Archives ||  About Us ||  Advertise ||  Feedback ||  Subscribe-
-
-
  -  
 
 Home > News & Analysis
 Print Friendly Page ||  Email this story
News & Analysis

MS plugs 10 new holes
Microsoft released a security patch for its Web server software which plugs 10 new holes that could allow hackers to take full control of computers running the company's IIS (Internet Information Server) program. It is a cumulative patch which incorporates other separately released fixes. It addresses ten new security vulnerabilities affecting IIS. IIS 5 is susceptible to all the new vulnerabilities, IIS 4 to nine, and IIS 5.1 to eight. Customers running a website on Windows NT 4.0, Windows 2000, or Windows XP Professional are advised to install the patch at the earliest. Microsoft opined that three out of the 10 fixes are critical for all three versions of IIS and one is critical for IIS 4 and 5. Beta-build, or test versions 3605 or higher of .NET Server, which have still not been released already contain the fix. IIS 6 is included with .NET Server. Microsoft recommends that IIS operators either download the patch separately or, if running Windows XP, retrieve the fix using the automatic update feature. The IIS 4 patch requires that Service Pack 6a be applied to Windows NT Server. The IIS 5 patch can be applied to Windows 2000 running either Service Pack 1 or 2. It also recommends that the IIS 5.1 patch be applied to systems running Windows XP Professional. The IIS 5 patch will be included in Windows 2000 Service Pack 3, which is in beta testing. The fixes for IIS 5.1 will be included in Windows XP Service Pack 1, which is expected to begin beta testing next month. According to the company in addition to the patches, IIS operators should download and use IIS Lockdown Tool 2.1, which turns off unwanted features that if left on could create vulnerabilities for hackers to exploit. The patches and the Lockdown Tool 2.1 can be downloaded from www.microsoft.com.


Klez.h worm makes a klutz out of many PCs
A worm called Klez.h arrives along with sensitive documents and results in the victims' confidential information spreading with the malicious program. Klez.h contains an upgraded version of a virus called the Elkern virus (w32.elkern.c) which runs under Windows 98, Me, 2000, and XP.
Elkern.c adds a hidden file called wqk.exe to the registry entry. The worm uses a well-known vulnerability in Outlook Express. It scans the disks of an infected computer and, depending on a set of conditions, attaches a file to the infected e-mail it distributes. Text, HTML, Adobe Acrobat, and Excel files are included in the types of documents that the virus can forward. “While the number of computers infected by the Klez.H variant falls short of epidemics like the LoveLetter worm, the virus has still shown surprising resiliency,” said Steve Trilling, Director of antivirus software maker Symantec's security response team. The Klez variant has generated nearly 20,000 incident reports from Symantec customers in a little over a week. Included in that number are 250 corporations that have multiple infections." MessageLabs, a UK-based security firm first detected the worm from an Internet address in China. Security patches can be downloaded from www.microsoft.com and antivirus vendor Websites. Symantec customers in a little over a week. MessageLabs, a UK-based security firm first detected the worm from an Internet address in China. Security patches can be downloaded from http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/security/virus/alerts/klez-h.asp www.microsoft.com and antivirus vendor Websites. The worm chooses a subject line from more than 100 possibilities like 'meeting notice', 'some questions', and 'honey.' It uses many different file names when attaching itself to a message and mails the messages off to e-mail addresses that it culls from files on the infected machine.


SNIA SSF to provide multi-vendor interoperability
Members of SNIA SSF (Storage Networking Industry Association's Supported Solutions Forum) announced that SSF members Legato Systems, Quantum Corp., StorageTek, and VERITAS Software have joined them to provide a new solution set that increases flexibility, functionality, and interoperability of storage networking solutions from cross-vendors.
The original solution set, which was registered with SNIA in June 2001 included two open SAN solutions that enabled the co-existence of data zones containing Compaq, EMC, Hitachi Data Systems and IBM storage system products on a single, shared fiber channel fabric. At that time, participating vendors signed bilateral cooperative support agreements intended to simplify joint customer support in multi-vendor environments. The new solution set adds more backup capabilities and multi-vendor disk storage from Compaq, EMC, Hitachi Data Systems and IBM; multi-vendor tape storage from IBM, Quantum and StorageTek; and multi-vendor backup/recovery software from Legato Systems, Inc., IBM Tivoli Storage and VERITAS Software, which all run on either a Brocade fabric or a McDATA fabric. The Brocade fabric consists of 12 SilkWorm 2800 16-port switches at its edge with four SilkWorm 3800 16-port switches at its core. The core switch makes use of 2 Gbps link technology, and the edge switches use 1 Gbps link technology. McDATA fabric consists of four 64-port Intrepid 6000 Series Directors and a Sphereon 1000 Series Edge Switch to attach FC-AL tape drives. The McDATA Director uses 1 Gbps technology that is supported and upgradeable to 2 Gbps to 10 Gbps, while the Edge Switch uses 1 Gbps link technology. The SSF plans to continue the development of interoperable storage initiatives by expanding the size of configurations, involve additional vendors, add components, increase the level of component interoperability, add multi-vendor switch interoperability and integrate new storage networking applications.


