BugBlog Home
BJK Research Home
BJK Research Home

Did the BugBlog help you? Donate via PayPal to say thanks.

Even better, subscribe to the BugBlog Plus for even more coverage of bugs and their fixes.

Jump to the BugBlog archives

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02


View vintage BugNet coverage here

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily


Working with Words


Sardonic Views

Filtering Craig

Hotel Bruce


Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.


What I'm Reading

The Baroque Cycle, by Neal Stephenson

Macromedia ColdFusion MX Web Application Construction Kit


Here is the daily bug, incompatibility or other computer problem from the BugBlog

The BugBlog is free- but if you want to help support its existence, subscribe to the BugBlog Plus. A three month subscription is only $5. XML The BugBlog uses monthly archives. All the current November bugs will be on this page. Use the links on the left or below to jump back to past months.

Read the Special Report on bugs, fixes, and incompatibilities in Windows XP Service Pack 2

11/30/2004 Timestamp Problems in Windows Media Player

Microsoft says that a change in timestamps may cause a misstep in Windows Media Player. If you are playing content from a Windows Media Player 10 server or from a Windows Media Player 9 Series server with Fast Cache enabled, and the client gets a sample with a timestamp that has increased more than five minutes from the timestamp of the previous sample, you may get this error message
0xC00D002F: Invalid or corrupt data was encountered.
Microsoft has fixes available for the Windows Media Player 9 and 10 for Windows XP, as well as the Windows Media Player 9 for Windows 2000, XP and Server 2003. Get them at http://support.microsoft.com/?kbid=887078.

Today's BugBlog Plus has five more bugs and fixes from Apple, Microsoft, Sun Microsystems, Novell SuSE, and Symbian.

11/29/2004 Power Mac Digital Speakers Interfere with Internal Speaker

Apple says that if you connect digital speakers to a Power Mac G5, you won't be able to mute the internal speaker. Going to Sound preferences and checking the mute option doesn't work. However, they say that you can go to Sound Preferences and set the internal speaker's volume to Low, which should work. (Digital speakers are those that use the optical Digital Out audio port with Toslink cables.)

Today's BugBlog Plus has six more bugs and fixes from Adobe, Microsoft, Sun Microsystems and Novell SuSE.

11/28/2004 DRM Corruption in Windows Media Player

Another way that Digital Rights Management (DRM) helps you (not). While your media files may be fine, if the DRM system on a Windows XP computer gets corrupted, you may start to see these error messages in Windows Media Player
The licenses for your media files are corrupted. (Error code 0xC00D2754)
Windows Media Player cannot play the file because the associated license is either corrupted or not valid. (Error code 0xC00D11D6)
You should be able to fix this by restoring the DRM system to what Microsoft refers to as a clean slate. See how at http://support.microsoft.com/?kbid=810422.

11/27/2004 iCal Watches for Dangerous Alarms

Apple says that if you import a calendar into iCal 1.5.4, and the calendar has an alarm or event that will either open another document or application, you will see a security alert about "unsafe" alarms. You get three choices: import everything, including the alarms; import the calendar, but remove everything that Apple thinks is unsafe; and cancel, which imports nothing. Since an alarm can trigger an application, and an application can be programmed to do something bad, you can see the potential for mischief.

Today's BugBlog Plus has five more bugs and fixes from IBM, Microsoft, and Symantec.

11/26/2004 Better Junk Mail Controls for Outlook

Microsoft has updated the junk email filter for Outlook 2003. They say that this update has a "more current definition" of what should be considered junk mail. (If they need help, any message with Viagra, Cialis or Vicodin should count). You can get the update at http://support.microsoft.com/?kbid=873362.

11/24/2004 Smart Phones Can Get Dumb

When cell phones became "smart" they also became more vulnerable to attacks. (The only way an old electro-mechanical Ma Bell phone could harbor a virus is if someone sneezed on it.) Cell phones that use the Symbian Series 60 software, which include the Nokia 7610, may be susceptible to a Trojan attack. Security researchers at F-Secure says that a program calling itself the Extended Themes Manager actually harbors a program called Skulls, which turns off all links to Symbian system applications in the phone. You can read more in this ComputerWorld story at http://www.computerworld.com/securitytopics/security/story/0,10801,97767,00.html.

There will be no bugblogging on Thanksgiving Day.
Today's BugBlog Plus has six more bugs and fixes from Apple, Microsoft, and Novell.

