BugBlog Home
BJK Research Home
BJK Research Home

Did the BugBlog help you? Donate via PayPal to say thanks.

Even better, subscribe to the BugBlog Plus for even more coverage of bugs and their fixes.

Jump to the BugBlog archives

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02


View vintage BugNet coverage here

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily


Working with Words


Sardonic Views

Filtering Craig

Hotel Bruce


Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.


What I'm Reading

Macromedia ColdFusion MX Web Application Construction Kit
(so I have a dull life!)


The BugBlog uses monthly archives. All the August bugs will be on this page. Use the links on the left or below to jump back to past or future months.

The BugBlog is free- but if you want to help support its existence, please make a donation via PayPal using the button at left. Better yet, subscribe to the BugBlog Plus. A three month subscription is only $5. XML

Read the special report on bugs, incompatibilities and other problems in entertainment software and hardware.

8/31/2004 Windows XP SP2 Unrolls Driver Rollback

Once you install Windows XP Service Pack 2, any information saved by Device Manager about previous drivers is lost. Microsoft says no backup file is created for third-party drivers, and thus you won't be able to roll back to a previous driver. Microsoft says if you need to go back, you will have to reinstall the third-party driver. If you need a refresher course for that, see http://support.microsoft.com/?kbid=873171.

8/30/2004 Netscape/Mozilla Running on Apple Can Be Spoofed

There is a reported security bug for the Netscape/Mozilla family of browsers running on Apple Mac OS X 10.3.5. The problem is in the way that Java applets are displayed in a window when using a browser with multiple tabs. It may be possible to spoof one site with another in a "phishing" attack. At least one report says that this exploits a known behavior in Apple's Java, so it may not be something that also affects Windows or Linux users of these browsers. Netscape 7.2 is affected, as are Mozilla 1.7.2 and Firefox 0.9.3. Credit for this discovery goes to J. Courcoul.

8/28/2004 Windows XP Security Center Can Be Tricked

PC Magazine has confirmed, following a tip, that the new Windows Security Center in Windows XP Service Pack 2 can be spoofed. There are ways to make it look like things are still secure, when they aren't. Microsoft has downplayed this bug; a paraphrase of their response might be "Well, if they can do this, they can do worse than this, so we aren't going to worry." You can read the full story from PC Magazine, and the Microsoft response, at http://www.pcmag.com/article2/0,1759,1639276,00.asp.

8/27/2004 Winamp Welcomes Attackers In Via Internet Explorer

A serious vulnerability, that is now being actively exploited, has been found in the MP3 software Winamp 3.x and 5.x. The vulnerability comes in via a Winamp skin file, which allows you to customize the look of Winamp. If you go to a malicious web page you may automatically download the new skin, which triggers code which will then run on your computer. Going to the web page is enough, it appears you don't need to click a link or ask for a download. Apparently, this exploit takes advantage of bugs in both Winamp and Microsoft Internet Explorer, although there are some discussion that this could done on other browsers. There is a write-up at http://secunia.com/advisories/12381/. Credit for reporting this goes to the K-OTik.COM Security Survey Team.

8/26/2004 Flaw in Component of Netscape, Sun One Servers

The Internet Security Systems (ISS) researchers have found a vulnerability in the NSS library, which is a shared component used mostly in Netscape Enterprise Servers and Sun One/Sun Java System web servers, and is provided by the Mozilla Foundation. There is a bug in the SSLv2 record parsing that may allow an attacker to run a heap overflow. This will then give attackers access to these servers. Network administrators who may be affected can get an update from ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_9_2_RTM. They may also want to read the advisory at http://xforce.iss.net/xforce/alerts/id/180 for workaround information.

8/25/2004 Phishing Frenzy Hits Banks, eBay

A group of IT pros has been working under the name of the Anti-Phishing Working Group. Their report on June activity says they unearthed 1422 separate phishing scam attempts (of which at least 1000 probably reached the BugBlog.) The most popular targets were Citibank, eBay, US Bank and PayPal. (Yep, got all four of them!) You can read more at http://www.antiphishing.org/APWG_Phishing_Attack_Report-Jun2004.pdf. Personally, I think August's number one target may be BB&T, at least judging by what's ending up in my inbox and junk mail filter.

