BugBlog Home
BJK Research Home
BJK Research Home

Did the BugBlog help you? Donate via PayPal to say thanks.

Even better, subscribe to the BugBlog Plus for even more coverage of bugs and their fixes.

Jump to the BugBlog archives

Dec 06
Nov 06
Oct 06
Sept 06
Aug 06
July 06
June 06
May 06
Apr 06
Mar 06
Feb 06
Jan 06
Dec 05
Nov 05
Oct 05
Sept 05
Aug 05
July 05
Jun 05
May 05
Apr 05
Mar 05
Feb 05
XP SP2
Jan 05
Dec 04
Nov 04
Oct 04
Sep 04
Aug 04
Jul 04
June 04
May 04
Apr 04
Mar 04
Feb 04
Jan 04
Dec 03
Nov 03
Oct 03
Sept 03
Aug 03
July 03
June 03
May 03
April 03
Mar 03
Feb 03
Jan 03
Dec 02
Nov 02

XML

View vintage BugNet coverage here

Cleveland-area blogs*:

Backup BugBlog

Economic Development Futures

Brewed Fresh Daily

Cleve-blog

Working with Words

Gassho

Sardonic Views

Filtering Craig

Hotel Bruce

Blogcritics.org

Up Yours

Kevin Holtsberry

Steve Goldberg

Red Wheelbarrow

Anita Campbell

Swerb's Blurbs

Rachel's Law

*there are more blogs in Cleveland, these are just from people I've met or know. Some of the above are actually farther away, but are bloggers I've met here.

Blogcritics

 

 

BugBlog

Here is the daily bug, incompatibility or other computer problem from the BugBlog

The BugBlog is free- but if you want to help support its existence, subscribe to the BugBlog Plus. A three month subscription is only $5. XML The BugBlog uses monthly archives. All the current November bug are here. Use the links on the left or below to jump back to past months.

11/30/2005 Apple Fixes Safari JavaScript Bug

The Safari web browser in Mac OS X 10.3.9, Mac OS X Server 10.3.9, Mac OS X 10.4.3, and Mac OS X Server 10.4.3 has a bug in the JavaScript engine. If you use Safari to browse a malicious website, some bad JavaScript could trigger a heap overflow which could then run bad code on your system. This is fixed in the Apple Security Update 2005-009.

Today's BugBlog Plus has twelve more bugs and fixes for Adobe, Apple, Microsoft, Mozilla, Sony and Symantec. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/29/2005 Mozilla Firefox 1.5 Release is Today

With an unpatched bug in Microsoft Internet Explorer now being called "worse than expected", (see http://www.eweek.com/article2/0,1895,1893512,00.asp) now is a good time to note that Mozilla Firefox 1.5 is going to be released today. The final version of the release notes have not been posted yet, but the BugBlog will post the list of fixes, incompatibilities and remaining bugs as soon as they are released. Get Firefox at http://www.mozilla.com/firefox.

Today's BugBlog Plus has five more bugs and fixes for Mozilla Firefox 1.5. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/28/2005 Don't Get Caught by "Secure" Phishers

PC World reports that some phishing sites (sites pretending to be other, trusted sites in order to steal information from you) are using self-generated SSL certificates to pretend they are actually secure sites. See the familiar padlock on your browser's status bar, and you may think you are at a legitimate site. How can you tell if a security certificate is good? Double-clicking on the little padlock symbol will bring up a window in both Mozilla and IE that will give the full details. If the issuing authority is "Unknown", "Self-generated", or "Dmitri's Moscow Hacker Emporium" you should be very cautious about proceding.

Today's BugBlog Plus has five more bugs and fixes for Adobe, Cisco, Microsoft and Red Hat. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/27/2005 Too Many Adobe Programs Confuse IE

If you have both Adobe Acrobat 6 and the Adobe Reader 7 both installed on the same Windows computer, if you try to open a PDF file in Microsoft Internet Explorer you may see this error message
Cannot use Adobe Reader to view PDF…
This has been fixed the the Adobe Reader 7.0.5 update.

Today's BugBlog Plus has five more bugs and fixes for Adobe, Apple, IBM, and Microsoft. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/25/2005 ZoneAlarm Fixes Incompatibilities

The latest version of ZoneAlarm, version 6.1.737.000, fixes a number of compatibility problems. These include problems with the Adaptec USB driver, with the Nortel VPN, with System Mechanic Startup Guard, and with PC Cillin 2006. It also fixes what Zone Labs calls "system stability issues." Find out more at http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html.

