Keywords:
0 comment(s)

Ethereal becomes Wireshark

Published: 2006-06-09
Last Updated: 2006-06-09 19:26:44 UTC
by Jason Lam (Version: 1)
0 comment(s)
A few readers wrote to us about Ethereal becoming Wireshark. The packet analyzer is widely used by network and security professionals. Sounds like Gerald Combs, the developer of Ethereal is joining CACE Technologies, the creator of WinPcap, hopefully, this will make things better for both products. Wireshark can now be found at http://www.wireshark.org/
Keywords:
0 comment(s)

WinGate Update

Published: 2006-06-09
Last Updated: 2006-06-09 18:29:11 UTC
by Marcus Sachs (Version: 1)
0 comment(s)
As we reported on June 7th, there is a vulnerability with working exploit in QBik Wingate.  The exploit says it's for "QBik Wingate version 6.1.1.1077 remote exploit for Win2k SP4 (german)". 

Melvin wrote to let us know that an updated version (6.1.3) is now available from http://www.wingate.com/download.php.

Thanks, Melvin!


Keywords:
0 comment(s)

Numbers Spam Solved

Published: 2006-06-09
Last Updated: 2006-06-09 13:56:40 UTC
by Erik Fichtner (Version: 1)
0 comment(s)
The source of the 'Numbers Spam' has been publically revealed.    It's a variant of the Bagel/Beagle/Toosoo/... virus.   Symantec is calling it "Beagle.FC".     Many thanks to everyone who sent in their thoughts about this one.

Keywords:
0 comment(s)
Diary Archives