8/24/2004 Dantz Retrospect Networked Backups and Windows XP Service Pack 2

When using Dantz Retrospect to backup networked Windows XP computers, you will need to make some configuration changes if you upgrade to Windows XP Service Pack 2. The new Windows Firewall will need to be configured to allow the networked backup. You can see the steps involved at http://www.dantz.com/en/support/kbase.dtml?id=28189. Note that this does not affect Dantz Retrospect when backing up standalone computers.

8/23/2004 Windows XP Service Pack 2 Doesn't Like Adobe Help Files

Adobe says that after you have upgraded to Windows XP Service Pack 2, you may get security warnings in Microsoft Internet Explorer when you try to use Help in an Adobe application. The warning may be something like
"To help protect your security, Internet Explorer has restricted this file from showing active content that could access your computer. Click here for options."
"Security Warning: The information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?"
The problem, according to Adobe, is that the new security in SP2 blocks frames in HTML files as a security precaution, even in HTML Help files stored locally. Since the content you are trying to access was installed on your computer when you installed the Adobe application, there should be no risk involved when clicking Help in an Adobe application. So you can continue on by clicking Yes. You can read more from Adobe about this at http://www.adobe.com/support/techdocs/330621.html.

8/22/2004 Windows XP Service Pack 2 Stops Microsoft Outlook Smart Tags

When you install Windows XP Service Pack 2, Outlook 2003 may lose its smart tags. Microsoft says the tightened security in SP2 stops the smart tags. To bring them back, you will first need to reinstall Office 2003 Service Pack 1. Then you will need to do some Registry edits that are described at http://support.microsoft.com/?kbid=884197.

8/20/2004 Security Problem in Microsoft IE 6 Even After SP2

Security researchers http-equiv have shown another vulnerability in Microsoft Internet Explorer. It is possible to exploit a fault in drag and drop events within IE to move damaging content into a computer's Start folder, so that it will execute the next time that computer boots. Security researchers at Secunia report that this exploit works on fully patched systems using Internet Explorer 6 and Windows XP Service Pack 2. You can see the details at http://secunia.com/advisories/12321/. As a workaround, you may want to consider Mozilla for your browser.

8/19/2004 Cisco IOS Can Be Hit with Denial of Service Attack

Cisco says that any of their devices running the Cisco IOS (Internetwork Operating System) 12.0S, 12.2, and 12.3 and that have turned on the Open Shortest Path First (OSPF) protocol may be vulnerable to a denial of service attack. A specially designed OSPF packet may crash the device, although OSPF is not turned on by default. Check with http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml for links to an update for your version of IOS.

8/18/2004 First Hotfix for Windows XP SP2 Bug

The first post-Service Pack 2 hotfix for Windows XP (or you can look at it as the first pre-Service Pack 3 hotfix) has been released by Microsoft. This fixes a bug introduced by Windows XP Service Pack 2 that may prevent programs from working with IP addresses in the loopback range other than If you have a program that needs to connect to one of these addresses, you may want to contact Microsoft Technical Support and ask for the hotfix described in Knowledge Base article 884020. Note that you may get charged for this call.

8/17/2004 Extra: Windows XP SP2 Auto Update Delayed

Microsoft has informed their largest customers, via email, that the Automatic Update deployment of Windows XP Service Pack 2 will be delayed at least until August 25. This gives customers more time to block the auto updates while they work to settle incompatibilities between their current applications and the stricter security standards of SP 2. You can read more at ZD Net at http://zdnet.com.com/2100-1104_2-5312747.html.

8/17/2004 Yahoo Patches Their IM Software

Yahoo has patched their instant messaging (IM) software. Previously reported flaws in the PNG graphics format can be exploited in Yahoo's IM, because these images can be used for things such as buddy list avatars. Get the update at http://messenger.yahoo.com/security/update5.html.