11/23/2005 Fix For Frozen Power Macs

Apple has a firmware update for their Power Mac G5 computer. It fixes a number of annoying bugs, including an optical drive that may stop ejecting after you've used the computer for two hours or more, an Internet connection that may quit after using the computer for two hours or more, or a bug that causes the computer to lock up when doing video-intensive tasks. Get the update at http://docs.info.apple.com/article.html?artnum=302212.

Today's BugBlog Plus has seven more bugs and fixes for Microsoft, Novell, Opera, Sony, and Symantec. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/22/2005 Neal Stephenson's Baroque Cycle

I'm going to be posting some older reviews of books, music and software that I've written for other sites. First up is the story of the Waterhouse and Shaftoe families.

11/22/2005 Another Threat via Microsoft Internet Explorer

Microsoft says that there may be a way to exploit a previously known bug in Microsoft Internet Explorer so that remote attackers could run their code on your computer. This would affect users of Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium Edition, Windows 2000 Service Pack 4, and Windows XP Service Pack 2. It will not affect Windows Server 2003 with Enhanced Security Configuration turned on. Previously, Microsoft only thought this bug could cause IE to crash. You would have to visit a malicious website to be victimized by this bug. The default configuration for Microsoft email programs should prevent these attacks from happening via email. An additional workaround would be to use Mozilla Firefox as your web browser.

Today's BugBlog Plus has five more bugs and fixes for Adobe, Apple, and Microsoft. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/21/2005 Scanning to Acrobat Causes Draw Error

If you create an Adobe Acrobat PDF file from a scanner, and then try to save that document as a password protected file, you may get this error message
A drawing error has occurred.
Adobe says that if you are using Acrobat 7.0 through 7.0.3, you will need to upgrade to Acrobat 7.0.5.

Today's BugBlog Plus has five more bugs and fixes for Adobe, Google, Novell, Opera, and PHP. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/20/2005 Microsoft Adds More Malware to Target List

The latest version of the Microsoft Windows Malicious Software Removal Tool adds five more pieces of malware to its target list. The November release will now also go after Bugbear, Codbot, Mabutu, Opaserv, and Swen. Go to http://support.microsoft.com/?kbid=890830 to see the entire list of malware it targets and get a link to download it.

Today's BugBlog Plus has five more bugs and fixes for Apple, Microsoft and SpamAssassin. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/18/2005 Microsoft Accepts Mozilla (Sort of)

The Microsoft Windows Genuine Advantage Program is a web-based program that checks whether you have a non-pirated version of Windows before you can download updates from Microsoft. It's a form of digital rights management, and which previously only worked with Microsoft Internet Explorer. That meant if you normally used Mozilla Firefox for your browser, you had to switch and use IE before you could validate and download from Microsoft. However, now you can get a Mozilla plug-in so that you can show Microsoft you are using a genuine copy of Windows while using a Mozilla browser. Get the download at http://www.microsoft.com/genuine/downloads/InstallPlugin.aspx?displaylang=en&sGuid=f87510e2-b622-4755-b8d1-a7773e82fa2c.

Today's BugBlog Plus has five more bugs and fixes for Apple, IBM, Macromedia, Microsoft and Qualcomm. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/17/2005 Sony's Uninstall Kit Is Bad News

Now it is the Department of Homeland Security's turn to smack around Sony. They have issued a National Cyber-alert about the uninstall script that Sony and First4Internet have issued to remove the rootkit that comes with certain Sony music CDs. The uninstall program installs an ActiveX control that has been marked Safe for Scripting, which means that just about any hacker or script kiddie could use it to download hostile content onto your computer. You would have to visit a malicious website with Microsoft Internet Explorer for this to happen. The alert, which has links to more technical details, is at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3650.

11/16/2005 Sobriety is Good, Sober is Bad

There are new variations of the Sober worm going around the Internet, carried by infected email attachments. At least one attack is sent with a message that says it contains an old school photo. Other attacks come with file attachments called Exceltab-packed_List.exe, Liste.zip, Reg-List-Dat_Packer2.exe, reg_text.zip Word-Text.zip, Word-Text_packedList.exe and Word-Text_packedList.zip. See how Symantec talks about one of the variations at http://www.symantec.com/avcenter/venc/data/w32.sober.t@mm.html. In addition to keeping your AV files up-to-date, be careful with file attachments.

