Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Update providing 403 error code?

Published: 2009-12-11
Last Updated: 2009-12-11 22:41:07 UTC
by Joel Esler (Version: 3)
24 comment(s)

We've had two separate reports this morning from readers telling us, when they try to visit the Microsoft Update site (for XP or 2003) they are receiving 403 error messages.  One of the emails we received details having to remove MS Update and reinstall it in order to get updates to work again.

Can anyone else replicate this issue?  We've tried from several locations globally and we can't reproduce the problem.

Instructions on how to remove MS Update:  http://support.microsoft.com/kb/901037

Update: Thanks to all that have written in and commented on this thread.  We've had contact from Microsoft and they are looking into it.  It seems that there are a lot of people experiencing this problem.  Thanks again.

-- Joel Esler | http://blog.joelesler.net | http://twitter.com/joelesler

 

Keywords:
24 comment(s)

Another good reason to update to Thunderbird 3.0

Published: 2009-12-11
Last Updated: 2009-12-11 14:59:59 UTC
by Joel Esler (Version: 2)
0 comment(s)

One of our readers sent this in to us (Thanks Juha-Matti), a security advisory against versions of Thunderbird <= 2.0.0.23.

Aside from all the other good reasons to update to Thunderbird 3.0, this is a vulnerability in Thunderbird's dtoa implementation.  Many Thunderbird users like to integrate things like Lightning (the calendar application) right into their Mail client, similar to Outlook.  This tight integration allows for much the same functionality that Outlook has in it's mail client, except for the Exchange server portion.  I've seen Thunderbird and Lightning used at countless organizations to be able to handle calendars, so be sure and pay attention to this one.

The flaw, according to the link, is in how Thunderbird's dtoa implementation works.  Since Thunderbird uses the same dtoa implementation as Firefox, one would tend to think that Firefox (and it's variations, Camino..etc) would be vulnerable too.

This would affect many plugins as well, things like Lightning (as previously mentioned) and Thunderbrowse (as mentioned it the link above).  Who knows what else, so make sure and update everything that you can.

-- Joel Esler | http://blog.joelesler.net | http://twitter.com/joelesler

Keywords:
0 comment(s)
Diary Archives