11/23/2004 Memory Size Missing with Windows XP SP2

Microsoft says that after you install Windows XP Service Pack 2, the amount of memory on your system may appear incorrectly, or not appear at all, in the System Properties dialog box. However, there are two other places where the memory size appears correctly. You can go to Start, All Programs, Accessories, System Tools, System Information. You can also go to Start, Run, and type Msinfo32.exe, and then click OK.

Today's BugBlog Plus has eight more bugs and fixes from IBM, Mandrake, Microsoft, NullSoft, and Sun Microsystems.

11/22/2004 Windows XP Scanner Wizard Misses a Trick

In Windows XP, the Scanner and Camera Wizard has an option that lets you use a networked scanner. However, the improved Windows Firewall in Windows XP Service Pack 2 and in the Windows XP Tablet PC Edition 2005 blocks the port, TCP Port 21, that a networked scanner would use. If the Windows Firewall is turned on, the networked scanner is blocked, but the Wizard isn't smart enough to sense that. As a workaround, you must create a Windows Firewall exception for the scanner. See http://support.microsoft.com/?kbid=873188 for details on how to do that.

Today's BugBlog Plus has seven more bugs and fixes from ATI, Apple, Lotus, Microsoft, and Zone Labs.

11/20/2004 Don't Get Sober

The Sober worm has been upgraded as a threat by anti-virus companies. Called W32.Sober.I@mm by Symantec, W32/Sober.j@MM by McAfee, and WORM_SOBER.I by Trend, it sends itself via its own SMTP engine and a spoofed email address. There will be various email subject headings that may be in either English or German. Symantec has a removal tool at http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.i@mm.html, if you've managed to get infected.

11/19/2004 SonicWALL Hits the Wall with Windows XP Service Pack 2

If you try to use the SonicWALL Complete Anti-Virus program on either a Windows XP Service Pack 2 computer or a Windows XP Tablet PC 2005 computer, you may run into problems. At installation time, you may get this error message
Unable to Create Cabinet Installer Object. Agent Service may not be running properly
Microsoft says this is because the MyAgtSvc from SonicWALL tries to run without run or activation permissions, which doesn't work under SP2's increased security. SonicWALL has fixed this with an update you can get at http://www.sonicwall.com/alert/service_bulletin_windowsXP_SP2_update.html.

11/18/2004 More Security Problems for Internet Explorer

The Secunia security website has issued a bulletin highlighting two bugs in Microsoft Internet Explorer in Window XP Service Pack 2 (SP2) systems. The first bug shows a way that attackers may be able to bypass the warning that the web browser gives when downloading certain files. The second bug can spoof a file extension, making you think you are saving an HTML file when you are saving some other file type. The bugs were reported by cyber flash. Microsoft has not announced any patches for these yet. As a workaround, Secunia says to disable Active Scripting support and the "Hide extension for known file types" option.

Today's BugBlog Plus has five more bugs and fixes from ATI, Microsoft, Novell and SuSE.

11/17/2004 Printing Fixes for Novell NetWare

Novell has a Consolidated Support Pack 11 for iPrint for NetWare. This pack will work on NetWare 6.0 SP5, NetWare 6.5 SP2, and NetWare 5.1 SP7. It provides fixes for a number of printing bugs, including in the Pcounter popup, connection problems with the Novell Gateway, and failures if jobs have %20 in their names. You can get the support pack at http://support.novell.com/servlet/tidfinder/2970103.

Today's BugBlog Plus has six more bugs and fixes from Apple, ATI, Microsoft, and Novell.

11/16/2004 Problems Installing SP2 on HP Computers

If you try to upgrade to Windows XP Service Pack 2 on some Hewlett-Packard computers with the Out of Box Experience (OOBE) you may have problems. When the computer restarts, you may see this error message
Windows XP Setup is incompatible with this version of Windows. For more information, contact Microsoft.
Microsoft says this is because Hewlett-Packard installs the Recovery Console files using the Windows XP Service Pack 1 files that are found in C:\Windows\I386. There is a workaround for this that involves editing the Registry. To see the steps, and important safeguards about the Registry, see http://support.microsoft.com/?kbid=870898.

Today's BugBlog Plus has six more bugs and fixes from Apple, ATI, Microsoft, Red Hat and Skype.