8/16/2004 Acrobat Unix Flops on Uudecoding

Security researchers iDefense say that Adobe Acrobat Reader 5.05 and 5.06 for Unix have a bug that may allow an attacker to run their own code on your computer. The bug is in the uudecoding portion of Acrobat, which is used to convert documents back to their original format. According to iDefense, Adobe fixed this in version 5.0.9 after they were contacted by iDefense. However, they made no public announcement of either the vulnerability or the fix. You can read the iDefense report at http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities.

8/13/2004 Symantec Gets Enterprise Apps Ready for SP2

Symantec has released updates for many of their enterprise products so that they are compatible with Windows XP Service Pack 2. These products have updates available: Symantec Client Security 2.0; Symantec Client Security 2.0 Business Packs; Symantec AntiVirus Corporate Edition 9.0; Symantec AntiVirus 9.0 Business Packs. You can get these updates at http://www.symantec.com/techsupp/enterprise/sp2/compatibility.html. Symantec says that updates for these products should be available by mid-August to mid-September: Symantec Client Security 1.1.1; Symantec Client Security 1.1.1 Small Business; Symantec AntiVirus Corporate Edition 8.1.1; Symantec AntiVirus 8.1.1 Small Business; Symantec Client Security 1.0.1; Symantec AntiVirus Corporate Edition 8.0.1; Norton AntiVirus Corporate Edition 7.61. Check that same URL for news of when these become available.

8/12/2004 SP2 Firewall Blocks Some Games

The new Windows Firewall in Windows XP Service Pack 2, when left to its default settings, will cause a number of online games to stop working. The reason is that the firewall shuts ports that the game normally uses to communicate with other gamers. (Shutting open ports is generally a good thing. However, ports also need to be open for legitimate traffic.) Games affected include: Lego Chess Chess Advantage III; EA Games Need for Speed Hot Pursuit 2; Atari Unreal Tournament 2003, and Unreal Tournament Game of the Year; VALUSoft Illegal Street Drag 1.0; Atari Scrabble 3.0; and Activision StarFleet Command III 1.0. In general, Microsoft says to check the game's documentation to see what ports need to be opened. Then go to http://support.microsoft.com/default.aspx?kbid=842242 for instructions on how to open the ports.

8/11/2004 AOL Instant Messenger Has a Hole

There is a buffer overflow in the AOL Instant Messenger (AIM) chat application. Because of this bug, an attacker may be able to run their own programs on an AIM computer. This bug was found by iDefense and reported to AOL. Users of the program should go to http://www.aim.com/help_faq/security/faq.adp?aolp= for the latest safety tips and workarounds. While there is no fix yet, they do have a Registry edit for a workaround. Users may also want to read US-CERT's report at http://www.kb.cert.org/vuls/id/735966.

8/10/2004 Bagle is Back Again

The latest version of the Bagle or Beagle worm is causing additional problems. This version, named W32.Beagle.AO@mm by Symantec (slightly different naming by other companies) has some additional twists. It tries to disguise itself as Microsoft Internet Explorer, for one thing. Another disguise, according to BugBlog reader Roseman, is that it buries itself up to ten levels deep in a Zip file. This is deeper than many AV programs scan by default. Symantec's writeup is at http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.ao@mm.html, InfoWorld has a news story at http://www.infoworld.com/article/04/08/09/HNnewbagle_1.html for further details.

8/9/2004 Windows XP SP2 Released

Windows XP Service Pack 2 has officially been RTM'ed. That means Released to Manufacturing. It has been sent out to the Microsoft Developers Network, meaning the OEM computer manufacturers such as Dell, and the megacustomers with thousands of licenses, have it now. It will be made available over the Automatic Update feature of Windows XP first. Later it will be available on CD. There will be extra BugBlog updates on the fixes, as well as the incompatibilities and new problems, that are included in the Service Pack. Full coverage will be in the BugBlog Plus

8/9/2004 PNG Bugs Effects May Be Widespread

While the BugBlog was travelling, the most serious bugs uncovered were a number of problems with graphic files using the PNG (Portable Network Graphics) format. At least one PNG bug could trigger buffer overruns. This file format is common to both different browsers, different graphics programs and different operating systems, and thus may have a wide scope. You can read a news story at http://zdnet.com.com/2100-1105_2-5298999.html. Follow-ups to this bug will be done with individual products that are affected.

