Microsoft on the Issues: Bring Spyware Out of the Shadows

Concerted action will help consumers gain more control over the programs running on their PCs


Thanks to Congress, law-enforcement agencies may soon have stronger tools to help curb spyware.


Spyware is deceptive software that sneaks into computers, usually via the Internet. It can disrupt the operation of PCs and furtively collect personal information about their users. It has become pervasive and increasingly troublesome as the world has become more connected.


The U.S. House of Representatives has overwhelmingly approved two different anti-spyware bills. As the Senate takes up the issue, Microsoft and many other technology companies have joined in supporting targeted legislation that would establish a strong, national standard for anti-spyware enforcement.


Microsoft favors legislation because we believe that consumers should be able to make informed decisions about the software they install on their PCs. To help ensure this, we hope Congress will include in its final bill a provision that would prevent spyware traffickers from using frivolous lawsuits to attack companies that are supplying consumers with anti-spyware tools.


Such a provision is vital because solving the spyware problem will require not only strong laws, but also energetic efforts by the private sector.”


More in http://www.microsoft.com/issues/essays/2005/06-29spyware.asp

Internet Explorer ‘javaprxy.dll’ COM Object Exception Handling Lets Remote Users Crash the Browser

A vulnerability was reported in Microsoft Internet Explorer in ‘javaprxy.dll’. A remote user can cause the target user’s browser to crash or potentially execute arbitrary code. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a heap overflow in ‘javaprxy.dll’ and cause the target user’s browser to crash. Specially crafted object tags can cause certain COM componenets to crash.  It may be possible to overwrite a function pointer to execute arbitrary code. However, the vendor could not reproduce a function pointer overwrite.


http://securitytracker.com/alerts/2005/Jun/1014329.html

Fresh Javascript Browser Exploit

Hot on the heels of an exploit which allowed Javascript popups to appear in front of another site, Neowin has learned of another, potentially more dangerous, use for the script.


The latest problem, reported to us by Neowin user flanderssoft, centres around the ability to refresh a page other than the one currently open – if that page has loaded a popup in the first place. It would allow visitors clicking on a malicious link to Hotmail to initially be served with the correct page, before being transferred seconds later to one which looks identical on another server. If the URLs were similar, it’s likely many users wouldn’t notice the change.


The exploit sample below only works on IE: however, tests seem to suggest it may work on other browsers. The only reason it doesn’t in this case is the use of an unusual extension (.srf) throwing them off.


It’s likely this exploit, like the previous one, may not be patched; many sites use this ability in a legitimate way to refresh a page after a link in another window is clicked. Therefore the only way to avoid it is, as always, to not click suspicious links – or to disable Javascript.


Demo in http://www.markvanberkel.com/bug.htm


Source: Neowin

Mozilla Browsers Error in Processing Empty Javascript Functions Lets Remote Users Deny Service

Paul Kurczaba reported a vulnerability in the Mozilla Firefox, Mozilla Suite and Mozilla Camino browsers.  A remote user can cause the browser to crash.  A remote user can create specially crafted Javascript that, when loaded by the target user, will cause the target user’s browser to crash. The code can repeatedly call an empty function to trigger the flaw. 
 
Impact:  A remote user can cause the target user’s browser to crash.
Solution:  No solution was available at the time of this entry.  As a workaround, Javascript can be disabled.


http://securitytracker.com/alerts/2005/Jun/1014292.html
http://securitytracker.com/alerts/2005/Jun/1014293.html
http://securitytracker.com/alerts/2005/Jun/1014294.html


http://www.kurczaba.com/html/security/0506241.htm

Microsoft Shared Computer Toolkit for Windows XP

Shared computers are commonly found in schools, libraries, Internet and gaming cafés, community centers, and other locations. Often, non-technical personnel are asked to manage shared computers in addition to their primary responsibilities.Managing shared computers can be difficult, time-consuming, and expensive. Without restrictions, users can change the desktop appearance, reconfigure system settings, and introduce spyware, viruses, and other harmful programs. Repairing damaged shared computers costs significant time and effort.


User privacy is also an issue. Shared computers often use shared accounts that make Internet history, saved documents, and cached Web pages available to subsequent users.


The Microsoft Shared Computer Toolkit for Windows XP provides a simple and effective way to defend shared computers from untrusted users and malicious software, safeguard system resources, and enhance and simplify the user experience. The Toolkit runs on genuine copies of Windows XP Professional, Windows XP Home Edition, and Windows XP Tablet PC Edition.

The Security Guide for Home Computing

Newhall Enterprises, Inc. offers The Security Guide for Home Computing. It is an animated e-book that explains computer security in plain English that everyone can understand. The guide has animated readers and over 55 FREE security software links (Free personal firewalls and antivirus software).

The said animated e-book comes in 2 flavors:

$ – The Security Guide for Home Computing
Free – The Security Guide for Home Computing Lite

The Security Guide also includes a 200-word security dictionary. A free Lite version covers security basics for your home computer and can be downloaded from the web site.

Don’t miss visiting:

TCP-IP Datalook Lets Local Users Deny Service

A vulnerability was reported in TCP-IP Datalook. A local user can cause denial of service conditions.  A local user can send a specially crafted request to the listening port to cause the target service to crash.


Impact: A local user can cause the target service to crash.
Solution: No solution was available at the time of this entry.
Cause: Exception handling error
Underlying OS: Windows (Any)

Green Armor Solutions Introduces Identity Cues

This past week, an innovative system, designed by a psychologist in conjunction with an information-security expert, was introduced to help enterprises prevent their users from falling prey to phishing, pharming, and online fraud.  Through the use of simple visual cues, Identity Cues by Green Armor Solutions makes obvious to even non-technical and untrained users whether they are communicating with an organization’s legitimate web-site or with a phony site set up by a criminal — and it provides this benefit without requiring users to install any software, carry any security devices, register for any services, or memorize any extra secrets. Even if users do not make a conscious effort to use the anti-phishing system it can still be quite effective.


For more information — http://www.greenarmor.com