Today's BugBlog Plus has ten more bugs and fixes for Apple, ATI, Macromedia, Microsoft and Novell. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/15/2005 IPSec IKE Bug Hits Cisco, Others

A bug in an Internet security protocol, IPSec IKE (Internet Key Exchange), will cause problems for Cisco devices that are configured to use IKE. This would include Cisco IOS that use the Crypto Feature Set, Cisco PIX Firewalls earlier than 6.3(5), Cisco VPN 3000 Series, and Cisco MDS Series. Attackers can exploit this bug to cause denial of service attacks. See the complete list of vulnerable devices, and information on workarounds and patches, at http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml. Researchers at the University of Oulu (Finland) Secure Programming Group found the underlying bug in IPSec IKE, which will also affect products from other companies.

Today's BugBlog Plus has five more bugs and fixes for Apple, ATI, Macromedia, and Microsoft. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/14/2005 Microsoft Moves Against Sony Rootkit

Microsoft will be labeling Sony's DRM (digital rights management) rootkit as spyware, and will be updating their Windows AntiSpyware application so that it can detect and remove the rootkit. This will take place during the regular updating of the antispyware's signatures. Microsoft's Microsoft's Anti-Malware Technology Team talk about this on their blog at http://blogs.technet.com/antimalware/archive/2005/11/12/414299.aspx. Note to Sony: when even Microsoft says that you've gone too far, you need to do some serious re-thinking.

Today's BugBlog Plus has ten more bugs and fixes for Apple, Macromedia, Microsoft, Novell, Red Hat and Symantec. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/13 Doomed to Compatibility Problems with ATI?

Try to play iD Doom3 Resurrection of Evil on a Windows XP Media Center Edition computer and an ATI graphics card with the ATI Catalyst Software Suite 5.10 and earlier, and you may have compatibility problems. You may have scissor mode corruption when you have CrossFire enabled, and you may see some ghosting of images. This has been fixed in the ATI Catalyst Software Suite 5.11 update.

11/11/2005 Some Real Bugs In RealPlayer

RealNetworks says there are bugs in a number of their media players that may allow a remote attacker to run hostile code on your computer. The code could be hidden in a media file or a skin file. Affected software for Windows includes RealPlayer 10.5 (6.0.12.1040-1235), RealPlayer 10, RealOne Player 1 and 2, RealPlayer 8 and RealPlayer Enterprise. Affected Mac software includes Mac RealPlayer 10 (10.0.0.305 - 331). Affected Linux software includes RealPlayer 10 (10.0.0 - 5) and Helix Player (10.0.0 - 5). Get update information at http://service.real.com/help/faq/security/051110_player/EN/. RealNetworks credits eEye Digital Security and NGS Software for finding these bugs.

11/10/2005 Adobe Apps Can't Find the Digital Camera

You may have problems getting one of your Adobe applications to detect your digital camera when it is plugged into your computer. These applications would include Photoshop CS and CS2, Photoshop Elements 2 and 3, Photoshop Album 2, and Bridge 1.0. Adobe has compiled a list of troubleshooting procedures you can work through to try to get your camera recognized. See the full list at http://www.adobe.com/support/techdocs/331584.html.

11/9/2005 Follow-Up on Sony Rootkit Problems

An update on the Sony rootkit issue from Mark Russinovich, who initially discovered the intrusive software installed by some Sony music CDs. First he highlights the extremely convoluted procedure you need to go through to get the software that uninstalls the rootkit. He then shows that the uninstaller isn't put together in a safe manner, and could cause your computer to crash. He also shows that the software does contact Sony, although at this point it seems to be for a fairly benign reason. Read the details at
http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html. To avoid trouble, avoid using Sony's copy-protected CDs on your computer. It's up to you to determine how much business you want to send Sony's way after this.

Today's BugBlog Plus has ten more bugs and fixes for Adobe, Apple, Microsoft, Red Hat and Symantec. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/8/2005 Critical Bugs in Windows Graphics Engine

Microsoft says that a series of bugs in the graphics rendering engines of Windows 2000, Windows XP, and Windows Server 2003 may allow a remote attacker to run their code on your computer. This affects all service packs for these versions of Windows. To be attacked, you would need to visit a website, or open an email or a file, that contains graphics that have been designed with the hostile code inside. The graphics in question are Windows Metafile (WMF) and Enhanced Metafile (EMF). Microsoft has patches available at
http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx. They credit eEye Digital Security, Venustech AdDLab, and Peter Ferrie of Symantec Security Response for finding these bugs.