8/4/2004 No Bugs on August 5,6,7

There will be no daily BugBlog August 5-7 due to travelling, so there will be a couple of extra bugs August 3 and 4.

8/4/2004 Excel Wizard Comes Up Short

When you run the Conditional Sum Wizard in Excel 2003, you may get this somewhat cryptic error message
Run-time error '1004':
Unable to set the FormulaArray property of the Range class

What the message probably should have said was "Hey, you've added a condition in the wizard that references a value that isn't in your selected cell range." The problem here is not a bug, but a user error. It's just that the error message doesn't really say that.

8/4/2004Red Hat Updates rh-postgresql

Red Hat has new rh-postgresql packages for Enterprise Linux 3. The new version fixes some bugs in init-script and in the datatype conversion process in the JDBC client driver. Get the update at https://rhn.redhat.com/errata/RHBA-2004-307.html.

8/3/2004 Windows NT and NVIDIA Problem With Quake

On a Windows NT 4.0 computer with a NVIDIA GeForce FX5200 graphics card, you may have crashes when running Quake 3. This will still happen even with the most recent driver from NVIDIA, version 61.77.

8/3/2004 Intel Fails a Memory Test, But Gets a Fix

Intel says that if you are using a graphics card that relies on the Intel 845G/GL/GE/GV, 852/855 GM/GME or 865G Chipset Families, or 915G Express Chipset Family, you may crash with a Blue Screen of Death when doing the Windows XP DirectDraw AGP memory test. Intel says this has been fixed in the 14.5 driver.

8/2/2004 Novell Client Makes Nice with Lotus Notes

If you install the Novell Client 4.90 for Windows NT/2000/XP, it might cause Lotus Notes to lock up. This conflict has been fixed, according to Novell, in the Novell Client 4.9 Support Pack 2. You can get the Support Pack in nc49sp2.exe at http://support.novell.com/servlet/tidfinder/2969181.

8/1/2004 Apple To Get Real

If you were thinking of using RealNetworks' latest software, that lets you purchase songs from its own online music store and play them on an iPod, you may want to think again. Apple says they are "…stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the (legal) implications of their actions." Even if they don't look for a legal fix, look for future upgrades to the iPod to block this intrusion by Real.

7/30/2004 Extra -- Critical Patch for Internet Explorer

Microsoft has released a critical update for Microsoft Internet Explorer, running on Windows NT/2000/XP/Server 2003. Released on a Friday afternoon, instead of their normal Second Tuesday of the month, probably means there's some nasty exploits fixed in this cumulative update. They do say, however, that while this is a cumulative update that replaces MS04-004, it does not include any of the hotfixes released since MS04-004, which was originally released in February. Install the new patch, and you remove all those hotfixes. Because of that, they also have an update rollup at http://support.microsoft.com/?kbid=871260 that includes the hotfixes, plus all these new fixes. I'm sure Microsoft has a reason to approach this in such a complicated way. (Like maybe they secretly want us to all switch to Mozilla, so they won't have to support IE any more!) In any event, full information is at http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx.

7/30/2004 Windows XP and IMAPI CDs

Microsoft says that some third-party Image Mastering API (IMAPI) CD-burning software may create CDs or DVDs that Windows XP has trouble reading. Although the disks have data, when you insert them into the drive Windows XP treats them like a blank disk. Judging by the keywords in the Microsoft Knowledge Base, this is one of the bugs that will be fixed in Windows XP Service Pack 2. (Since SP2 is still pre-release, things may change at the last moment.)


| June 05 | May 05 | Apr 05 | Mar 05 | Feb 05 | Jan 05 | Dec 04 | Nov 04 | Oct 04 | Sept 04 | Aug | July 04| June 04 | May 04 | April 04 | Mar 04 | Feb 04| Jan 04 | Dec 03 | Nov 03 | Oct 03 | Sept 03 | August 03 | July 03 | June 03 | May 03 | April 03 | March 03 | February 03 | January 03 | December 02 | November 02