General discussion

  • Creator
    Topic
  • #2186254

    Chris Mosby at myITforum.com

    Locked

    by mozbe ·

    blog root

All Comments

  • Author
    Replies
    • #3053742

      Reuters.com – Breach exposes U.S. Air Force officers to ID theft

      by mozbe ·

      In reply to Chris Mosby at myITforum.com

      US News Article | Reuters.com

      WASHINGTON (Reuters) – More than 33,000 U.S. Air Force officers could be at greater risk of identity theft after a “malicious user” accessed a database containing personal information, an Air Force official said on Tuesday.

      The attacker used a legitimate password to access a database that contained birth dates, Social Security numbers and career information for about half of the Air Force’s officers, as well as a handful of noncommissioned officers, Master Sgt. Randy Mitchell said.

      Personal financial records and classified military information are not included in the career-management database, Mitchell said.

      The incident has not led to any known instances of identity theft but the Air Force is urging those affected to monitor their credit records, he said.

      “We’re not sure what the person was doing inside the system, if they was just being curious and going through all these records or what, but nobody’s information has been used in an illegal way that we know of so far,” Mitchell said in an interview.

      A rash of security breaches at businesses, universities and other institutions have put at least 50 million U.S. consumers at heightened risk for identity theft over the past year.

      Congress is considering several bills that would tighten computer-security standards and improve consumer protections when such incidents take place.

    • #3053743

      Microsoft Security Advisory (906574) – Clarification of Simple File Sharing and ForceGuest

      by mozbe ·

      In reply to Chris Mosby at myITforum.com

      Microsoft Security Advisory (906574)
      Clarification of Simple File Sharing and ForceGuest
      Published: August 23, 2005

      Microsoft has issued this Security Advisory to clarify information of the issue addressed in Security Bulletin MS05-039 for non-default configurations of Windows XP Service Pack 1. This feature is known as “Simple File Sharing and ForceGuest.” If you are using Windows XP Service Pack 2, enabling Simple File Sharing and ForceGuest does not increase your level of exposure to the MS05-039 security vulnerability. Also, customers that have applied the security update included with MS05-039 are not impacted by this issue. We recommend that customers continue to follow our Protect Your PC guidance of enabling a firewall, getting software updates and installing ant-virus software. Customers can learn more about these steps by visiting the Protect Your PC Web site.

      If Simple File Sharing is enabled on a Microsoft Windows XP system that is not joined to a domain, then all users who access this system through the network are forced to use the Guest account. This is the “Network access: Sharing and security model for local accounts” security policy setting, and is also known as ForceGuest.

      Windows XP mitigates several security vulnerabilities by preventing users who do not have a valid logon credential from accessing the system remotely. An example of this is the vulnerability that is addressed in Microsoft Security Bulletin MS05-039. However, when you enable Simple File Sharing, the Guest account is also enabled and given permission to access the system through the network. Because the Guest account is a valid account when it is enabled, and is given permission to access the system through the network, an attacker could use the Guest account as if they had a valid user account.

      There is no known attack that is seeking to exploit this scenario. The Advisory is being issued as a special precaution. There is no change to the update in Security Bulletin MS05-039. Customers who have applied this update are protected in this scenario.

      Mitigating Factors:
      •Windows XP Service Pack 2 is not vulnerable remotely to the issue addressed by MS05-039 even when Simple File Sharing enables the Guest account. On Windows XP Service Pack 2, the impact of this vulnerability is only Local Privilege Elevation, and only exploitable if a user has the ability to logon locally to the system.

      •Simple File Sharing is not available on Windows XP systems that are joined to a domain. Domain-joined systems use standard file sharing which does not enable the Guest account or give it permissions to access the system through the network. Windows XP Service Pack 2 is not vulnerable remotely in domain-joined systems or in workgroup-joined systems.

      •Enabling Simple File Sharing does not expose customers who have applied the security updates provided by Microsoft Security Bulletin MS05-039 to the vulnerability that is addressed by that security bulletin.

      Read the rest of the advisory here: Microsoft Security Advisory (906574)

    • #3053744

      Symantec Security Response – W32.Mytob@mm Removal Tool- Updated 8/23/05

      by mozbe ·

      In reply to Chris Mosby at myITforum.com

      Symantec has updated their?Mytob removal tool.? Here is what is in the new version:?

    • July 21, 2005: Published version 1.22.1, which supports removal of W32.Mytob.IE@mm.
    • At this point, this tool covers the following:

      You can download the tool here: Symantec Security Response – W32.Mytob@mm Removal Tool

      ?