WordPress vulnerable to malicious password resets

An error involving the truncation of SQL columns makes it possible for WordPress sites that allow open registration to overwrite the passwords of existing users. While annoying by itself, the problem escalates into a potentially exploitable situation when leveraged in combination with weaknesses in the mt_rand() random number generator. The result is that it  could be used to predict the new password to hack into WordPress installations.

This problem was discovered by Stefan Esser and affects WordPress 2.6.1 and all earlier versions. While WordPress developers say the attack is difficult to accomplish, the associated risk is sufficient for them to release an update.

As such, all users are strongly urged to upgrade to 2.6.2, which also fixes a number of other bugs.

Microsoft patches eight critical vulnerabilities

Patch Tuesday this week saw Microsoft resolving eight critical vulnerabilities via four security updates for Windows, Microsoft Office, Windows Media Player, Internet Explorer 6, and SQL Server, among other programs.

The one that experts consider the most critical will be MS08-052, which fixes five vulnerabilities in the Graphical Device Interface (GDI+) component of Windows. Due to its pervasive implementation in Windows, this issue affects anything from Windows XP upwards.

Excerpt from Computerworld:

Hackers could exploit the GDI+ bugs by sending specially-crafted image files in a variety of formats — including EMF, GIF, WMF and BMG — to a user via e-mail, or by convincing users to visit sites that contain malicious image files. By triggering the vulnerabilities, attackers could then follow up with additional malware to hijack a system or steal data.

As usual, this month’s updates should be automatically downloaded via Windows Update. You can read more about September’s Security Bulletin here.

Apple patches QuickTime

Apple has released a new version of its QuickTime framework. Version 7.5.5 fixes a total of nine security vulnerabilities, with eight of them listed as critical. Only Windows systems are affected though. The bugs appear to be the result of poor programming in various components – such as the Indeo codec, and can be triggered by simply processing a malicious file.

You can read the report on the security content of QuickTime from Apple.

Akamai: Japan generates the most Internet attack traffic

A new study by network services provider Akamai shows that Japan accounted for a staggering 30% of all monitored Internet attack traffic in the second quarter of 2008.

Excerpt from Network World:

The study, which was conducted by monitoring Akamai’s global network of more than 30,000 servers, measured distributed denial-of-service attacks, Web site hacking attempts and DNS hijackings for 139 countries around the world. The United States had the second-highest percentage of attack traffic for the second quarter, at 21.5%, while China came in third at 16.8%.

While Japan does rank high in the high-speed broadband connections per capita, the report explicitly noted that “there does not appear to be a clear and obvious link between the high-speed connectivity and likelihood that a country is a leading source of attack traffic.” South Korea and Sweden command the first and second position respectively. So what is happening now — a new Japanese trojan making its rounds?

Feel free to to discuss the various security events here.