11/15/2004 Memory Bug in ATI Radeons Gets Fixed

There is a bug in the ATI Catalyst 4.10 Software Suite, that when used with any ATI AGP Radeon graphics card, causes memory allocation problems that slows down the performance of applications that intensively use graphics memory. ATI says they have fixed this in their Catalyst 4.11 update.

Today's BugBlog Plus has seven more bugs and fixes from ATI, Cisco, Microsoft, and Sun Microsystems.

11/14/2004 Fix for a Windows 2000 Hotfix

After you install the Microsoft MS03-045 (824141) security patch on a Windows 2000 computer, you may find that when you type in a text box some of the characters repeat. Microsoft has another hotfix to take care of the problem caused by the earlier hotfix. After you install it, you can then use the Application Compatibility Toolkit to avoid the problem. See http://support.microsoft.com/?kbid=834128 for details.

11/12/2004 ZoneAlarm Fixes Rule Bug

The updated Zone Labs ZoneAlarm Pro fixes a bug that was keeping some expert rules from being restored. Zone Labs also says that a privacy issue with referrers was fixed, as well as some general stability issues.

Today's BugBlog Plus has six more bugs and fixes from Apple, Mandrake, and Mozilla.

11/11/2004 MyDoom, IFrames, and PayPal

According to CentralCommand.com's anti-virus newsletter, the latest version of MyDoom, which they label MyDoomAH, is making a pest of itself. One of it's messages may appear and say that your PayPal credit card has been successfully charged (I got one of those messages yesterday, which may have been more worrisome if I actually had a PayPal credit card.) Another message may say they are looking for new friends. This version, if you actually click one of the links in the email, may then try to exploit the Microsoft Iframe bug.

Today's BugBlog Plus has five more bugs and fixes from Apple, Cisco, and Mozilla.

11/10/2004 Microsoft Patches Spoofing Bug in ISA, Proxy Server

Microsoft says there is a bug in their ISA Server 2000 and Proxy Server 2.0 that may allow a hostile website to spoof a trusted website. This will only work if the attackers can first get a victim to visit the hostile website first. Microsoft has updates for the products available at http://www.microsoft.com/technet/security/bulletin/MS04-039.mspx. They credit Martijn de Vries and Thomas de Klerk of Info Support for finding this bug.

Today's BugBlog Plus has eight more bugs and fixes from Microsoft, Mozilla, and Samba.

11/9/2004 Mozilla Firefox 1.0

The Mozilla Organization has released the official Firefox 1.0. I'd love to tell you what bugs are fixed in this release, but their servers are so jammed with people downloading the version that I haven't gotten through yet to check out the release notes. You may be able to avoid the rush by going to these mirror sites, which were listed on Slashdot.
Mirrors: s es/1.0 [] a ses/1.0/ []
http://trillian.cc.gatech.edu/pub/mozilla.org/fir e fox/releases/ [gatech.edu]
http://mozilla.osuosl.org/pub/mozilla.org/firefox / releases/1.0/ [osuosl.org]
http://mozilla.ussg.indiana.edu/pub/mozilla.org/f i refox/releases/ [indiana.edu]

Today's BugBlog Plus has eight more bugs and fixes from Apple, Electronic Arts, and Microsoft.

11/8/2004 Mac OS X 10.3.6 Fixes Kernel Panic

If you use an external wireless USB broadband modem with Mac OS X 10.3.5, you might cause a kernel panic. Since it's not nice to scare a kernel into a needless panic, you may want to upgrade to Mac OS X 10.3.6, where this has been fixed.

Today's BugBlog Plus has six more bugs and fixes from Apple, Microsoft, and Mozilla.

11/6/2004 New Tool To Crack WiFi Passwords

A report in WiFi Networking news says that a new tool to crack WPA passphrases is circulating. WPA is the encryption scheme for wireless networking that is stronger than the original WEP. But if people use short passphrases, tools such as these weaken your security. You can read more tips about strengthening WiFi security at http://wifinetnews.com/archives/004428.html.

Today's BugBlog Plus has seven more bugs and fixes for Apple, Mandrake, Microsoft, and Symantec.

