============================================================ -------- PCMAG.COM'S SECURITY WATCH -------- -------- for October 13, 2004 -------- ============================================================
============================================================ ********** Sponsored by Shavlik HFNetChkPro ********** Deploy Windows XP Service Pack 2 with Shavlik HFNetChkPro Today. Our free, fully functional, no time-out, trial version helps automate patch delivery and testing with swift scanning and a complete GUI. Start patching in just 30 minutes to ensure that your systems are fully protected against viruses, worms & hackers. Download the trial version at shavlik.com http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111065-1 ************************************************************ ============================================================ Welcome to the PCMag.com Security Watch Newsletter. Every week we bring you an overview of the current viruses, worms, and other threats and the information you need to combat them. The big news this week is the huge release of patches from Microsoft. On the heels of last month's ground shaking JPEG vulnerability, Microsoft announced nine security updates, MS04-029 through MS04-038 Of the group, six have a critical severity rating. Symantec, McAfee and Trend are reporting a moderately destructive worm that spreads using the MSN or Microsoft Messenger address book. Personal Firewalls have become as ubiquitous as antivirus utilities in Internet Security suites, as well as in Windows XP, but how do you tell if they're any good? For more on these threats, vulnerabilities and other issues, visit the Watch. IN THIS ISSUE: * Top Threat w32/funner.A-mm * Top 10 e-mail viruses as reported for the month of October 2004. * Top 5 Vulnerabilities as reported by Threat Focus for Tuesday October 6, 2004 * Top Phish of the week * Security tip: Be careful when reading online mailing list archives * Security alerts and updates * Jargon Watch * Security Watch News Feed ============================================================ Top Threat w32/funner.A-mm Funner spreads through MSN or Microsoft Windows Messenger by sending an executable file called funny.exe to everyone in your buddy list. When it infects, it adds 937 urls to the Windows HOSTS file adds executable files to the Windows system folder, and makes registry changes to insure it executes when the PC starts up. See our top threat for more on the Funner worm. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111068-1 ============================================================ Top 10 e-mail viruses as reported for the month of October 2004. The following are the top ten e-mail viruses as reported by MessageLabs for Tuesday October 12th, 2004. 1. W32/Netsky.P-mm 2. W32/Netsky.Q-mm 3. W3s/MyDoom.T-mm For the full list, visit the Top Ten section http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111071-1 ============================================================ Top 5 Vulnerabilities as reported by Threat Focus for Tuesday October 6, 2004 Date: 10/7/04 Title: Microsoft [MS Word multiple exceptions, at least one exploitable] Severity: High For more high severity Apple, IBM and Microsoft vulnerabilities, see our top 5 section. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111074-1 ============================================================ Top Phish of the week Name: Visa-Securie.com phish Date: October 2004 Type: Phishing - Account Information For more on this believable phish, see our top phish section. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111077-1 ============================================================ Security tip: Be careful when reading online mailing list archives Online Mailing lists are a great resource for all kinds of information, especially the public archives. While these collections are a boon for researchers, they can also harbor hidden threats. For more on these online lurking threats, see our Security tip section. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111080-1 ============================================================ Security alerts and updates This Tuesday, Microsoft released nine security bulletins, six of which were critical in nature. The updates covered a wide range of vulnerabilities. Secunia is reporting this week a highly critical buffer overflow flaw in Crystal Reports' JPEG processing. Another report from Secunia notes that Microsoft Visio and PowerPoint viewers are also affected by the MS04-028 JPEG vulnerability. Secunia reported a highly critical Word for Windows vulnerability that can trigger a DoS attack . In a partially tongue-in-cheek report, the Full-Disclosure mailing reported that KitchenAid Premium blenders suffer from a firmware flaw. For more on the Microsoft and other vulnerabilities, see our Security Alerts and updates section. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111083-1 ============================================================ Jargon Watch Each week, we define a few pertinent terms to break down the jargon barrier and help you better understand potential PC issues. This week we cover: Windows Installation Folder, and Root directory. Go to our Jargon Watch for definitions to these terms. