============================================================ -------- PCMAG.COM'S SECURITY WATCH -------- -------- for August 25, 2004 -------- ============================================================
============================================================ ********** Sponsored by Proofpoint ********** Free Report: Outbound Email Security and Content Compliance Everyone is familiar with inbound e-mail threats such as spam and viruses, but little attention has been paid to the risks posed by outbound email. Learn how IT execs are meeting these challenges in this free report from Proofpoint. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95912-1 ************************************************************ ============================================================ Welcome to the PCMag.com Security Watch Newsletter. Every week we bring you an overview of the current viruses, worms, and other threats and the information you need to combat them. Microsoft will make Windows XP Service Pack 2 available to the general public this week, but the enthusiasm for the first significant OS update in almost two years is now competing with worries over discoveries and claims of new holes and vulnerabilities. Through an anonymous tip, we confirmed a core vulnerability in the Windows Security Center, the new control panel for a PC's security status. Another unpatched hole has been found in Internet Explorer that affects Version 5.01 and later that allows an attacker to download a malicious executable to the user's system without their knowledge. This week's tip also deals with the new SP2 security; we show you how to open ports to allow products like PCAnywhere to work c orrectly. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95915-1 IN THIS ISSUE: * Top Threat: Windows Security Center Spoof * Top 10 E-mail viruses * Top 5 Vulnerabilities as reported by Threat Focus as of Tuesday August 24, 2004 * Top Phish of the Week as reported by MailFrontier August 24, 2004 * Security Tip: Opening Ports in XP Service Pack 2 * Windows Updates and Vulnerabilities * Jargon Watch * Security Watch News Feed ============================================================ Top Threat: Windows Security Center Spoof Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected. See our Top threat for more on this SP2 vulnerability http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95918-1 ============================================================ Top 10 E-mail viruses These are the latest threats as reported Tuesday Aug 24, 2004 by MessageLabs W32/Netsky.P-mm W32/Zafi.B-mm W32/Netsky.D-mm For the full Top Ten list, visit our Top 10 Report http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95921-1 ============================================================ Top 5 Vulnerabilities as reported by Threat Focus as of Tuesday August 24, 2004 Date: 8/18/04 Title: Cisco [IOS Malformed OSPF Packet Causes Reload] Severity: High For more Sun, Red Hat and HP vulnerabilities, see our Top 5 section. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95924-1 ============================================================ Top Phish of the Week as reported by MailFrontier August 24, 2004 Name: PayPal -- Address Bar Replacement Type: Phishing -- Account Information Subject Line: PayPal -- Security Measures -- Are You Traveling? To learn more about recognizing this fraudulent e-mail, see our Top Phish section. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95927-1 ============================================================ Security Tip: Opening Ports in XP Service Pack 2 If you're getting ready to update to the Windows XP Service Pack 2, Microsoft has just released a guide on application compatibility. For most home users, installing and running with Windows XP Service Pack 2 is not a problem. However, some Internet applications may need specific ports opened in the new Windows Firewall. Last week we showed how to tell the firewall about new applications, but sometimes you also need to specify additional ports. To learn how to open specific ports in Windows XP SP2 see this weeks Security Tip. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95930-1 ============================================================ Windows Updates and Vulnerabilities A new high risk and as-of-yet unpatched IE flaw has been reported by several security companies The vulnerability is due to insufficient checks on Drag and Drop events that move resources between the Internet and Local zones. When exploited, it allows an attacker to install executable files on a victim's hard disk. For a while we've been telling people that using BCC (Blind Carbon Copy) to send to a list of recipients without revealing the your list. However, Microsoft has just posted a knowledge base article that reports an Outlook Express 6 condition where the BCC list can be viewed. For more on these IE and Outlook flaws see our Update and Vulnerabilities section. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95933-1 ============================================================ Jargon Watch Each week, we define a few pertinent terms to break down the jargon barrier and help you better understand potential PC issues. This week we cover: Virtual Machine and BCC. Go to our Jargon Watch for definitions to these terms. