Panda Weekly summary - 06/14/03

"A life spent making mistakes is not only more honorable
but more useful than a life spent doing nothing."
George Bernard Shaw (1856-1950); English dramatist.

- Weekly summary -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)​

Madrid, June 14, 2003 - This week's Oxygen3 24h-365d has reported the news (*) summarized below.

- Bugbear continues infecting computers and causing collateral damage (06/09/03).
The return to work on Monday saw the renewed activity of the Bugbear.B worm, which is causing one of the worst epidemics of recent times. The fact that Bugbear.B renders many antivirus and security programs on the affected computer unusable, can leave systems vulnerable to attacks from other viruses, as is happened with the Mapson worm, which appeared early this
week.

- Cumulative patch for Microsoft Internet Explorer (06/10/03).
Microsoft has released a cumulative patch for Internet Explorer -versions 5.01, 5.5, 6.0 and version 6.0 for Windows Server 2003- which includes fixes for all previously discovered vulnerabilities as well as two newly discovered ones. Microsoft has classified the two new vulnerabilities as 'critical' as they could allow code to be run on the system on visiting a malicious website, or viewing an HTML e-mail through the Preview Pane.

- Update for the Novell web server (06/11/03).
Novell has announced the publication of an update for the HTTP stack, known as Netware HTTP Stack or HTTPSTK, to correct a security problem. If a remote attacker was able to exploit this problem, it could cause a denial of service in vulnerable servers.

- Temporary workers and corporate security (06/12/03).
According to an article published by Silicon.com, PolicyMatter -a corporate compliance specialist- has argued that temporary workers on short-term contracts could represent the most serious security threat to companies, as they are not made sufficiently aware of IT security policy. For this reason, they could breach company e-mail or Internet user guidelines without even knowing, and increase their employer's exposure to virus attacks or other security problems.

- Vulnerable phone networks (06/13/03).
According to an article in Washingtonpost.com, although US companies spend large amounts of time and money on protecting their data systems from attack, they do not pay enough attention to an important flank: office telephone systems. Last week, Federal law-enforcement officials said that they are receiving a large number of reports of hackers gaining access to voice mail and telephone systems in order to launch attacks on the Internet.

(*) The complete articles corresponding to these summaries are available from the Oxygen3 24h-365d archives at: http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp