BugBlog Home
BJK Research Home
BJK Research Home

Did the BugBlog help you? Donate via PayPal to say thanks.

Even better, subscribe to the BugBlog Plus for even more coverage of bugs and their fixes.

Jump to the BugBlog archives

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

XML

View vintage BugNet coverage here

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

What I'm Reading

Macromedia ColdFusion MX Web Application Construction Kit
(so I have a dull life!)

BugBlog

The BugBlog uses monthly archives. All the June bugs will be on this page. Use the links on the left or below to jump back to past months.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5. XML

Read the special report on bugs, incompatibilities and other problems in entertainment software and hardware.

6/30/2004 Adobe Tightens Acrobat Security

Adobe has an update for both their full Acrobat program and the Acrobat Reader. The Acrobat 6.0.2 update include "Security update to further restrict malicious code execution" although they are not forthcoming about the details. (The real bad guys probably already know how to break in to a PDF, but they don't want the script kiddies to know, too.) The Windows and Mac versions of both are at http://www.adobe.com/support/downloads/main.html.

6/30/2004 US CERT Suggests Different Browsers

It's not just the BugBlog saying you should use Mozilla instead of Microsoft Internet Explorer. Now, US-CERT suggests you may want to use a different web browser, too. (They don't specify Mozilla.) As they say at http://www.kb.cert.org/vuls/id/323070, "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser." Of course, it won't give you total security (IE is deeply embedded in Windows systems) and some sites function correctly only with IE. (Microsoft has an excuse, of course, but what about all you other sites? You need to test for cross-browser compatibility.)

6/29/2004 CF Card Causes Blue Screen in Windows

If you remove a CardBus Compact Flash (CF) adapter from a Windows 2000/XP/Server 2003 computer, after performing a file transfer or editing a file on the Compact Flash card, the computer may get a Blue Screen of Death with this error message:
STOP: 0x0000007E (0xAAAAAAAA, 0xBBBBBBBB, 0xCCCCCCCC, 0xDDDDDDDD)
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED

The hex numbers in parenthesis may differ. Microsoft does not yet have a fix or workaround.

6/28/2004 ZoneAlarm Pro Update Fixes Compatibility Problems

Zone Labs has come out with ZoneAlarm Pro 5.0.590.043. This version fixes incompatibilities with Norton Antivirus email scanning, and also fixes an incompatibility with the McAfee Security Center. Problems that were causing timeouts in SSH were also fixed, along with what they term "routine maintenance items" and "system stability issues." They don't mention whether they fixed the problems with local machine web hosting that was causing incompatibilities with web designers using Macromedia ColdFusion or Microsoft ASP. (Thanks to reader Kevin for alerting me to this while I was out.)

6/27/2004 Microsoft Browsers and Websites Vulnerable to Attack

I knew something interesting would happen while I was gone -- a number of web sites using Microsoft Internet Information Server 5.0 were infected with malicious code know as Download.Ject, or JS.Scob.Trojan, Scob, and JS.Toofeer. If you visit these infected sites while using Microsoft Internet Explorer, you may then be infected. The end users will have files called Kk32.dll and Surf.dat on their computers. You can prevent this by installing the patches from MS04-011. This should be done both by administrators running IIS web sites and people who browse with IE. Windows XP Service Pack 2 Release Candidate 2 also seems to fix it. You can also prevent this from happening by using Mozilla instead of Microsoft Internet Explorer. More details are at Microsoft at http://www.microsoft.com/security/incident/Download_Ject.mspx, Symantec at http://securityresponse.symantec.com/avcenter/venc/data/js.scob.trojan.html, and probably many other places around the Web.

6/22/2004 Lack of Color in DVDs on Windows XP

If your Windows XP computer will suddenly only play DVD movies full-screen in only one color, the problem may be another program interfering with the DVD player. Look for a semi-transparent program window in the upper left part of your Windows XP desktop -- one program that may do this is the Input Method Editor input bar. Either close this program, or move it from the upper left corner.

6/18/2004 Bugbloggin Slow 6/19 Through 26

The BugBlog will be on the road next week, and the amount of blogging will depend on how easy it is to find hotspots and other Internet access.

6/18/2004 Mac OS X 10.3.3 Thinks PDF Needs a Password

PDF documents can be password-protected by their creators. Apple says that sometimes the Preview Feature of Mac OS X 10.3.3 and earlier will ask for a password, even if the document is not password-protected. As a workaround, Apple says that if you can use Adobe Reader or some other application to open the document without asking for a password, just use that and not Preview. They also say this is fixed in Mac OS X 10.3.4.

6/17/2004 Cisco IOS Border Gateway Attacks

Cisco says that any of their hardware that is running IOS and has the Border Gateway Protocol (BGP) turned on can be hit by a denial of service attack. The device has to received a malformed BGP packet, and Cisco says in most cases it will have to look like it is sourced from a configured, trusted peer. They also note that BGP is not turned on by default. They have fixes (or news of fixes) for various versions of IOS listed at
http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml.