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95936-1 ============================================================ Security Watch News Feed Latest SP2 Flaw Bypasses IE Security Zone http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95939-1 IT Managers Can Stall SP2 http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95942-1 IT Admins Not "Trusting" SP2 Security http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95945-1 Get more links in the Feed http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95948-1 ============================================================ The PCMag.com Bookstore PC Magazine's Windows XP Solutions Ever wish they'd consulted you before they designed Windows XP? Sure, it's a great system, but there's this one feature that makes you crazy. Or that annoying problem that keeps occurring. Well, you can rely on Neil Randall and your friends at PC Magazine to correct that oversight. Here's the complete compendium of solutions to the things that bug you, threaten your security, slow you down, or other-wise prevent Windows XP from running like it should. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95951-1 PC Magazine Guide to Home Networking Ready to plunge into creating your own home network? Reading this book is like having PC Magazine contributing editor Les Freed drop by and set the whole thing up for you. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95954-1 More Books http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95957-1 ============================================================ Tech Jobs http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95960-1 ============================================================ Ziff Davis Channel Zone http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95963-1 ============================================================ DevSource http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95966-1 ============================================================ Free White Paper Brought to you by Remedy ============================================================ Download a Free White Paper by the Help Desk Institute Small businesses often face the decision to purchase help desk software or develop it in-house. This white paper investigates the advantages of purchasing help desk management software over developing it in-house. Compliments of Magic HelpDeskIQ from Remedy. Download the White Paper NOW! http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95969-1 ============================================================ Upcoming Events ============================================================ 8/26 The Evolution of Business Server Performance with AMD's Opteron Processors FREE eSeminar! Keeping your business and IT budget in step with changing technology is no small task. You need to explore other opportunities to energize your IT infrastructure to meet your company's business needs. Attend and learn from real-world examples how to optimize the performance of your 32-bit applications while getting the benefits of a 64-bit environment. Post event survey participants will be entered for a chance to win an HP Photosmart R707 digital camera! Register now. http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95972-1 ============================================================ Register Now for the Technology for Business Today Seminar Series Join Intel, PC Magazine and others for our free seminar tour. We'll give you the information and tools you need to take advantage of leading edge technologies and solutions for your business to stay ahead of your competition and drive business growth. During the 13-city tour, we'll have two half-day sessions on Technology for Business Today -- one devoted to the enterprise, the other tailored for the needs of small and medium-sized businesses. Click here for more information and to register http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95975-1 ============================================================ Elsewhere on Ziff Davis Internet ============================================================ VOIP Project Slip-Up: A Worst-Case Study? http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95978-1 E-Mail Phone Ready to Fly http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95981-1 Remove a URL from History http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95984-1 Users Weigh In on Oracle's Patch Plan http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95987-1 ============================================================ eNewsletter Information ============================================================ You are subscribed to PCMag.com's Security Watch with the e-mail: [EMAIL PROTECTED] To unsubscribe to this newsletter, click below: http://www.pcmag.com/unsubscribe_newsletter/0,4223,,00.asp?n=71&type=u&[EMAIL PROTECTED] To change your e-mail address, change your text/HTML preferences, or to subscribe to other FREE PC Magazine Online e-mail newsletters, visit: http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95990-1 If you'd like to advertise in our eNewsletters, visit: http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95993-1 ============================================================ PC Magazine Print Subscriptions ============================================================ Start or Renew a subscription: http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95996-1 Give a gift subscription: http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-95999-1 Help with your subscription: http://eletters.pcmag.com/zd1/cts?d=81-1042-14-15-53809-96002-1 Copyright (c) 2004 Ziff Davis Media Inc. All Rights Reserved. Ziff Davis Media Inc., 28 East 28th Street, New York, NY 10016 [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
