Software Development

Security news roundup: Java update, Windows login bypass tool released

Here’s a collection of recent security vulnerabilities and alerts, which covers a new Java update, the release of a Windows login bypass tool, multiple vulnerabilities in CUPS that can lead to DoS attacks, and details of Microsoft's upcoming Patch Tuesday.

Here's a collection of recent security vulnerabilities and alerts, which covers a new Java update, the release of a Windows login bypass tool, multiple vulnerabilities in CUPS that can lead to DoS attacks, and details of the upcoming Patch Tuesday.

  • New Java update fixes security vulnerabilities

Java 6 Update 5 has just been released, which plugs multiple security vulnerabilities. Unfortunately, no exact details has been disclosed by Sun pertaining to them.

Because the Java installer does not automatically uninstall previous versions after installation of a newer one, users should manually remove the vulnerable versions after installation. You might also note that no Java Control Panel will appear after installing the 32-bit JRE on a 64-bit Windows Vista system, though there are possible workarounds.

Sun has also released Update 15 for Java 5 and Update 17 for version 1.4.2. These updates fixes critical buffer overflow bugs in the JavaScript ActiveX control as well as arbitrary code execution flaws in Java Web Start.

Download Java 6 Update 5, Java 5 Update 15 , and Java 1.42 Update 17.

  • Windows login bypass tool released
Security guru Adam Boileau has made his winlockpwn tool available for download.

First presented more than two years ago, the tool makes it possible to bypass the Windows login via a FireWire port even if you don't know the Windows password. At the moment, the tool supports Windows XP with SP2 as the target system, though there are reports of a Vista attack being successful using a slightly modified version.

The attack still works because Microsoft does not view the FireWire DMA vector exploited by the tool as a security problem since it's part of the IEEE-1394 specification. Indeed, direct memory access is essentially independent of the operating system, hence Linux and Mac OS X are also susceptible.

In an ominous sign of things to come, there are reports that plugging a Cardbus Firewire card into a laptop without FireWire and waiting for it to auto-install while at the locked screen is sufficient to use winlockpwn successfully.

You can visit the project page or check out the presentation: Hit by a bus: Physical access attacks with FireWire (PDF).

  • CUPS vulnerable to remote DoS

CUPS is prone to two remote denial-of-service vulnerabilities. It's possible for attackers to exploit the vulnerabilities to crash the application. Remote code execution may also be possible but has not been confirmed.

Version 1.1.17 and 1.1.22 of CUPS are known to be vulnerable, though other versions may also be affected. There are no known working exploits for these issues at the moment.

Various vendors such as Red Hat and SuSE have released updates that fixes the vulnerabilities. Alternatively, you should switch to nonvulnerable versions available for download.

  • Patch Tuesday: An all-Office roundup

There are four bulletins from Microsoft for the upcoming Patch Tuesday tomorrow, each of them concerning critical vulnerabilities spread across different versions of Microsoft Office.

  • The first patch is for Excel and is rated critical for Excel 2000 SP3 and important for all other versions of Excel.
  • The second patch is critical for the following versions of Outlook: Outlook 2000 SP3, Outlook 2002 SP3, Outlook 2003 SP2 and SP3, and Outlook 2007. It does not affect Office 2007 SP1.
  • The third patch is critical only for Microsoft Office 2000 SP3.
  • The final patch planned for this month's batch is rated critical for Microsoft Office Web Components 2000.

Kudos to you if you don't use Microsoft Office -- though just what are the chances of that anyway?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

{"msg": "None", "status": "error", "error_type": "ServiceUnavailableError", "code": 503}

Editor's Picks