6/16 A Real Problem for RealNetworks

NGSSoftware says that a bug in RealNetworks RealOne Player 2, RealPlayer 10 and RealPlayer Enterprise may allow malicious users to run their own code on your computer. If you carefully construct one of Real's media files (.RA, .RM, .RV or .RMJ) you can cause heap corruption that will allow the rogue code to be executed. If you use these products, check out http://service.real.com/help/faq/security/040610_player/EN/ for fix information. You can read the original security bulletin at http://www.nextgenss.com/advisories/realra.txt.

6/15/2004 Sasser Worm Fix Causes W2K Compatibility Problems

Microsoft's MS04-011 security patch has some compatibility problems with certain third-party applications on Windows 2000 computers. One application mentioned specifically is the Nortel Networks VPN client, but in general applications that load these drivers -- Ipsecw2k.sys, Imcide.sys, or Dlttape.sys --may cause big problems. These may include totally locking up the computer, having CPU usage spike to almost 100 percent, or an inability to log on to Windows. Microsoft has a hotfix to undo the damage done by the MS04-011 fix. It will be in a future service pack, but it you are having these problems you should contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 841382. Note that you may be charged for this call.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.

6/14/2004 Sasser Worm Fix Causes Problems with EMF Files

If you install the security update from MS04-011 (the fix for the Sasser worm) on a Windows NT 4.0/2000/XP computer, you may have problems viewing EMF (Enhanced MetaFile) images in Adobe Illustrator. According to Microsoft, the security patch enforces tougher security on metafiles. This tougher security is also present in Windows Server 2003 by default. There are hotfixes available for Windows 2000 and XP, which will be in future service packs for these products. If you use EMF files, and need these fixes right away, contact Microsoft Technical Support and ask for the fix described in Knowledge Base article 840997. Note that you may be charged for this call. If you use the other versions of Windows, you may want to check back at http://support.microsoft.com/?kbid=840997 for updated information.

ZoneAlarm Pro 5 Causes Big Problems For Local Host

The 5/15 BugBlog noted a problem that Zone Labs ZoneAlarm Pro 5 caused when upgrading Macromedia ColdFusion. The problem appears to be bigger. Many web developers use a testing web server on their local computers - to test pages, especially dynamic pages, before posting them to the public. ZoneAlarm Pro 5 seems to cause massive interference with this procedure, both with Macromedia ColdFusion users (like the BugBlog) and also people using Microsoft Internet Information Server/ASP. The Zone Labs user forums have messages from many different users who are having problems connecting to the local host, or 127.0.0.1. If you are a web developer, don't upgrade to ZoneAlarm 5. The exact same installation/configuration that doesn't work on a compute with ZA 5, works perfectly with ZA 4.5.

6/11 CardBus Adapter May Trigger Blue Screen in Windows XP

Microsoft says that if you disconnect a CardBus Compact Flash adapter from a Windows XP computer, after you have either transferred a file or edited a file on the Flash card, you may get a Blue Screen of Death in Pci.sys, with this error message
STOP: 0x0000007E (0xAAAAAAAA, 0xBBBBBBBB, 0xCCCCCCCC, 0xDDDDDDDD)
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED

although the four hex numbers in parenthesis may differ. As of now, Microsoft has no fix or workaround.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.

6/10/2004 No Linksys Backdoor Problem

It looks like the reports, blogged on 6/7, about a possible backdoor on Linksys WRTS54G 802.11g wireless routers, isn't true. The person making the claim has "clarified it" into a non-bug. He's also clarified himself off my list of sources.

6/10/2004 ATI Fixes Rotation Problem

ATI says that if you are using one of their graphics cards with their Catalyst 4.5 software, when you use a hotkey to rotate the display image or use the ATI icon in the system tray to rotate, you may cause the operating system to intermittently lock up for about ninety seconds. This has been fixed in their Catalyst 4.6 software.

6/9/2004 CRM Vulnerability for Microsoft

Microsoft says that users of Visual Studio .NET 2003, who use Microsoft Office Outlook 2003 with Business Contact Manager, or who use Microsoft Business Solutions Customer Relationship Management (CRM) 1.2, are vulnerable to a remote attack. As a result, files could be retrived and/or deleted. The number of vulnerable files depends on the security context of the Crystal Reports and Crystal Enterprise Web viewers, which is where the vulnerability is. It is important to note that this vulnerability is only present if Microsoft Internet Information Server is installed. (And that should happen only if this is a web server or it’s a computer where you do web development work.) You can get a patch, and more information, at http://www.microsoft.com/technet/security/bulletin/MS04-017.mspx.

