[ISN] Security UPDATE -- Really Simple Syndication Security -- July
6, 2005
InfoSec News
isn at c4i.org
Thu Jul 7 02:45:24 EDT 2005
====================
This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which
you might be interested. Please take a moment to visit these
advertisers' Web sites and show your support for Security UPDATE.
Protecting Your Company by Managing Your Users' Internet Access
http://list.windowsitpro.com/t?ctl=DD4C:4FB69
Testing Your Security Configuration
http://list.windowsitpro.com/t?ctl=DD4B:4FB69
====================
1. In Focus: Really Simple Syndication Security
2. Security News and Features
- Recent Security Vulnerabilities
- Microsoft Released Update Rollup 1 for Windows 2000 SP4
- Bluetooth Security Essentials
- Preventing Data Loss When Using EFS
3. Security Toolkit
- Security Matters Blog
- FAQ
4. New and Improved
- