Here’s a collection of recent security vulnerabilities and alerts, which covers a new QuickTime bug that affects both XP and Vista, a new release of FireFox, security updates for FreeBSD, the release of Microsoft Exchange SP1, the official acknowledgement by Cisco of flaws in its VoIP phones, new versions of Asterisk that fixes two SQL injection vulnerabilities, the cracking of Microsoft’s encryption for its wireless keyboards, and vulnerability found on IBM’s Lotus Notes product.
- XP and Vista vulnerable to latest QuickTime bug
The latest (to be discovered) QuickTime bug can be exploited by malicious people to compromise a user’s system. A working exploit has already been made public and the vulnerability has been confirmed to exist for version 7.3 though other versions may also be affected. It has been classified as “extremely critical” by security site Secunia.
There is no fix at the moment, and the only advice would be not to browse untrusted websites or follow untrusted links as well as not to open untrusted QTL files.
You can read more about this QuickTime vulnerability. (Secunia)
- Firefox 18.104.22.168 released
Firefox 22.214.171.124 has been released. It corrects this bug, which was found in Firefox 126.96.36.199 shortly after it has been released. More information on this issue can be found at TechRepublic’s IT News Digest blog.
You can download Firefox 188.8.131.52 here, or check out the release notes.
- Security updates for FreeBSD released
Two vulnerabilities in system tools has been discovered in FreeBSD. One of them involves GNU tar in which insufficient checking of path indicators allows attackers to overwrite files with the victim’s rights. A patch has now been made available for GNU tar.
The other FreeBSD vulnerability involves a problem with the internal state tracking used on the pseudo-random number generators called random and urandom. Attackers are apparently able to use it to generate previously generated random numbers. All FreeBSD versions are affected.
You can read up more on FreeBSD’s random value disclosure here.
- Exchange 2007 SP1 released
Microsoft has shipped Exchange 2007 SP1 on Thursday. Released almost exactly a year after the RTM of Exchange 2007, Service Pack 1 includes support for the upcoming Windows Server 2008. It also boasts enhancements to real-time communication and mobile phone integration.
Other than the above, SP1 brings to the table SCR, or Standby Continuous Replication, which allows Exchange to fail over to servers in different geographic locations.
You can download Exchange 2007 SP1 here.
- Cisco confirms security flaw in its VoIP phones
Cisco has confirmed that its VoIP phones are vulnerable to eavesdropping. In its official response, Cisco notes “that an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol (RTP) audio stream.”
Hackers, John Kindervag and Jason Ostrom said they were able to penetrate many such networks. “We’ve toasted so many of these networks it’s not funny,” they said in a blog on Wired.com. You can read the official Cisco response here.
- New versions of Asterisk released
Two SQL injection vulnerabilities in Asterisk have been rectified with new versions of the telephony software. All versions of Asterisk Open Source from 1.0.x through 1.4.x, and Asterisk Business Edition A.x.x through C.x.x, AsteriskNow as well as the Asterisk Appliance 1.0.x are affected.
- Encryption in Microsoft wireless keyboards cracked
IT security specialist company Dreamlab Technologies have successfully cracked the encryption used in Microsoft keyboards. According to their press release, “using just a simple radio receiver, a soundcard and suitable software, Dreamlab Technologies has managed to tap and decode the radio frequencies transmitted between the keyboard and PC/notebook computer.”
The ease of cracking it could have to do with the simple XOR mechanism and one bye encryption keys. Microsoft has been informed though rectifying this security vulnerability will be a long drawn-out process. Keyboards that use Bluetooth are not vulnerable.
You can read more about it from the official press release here.
- Vulnerability found in Lotus Notes
An attacker could exploit a flawed third-party component in its Lotus Note corporate e-mail software. In its security advisory, IBM warned that a successful exploit could result in malicious code being executed on the victim’s PC. The vector comes in the form of a specially crafted Lotus 1-2-3 file attachment, which the user will have to double-click to view.
Various workarounds have been suggested for the variuos versions of the product.