11/5/2004 Internet Explorer Exploit Gets More Attention

A Microsoft Internet Explorer exploit, first disclosed on 11/2 on the Secunia website, (and the BugBlog Plus) is getting lots more attention. The reason for the increased attention is that code that shows how to exploit this vulnerability, in the way IE uses the IFRAME html tag, is now circulating on hacker mailing lists. The vulnerability would be triggered by visiting a hostile web page that had some special imbedded code. US-CERT has now issued their own bulletin about the vulnerability, at http://www.kb.cert.org/vuls/id/842160. Upgrading to Windows XP Service Pack 2 is one fix. Disabling active scripting is another. A third would be to switch to some other browser. Microsoft is now working on a fix.

11/4/2004 Sun Fixes Java Web Proxy Buffer Overflow

Sun Microsystems says that there is a buffer overflow in their Sun Java System Web Proxy Server 6 Service Pack 4 and earlier . A remote attacker may be able to crash the server for a denial of service attack, or possibly to run their own code on the server. Sun has a patch which you can download at http://sunsolve.sun.com/search/document.do?assetkey=1-26-57606-1.

Today's BugBlog Plus has five more bugs and fixes for Intel, Microsoft, and Sun Microsystems.

11/3/2004 Certificate Problems for Cisco

Yawn... Late night- in case people are interested in bugs today...Cisco says that if any of their Cisco Secure Access Control Servers 3.3.1 (ACS) are using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) for authenticating network users, it may leave some holes in the security. As long as a user has a cryptographically correct certificate, any valid user name can get passed. Cryptographically correct means that the format is correct and it has valid fields, but the data itself may be bad, or the certificate may be expired. But as long as it looks good, it's OK. This has been fixed in fixed in version 3.3.2 of the Cisco Secure ACS. Go to http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml for upgrade details.

Today's BugBlog Plus has nine more bugs and fixes for Apple, Creative, Microsoft, Mozilla, and Novell.

11/2/2004 Bad Memories for Toshiba Laptops

If you have a Toshiba laptop, manufactured between April 2002 and April 2004, that's been acting cranky, the problem may be due to bad memory modules. There are 27 different notebook models, in the Tecra, Satellite, Portege, and Dynabook lines, that are affected. Go to http://www.toshibadirect.com/content/pc/b2c/CEP.html to see the whole list. You can also download a utility that will let you know whether your laptop is affected. This program runs from 11/1/2004 through 4/30/2005.

Today's BugBlog Plus has seven more bugs and fixes for Apple, Mandrake, Microsoft, Red Hat and Sun Microsystems.

11/1/2004 Bagle/Beagle is Back Again

The latest Beagle/Bagle mass-mailing worm is showing up with increasing frequency, causing most anti-virus vendors to raise their threat level. Symantec, for example, calls it W32.Beagle.AV@mm, and notes that it is also spreading through file-sharing networks, as well as email. They give the full details at http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.av@mm.html.

10/29/2004 QuickTime Fix is Extended

Apple says that a bug that may allow BMP images to trigger a buffer overflow in QuickTime has been fixed in more versions of QuickTime. This was originally fixed on Mac OS X platforms in Apple's 2004-09-30 update. Now in the 2004-10-27 update, the fix has been extended so that it covers Mac OS X v10.3.x, Mac OS X Server v10.3.x, Mac OS X v10.2.8, Mac OS X Server v10.2.8, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows ME and Microsoft Windows 98.

10/28/2004 Skin Blemish in RealOne Player

There is a bug in the way that RealNetworks RealPlayer 10.5 (release and earlier), RealPlayer 10, and RealOne Player 1 and 2 handle skins files, which are the decorative eye candy that changes the look of the software. It is possible for a website to send a skin file automatically in an .rjs file. If filenames in this file are too long, a buffer overflow may occur that will allow an attacker to run their own programs on a target computer. This won't happen on skins files downloaded from the RealNetworks sites. You can use the RealPlayer Tools, Check for updates command to get a patch for this. While RealNetworks doesn't say anything, it appears that eEye Digital Security discovered this bug. You can read their bulletin at http://www.eeye.com/html/research/advisories/AD20041027.html.



| June 05 | May 05 | Apr 05 | Mar 05 | Feb 05 | Jan 05 | Dec 04 | Nov 04 | Oct 04 | Sept 04 | Aug | July 04| June 04 | May 04 | April 04 | Mar 04 | Feb 04| Jan 04 | Dec 03 | Nov 03 | Oct 03 | Sept 03 | August 03 | July 03 | June 03 | May 03 | April 03 | March 03 | February 03 | January 03 | December 02 | November 02