11/7/2005 Macromedia Flash Player Could Allow Attack

There is a bug in Macromedia Flash Player 6 and 7 that could allow malicious code to be hidden in a Flash (.swf) file. If the Flash file is included in a web page, and is run within a browser, the hostile code would then be run on the victim's computer. Macromedia has fixed this in Flash Player 8, which you can get at http://www.macromedia.com/go/getflash. They credit eEye Digital Security and Sec Consult for finding this bug. You can read eEye's bulletin at http://www.eeye.com/html/research/advisories/AD20051104.html.

11/6/2005 Hackers Using Security Hole Created By Sony

Hackers are using the Sony DRM (digital rights management) root-kit as a way to hide their cheating in an online game. Blizzard Entertainment uses a program, called the Warden, to protect against cheaters in the World of Warcraft online game. But since the Sony program hides any program that starts with the prefix $sys$, the cheaters can buy and install the Sony music CD, and then use it as protection against being caught. Cheating in an online game is fairly trivial, but it is important because it shows how bad guys can use the Sony root-kit to hide their malware on your computer. If you've played a DRM-enabled Sony CD, you could be a target. Read the details at http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/.

11/4/2005 Bugs in QuickTime Affect Both Mac and Windows

A series of bugs in Apple QuickTime, for both the Mac and for Windows, may leave users vulnerable to remote attackers who may be able to exploit these bugs via QuickTime content, or to denial of service attacks. The bugs are fixed in QuickTime 7.0.3, which can be installed on Mac OS X 10.3.9 or later, Windows 2000, and Windows XP. Get it via Software Update or from http://www.apple.com/support/downloads/. Apple credits Piotr Bania for finding these bugs.

Today's BugBlog Plus has five more bugs and fixes for Adobe, Cisco, Microsoft, PHP and Ubisoft. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/3/2005 MS Security Patches Affect Some Websites

Web sites that rely on a Microsoft technology, ActiveX, may be partially disabled by two Microsoft security patches, MS05-038 and MS05-052. These two patches increase security precautions on ActiveX controls. What is ironic is that ActiveX is a technology that was pushed hard by Microsoft in the past, as a weapon against the increasing use of Java on websites to promote interactivity. Most non-Microsofties feel that ActiveX is not a particularly secure way of giving interactive functions anyway. In most cases, it is up to the webmasters who use these controls to implement some changes. They will need to see http://support.microsoft.com/kb/909738. This affects Internet Explorer users; if you use Mozilla, you would already have problems with these pages, since Mozilla doesn't use ActiveX.

 

11/2/2005 Sony Installs Root Kit With Music CD

It appears that as part of a stringent DRM (digital rights management scheme), Sony is shipping new music CDs that install a root kit on your PC. If you manage to discover this and try to delete it normally, you may screw up your CD. This was discovered by Windows expert Mark Russinovich, who knows more about Windows than everybody outside of Microsoft (and probably inside too.) Sony's lame attempt to help is http://cp.sonybmg.com/xcp/english/faq.html#uninstall -- you will need to contact them to get the uninstall procedure. You can see Russinovich's meticulous research at http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html. The workaround is simple -- don't buy stuff from Sony.

This bug is also covered at Blogcritics -- you may also want to check out their redesign.

Today's BugBlog Plus has ten more bugs and fixes for Apple, Microsoft, Mozilla, Novell, Red Hat and Sun Microsystems. A low-cost subscription to the BugBlog Plus gets you five times more bug reports.

11/1/2005 Microsoft Wins the Bug of the Month

A critical but flawed bug fix wins the honors for Microsoft again.

11/1/2005 Apple Update Fixes SMB Bugs

Some bugs with SMB volumes have been fixed in Apple's Mac OS X 10.4.3 update. Without the update, if an SMB volume is unmounted, you may not be able to get it to mount up again. In addition, Finder wasn't always able to connect to an SMB volume; this has also been fixed by the update.

Today's BugBlog Plus has five more bugs and fixes for Apple, Macromedia, Microsoft, and Red Hat. A low-cost subscription to the BugBlog Plus gets you five times more bug reports

10/31/2005 AIM May Deliver a Root Kit

A nasty bit of malware may get loaded onto your computer if you click on a wrong link in AIM, America Online's Instant Messenger service. Security researchers at FaceTime Communications say that when you click on the worm link, you will get some common spyware applicatons, the Sdbot Trojan, and a root kit. The latter is the worst, since it is designed to be undetected by security software. Be extra cautious about following any links in an IM, even if they come from one of your buddies. They may have already been infected and the message could have gone out without their knowledge. Read more at http://news.zdnet.com/2100-1009_22-5920403.html.


Home | Contact | Writing | Online | News | Tips | CABE |

© 2005 BJK Research LLC