If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Microsoft has issued yet another security advisory in the wake of attacks targeting Word. The company said in the advisory that it has received reports of attackers targeting a flaw in the handling of .doc files. The attacks are not currently believed to be widespread, and the initial exploit attempts have been in specially targeted attacks.
The vulnerability lies in the way Word 2002 Service Pack 3 handles .doc files. An attacker could use a specially-crafted document to cause a memory overflow error and application crash. The error would then leave the system vulnerable and allow the attacker to remotely execute code on the target system. Microsoft said that the vulnerability only appears to exist in Office Word 2002 Service Pack 3. No other versions of Word or Office appear to be at risk for attack.
In addition to basic security practices such as enabling a firewall and antivirus software, Microsoft recommends that users exercise caution in loading mail attachments and avoid suspicious .doc files.

View: The full story @ vnunet

Students at the Ruhr University of Bochum, Germany, say they have found a way to steal security tokens in Microsoft’s new CardSpace authentication framework. Attackers can apparently get access to protected, encrypted user data – such as passwords, credit card numbers, and delivery addresses – when they are transmitted. CardSpace (formerly InfoCard) is the successor to Passport. In both architectures, users’ personal data are stored locally on the user’s system.
Depending on the web site, users can decide which data they want to transmit. CardSpace is designed to make classic passwords a thing of the past, by replacing them with digital certificates that may be self-signed or signed by an authoritative CA such as Verisign.

Link: heise.de

A critical vulnerability in VMware’s virtualization software for Windows lets attackers escape the “guest” operating system and modify or add files to the underlying “host” operating system, the company has acknowledged. As of Sunday, there was no patch available for the flaw, which affects VMware’s Windows client virtualization programs, including Workstation, Player, and ACE. The company’s virtual machine software for Windows servers and for Mac- and Linux-based hosts are not at risk.
The bug was reported by Core Security Technologies, makers of the penetration-testing framework CORE IMPACT, said VMware in a security alert issued last Friday. “Exploitation of this vulnerability allows attackers to break out of an isolated guest system to compromise the underlying host system that controls it,” claimed Core Security.
According to VMware, the bug is in the shared-folder feature of its Windows client-based virtualization software. Shared folders let users access certain files — typically documents and other application-generated files — from the host operating system and any virtual machine on that physical system.
“On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host’s complete file system and create or modify executable files in sensitive locations,” confirmed VMware.
VMware has not posted a fix, but it instead told users to disable shared folders.
 

View: Full Article @ InfoWorld
Link: VMware Security alert