'Double-free' compression
A security vulnerability has been found in the zlib compression library used in Linux systems. A software bug known as 'double-free vulnerability' causes the key memory-management functions in the zlib compression library to fail. The zlib library is a data compression and decompression program that helps speed network file transfers. All Linux versions and several other OSs that use open-source components are vulnerable to the attack.
The flaw discovered by Red Hat, makes a memory allocation routine built into the program try and free used memory twice. The result of this 'double-free' action is that malicious codes can travel through and allow an attacker to take control of the machine. Since the problem is in a library, multiple programs can be affected by it. Most legitimate programs don't try to free memory repeatedly except by accident. This prompts attackers to use this technique to try and force the OS to run code designed to take over the computer. Vulnerability patches are available at the zlib and Red Hat Website.


1.78 million frame relay ports
The Frame Relay Forum says that according to a research by Vertical Systems Group, customer installations of carrier-based Frame Relay services worldwide have reached an estimated 1.78 million ports by the end of 2001. Market revenue will hit $12.7 billion up from $1.7 billion in 1991 when frame relay services were first launched.
The Frame Relay Forum is an association of vendors, carriers, users, and consultants committed to the education, promotion, and implementation of Frame Relay in accordance with international standards. "Ten years ago, the Frame Relay market consisted of several pioneering carriers and a handful of gutsy customers with a few ports each," said Rosemary Cochran, Principal at Vertical Systems Group. "By the following year, most major carriers had an offering either available or planned. Driven by cost savings relative to leased lines or dedicated X.25 services, Frame Relay steadily gained market acceptance as an enterprise data networking solution. Today, Frame Relay is a mature global transport service with a healthy outlook for continued growth."


IBM leads Unix server sale in fourth quarter of 2001
Industry analyst IDC (International Data Corporation) published a worldwide Unix server sales report for the fourth quarter 2001. The report says IBM had higher sales than Sun Microsystems.
IBM's eServer p690 greatly contributed to its fourth quarter success. According to IDC data IBM gained two points of Unix revenue share in the quarter as against the year ago, while Sun's share went down by 5.7 points during the same period. IBM gained 2.6 percent share in India, which was the biggest gain among the top four vendors in the fourth quarter of 2001. In addition to its leadership in Unix servers, IBM was also the leading player in overall worldwide server sales. It led with 32.4 percent revenue share in the fourth quarter, while Sun held 11.8 percent.


No Oracle upgrades in a hurry
Oracle, is still struggling to persuade many of its business application users to upgrade to its 2-year-old e-Business Suite 11i technology. The company said it has no plans to roll out another major release in the foreseeable future.
Oracle executives had talked about plans for a follow-on release as long as three years ago, but the company said at the AppsWorld conference that 11i has enough functionality to eliminate the need for a complete new version. It now plans to upgrade 11i on a more incremental basis, adding features every four or five months.


Even formatting doesn't erase data
JEITA (Japan Electronics and Information Technology Industries Association) an organization backed by Japan's largest electronics companies has issued a warning to PC users. It has said that data stored on the hard disk of a computer that's being scrapped or thrown away can be read by a malicious third party even if the disk has been reformatted. JEITA has called on PC makers to offer software and services to protect users.
What users normally do as data deletion, is not exactly deleting data," said Atsuko Agata, a spokeswoman for JEITA. "It just temporarily puts a mark on data that says this data is unnecessary." In order to completely erase data from a hard disk one should use special third-party software. JEITA said in a statement that PC makers should provide information on how to erase data from a hard disk on their websites and in their product manuals.

 
     
- <Back to Top>-  

Copyright 2001: Indian Express Group (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by The Business Publications Division of the Indian Express Group of Newspapers. Site managed by BPD