Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, July 13, 2005

Major Windows exploit ‘days away’

Hackers are actively exploiting two serious security vulnerabilities in Windows, Microsoft warned on Tuesday as it released “critical” alerts about the flaws.

“Attackers are already using the JView Profiler flaw to download and install Trojan horses on victims’ machines,” said Dan Hubbard, senior director at Websense Security Labs.  The Trojan horses would let the miscreants remotely control the hijacked PCs and make it part of a network of such computers known as a botnet, an increasing cyberthreat.

The other vulnerabilty affects the Microsoft Color Management Module, a component of Windows that handles colors.

The Windows vulnerabilities are described in two bulletins issued as part of Microsoft’s monthly patch cycle.

A third alert deals with a bug affecting Word 2000 and Word 2002.  The Word flaw could allow an attacker to take control of a vulnerable PC, the software maker said.,39020330,39208852,00.htm

Posted on 07/13