6/8/2004 Security Updates for Mac OS X

Apple has released a a 6/7/2004 security update for both Mac OS X 10.2.8 and Mac OS X 10.3.4. Apple says that these are "recommended for all Macintosh users" although outside security experts and news reports refer to them as "critical" updates. You can find links to both of them from the main Apple Support page at http://www.apple.com/support/. Details will be covered in the BugBlog Plus.

6/7/2004 Backdoor Into Linksys Router Configuration Page

[UPDATE: It looks like the reports, blogged on 6/7, about a possible backdoor on Linksys WRTS54G 802.11g wireless routers, isn't true. The person making the claim has "clarified it" into a non-bug. He's also clarified himself off my list of sources. ]C Net reports that an independent researcher, Alan Rateliff II, has found a secuity bug in the Linksys WRTS54G 802.11g wireless router. This bug may allow remote attackers to gain access to the configuration page of the router, where they can lower security and do all kinds of other things. This was tested on the router's 2.02.7 firmware. Linksys (which is now part of Cisco) has a firmware update at http://www.linksys.com/download/firmware.asp?fwid=201, but it has a 3/17/04 date. You can read the story at http://zdnet.com.com/2100-1105_2-5226918.html.

6/5/2004 Refreshing News from Novell

Novell has "refreshed" (guess that's a synonym for "fixed") their Security Update 4 for eDirectory for the Netware, Windows, Linux, and Unix platforms. It needed refreshed because the Netware script was preventing installation on Netware 6.0 Support Pack 4 or NetWare 5.1 Support Pack 7 servers.

6/4/2004 Hotmail Burns Up Some Data

A story on C Net reports how some customers have experienced data loss of their saved files on Hotmail. Losing data is bad, of course, but if you are going to store data on a free service run by Microsoft, it better not be important data without a backup. If you look at the terms of service for the free email services, you generally see that you are guaranteed to get what you paid for. You can read the story at
http://news.com.com/Hotmail+incinerates+customer+files/2100-1038_3-5226090.html.

6/3/2004 Korgo Worm Has Two More Variations

Both US-CERT and Symantec have increased their nervousness about the different variations of the Korgo worm making its was around the Internet. The two newest versions are W32.Korgo.F and W32.Korgo.G. They both take advantage of the LSASS Buffer overrun that affects Windows systems, and may be listening via TCP ports 445, 113, and 3067. Up-to-date antivirus signatures should take care of these variations.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.

6/2/2004 Upgrading Outlook But Not Excel Makes You Gray

If you upgrade from Microsoft Outlook 2000 to Outlook 2003, but don't upgrade the rest of your Office applications, you will lose some functionality in Excel. If you click File, Sendto in Excel, you will see that all the commands are grayed out and unavailable. This is Microsoft's way of saying "You are cheap. You should have upgraded everything." Other than an upgrade, there does not seem to be a fix or workaround.

6/1/2004 Windows XP Task Manager Can't Manage

If for some reason a service pack is not completely installed on Windows XP, the computer may still run but Microsoft Task Manager may crash. If you look at the error report, you will see this
taskmgr.exe 5.1.2600.1106 ntdll.dll 5.1.2600.1217 00000342
Microsoft says you will need to either reinstall the old service pack, or install a newer one, to fix this.

5/31/2004 Some Radio Streams Won't Work After iTunes 4.5 Update

In iTunes 4.2 for both Mac OS X and Windows, you could listen to an Internet radio stream that did not start with http://. According to Apple, that's not the case with iTunes 4.5. You may try to listen to the same stream, and it will cause iTunes 4.5 to crash. You can fix this by editing the URL info found in a stream's Summary button. See the details at http://docs.info.apple.com/article.html?artnum=93831.

5/29/2004 Expired Passwords May Still Work in Windows 2000

Microsoft says that in Windows 2000 Professional, Server, and Advanced Server a user with an expired password may still be able to log on to the system. They will be able to do so if the fully qualified domain name of a system is exactly eight characters long. Since a fully qualified domain name (FQDN) might be something like www.bugblog.com, it would be a little difficult to have one with eight characters, but it is possible. Microsoft has a hotfix to prevent this, which will be in a future Windows 2000 service pack. If your FQDN is exactly eight characters long, and you have users with expired passwords, you may want to get this hotfix right away. Contact Microsoft and as for the fix described in Knowledge Base article 830847. Note that you may be charged for this call.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5.


| June 05 | May 05 | Apr 05 | Mar 05 | Feb 05 | Jan 05 | Dec 04 | Nov 04 | Oct 04 | Sept 04 | Aug | July 04| June 04 | May 04 | April 04 | Mar 04 | Feb 04| Jan 04 | Dec 03 | Nov 03 | Oct 03 | Sept 03 | August 03 | July 03 | June 03 | May 03 | April 03 | March 03 | February 03 | January 03 | December 02 | November 02