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111086-1 ============================================================ Security Watch News Feed Personal Firewall--Don't Surf Without It http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111089-1 New Worm Attacks MSN Messenger As Service Falters http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111092-1 Microsoft Issues Flurry of Fixes on Busy Patch Day http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111095-1 Get more links in the Feed http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111098-1 ============================================================ The PCMag.com Bookstore PC Magazine's Windows XP Solutions Ever wish they'd consulted you before they designed Windows XP? Sure, it's a great system, but there's this one feature that makes you crazy. Or that annoying problem that keeps occurring. Well, you can rely on Neil Randall and your friends at PC Magazine to correct that oversight. Here's the complete compendium of solutions to the things that bug you, threaten your security, slow you down, or other-wise prevent Windows XP from running like it should. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111101-1 PC Magazine Guide to Home Networking Ready to plunge into creating your own home network? Reading this book is like having PC Magazine contributing editor Les Freed drop by and set the whole thing up for you. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111104-1 More Books http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111107-1 ============================================================ Tech Jobs http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111110-1 ============================================================ Ziff Davis Channel Zone http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111113-1 ============================================================ DevSource http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111116-1 ============================================================ ENTER to WIN Brought to you by Xerox WIN a Xerox Phaser 7300 or a 50" HDTV. The world's fastest workgroup color printer, the Phaser7300 packs 30 ppm color at up to 2400 dpi resolution. Best for high productivity business color. Click here to enter! http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111119-1 ============================================================ Upcoming Events ============================================================ Test Drive the Latest Personal Technology! Come to DigitalLife, Oct. 14-17, Javits Convention Center, NYC. Test drive and compare today's hottest cell phones, digital cameras, flat screen TVs, PDAs, video games, PCs and laptops, MP3s, home networking solutions and more. Get coupons and win prizes. For 50% off tickets go to www.digitallife.com. Enter promo code ZDM2004 at checkout. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111122-1 10/13 Getting Ready for Grid: Tapping the Juice In Underused Servers FREE eSeminar! Not until the recent introduction of 10g technology has grid computing's usability and manageability been made so streamlined and user-friendly that it is accessible to commercial enterprises. Grid computing is promising to deliver the ability to tie low-cost, commodity hardware together so as to utilize currently underused enterprise resources. Join this eSeminar with Lisa Vaas, associated editor and Database Center manager at eWEEK.com, and a panel of database experts as they discuss the what, why and how of grid computing. Register now. http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111125-1 ============================================================ Elsewhere on Ziff Davis Internet ============================================================ DigitalLife: "Fashion Week" for Geeks Kicks Off http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111128-1 Worm Hits MSN Messenger as Service Falters http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111131-1 Media Center Edition 2005 Arrives! http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111134-1 A Very Good Midrange Pocket PC http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111137-1 ============================================================ eNewsletter Information ============================================================ You are subscribed to PCMag.com's Security Watch with the e-mail: [EMAIL PROTECTED] To unsubscribe to this newsletter, click below: http://www.pcmag.com/unsubscribe_newsletter/0,4223,,00.asp?n=71&type=u&[EMAIL PROTECTED] To change your e-mail address, change your text/HTML preferences, or to subscribe to other FREE PC Magazine Online e-mail newsletters, visit: http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111140-1 If you'd like to advertise in our eNewsletters, visit: http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111143-1 ============================================================ PC Magazine Print Subscriptions ============================================================ Start or Renew a subscription: http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111146-1 Give a gift subscription: http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111149-1 Help with your subscription: http://eletters.pcmag.com/zd1/cts?d=81-1180-14-15-53809-111152-1 Copyright (c) 2004 Ziff Davis Media Inc. All Rights Reserved. Ziff Davis Media Inc., 28 East 28th Street, New York, NY 10016
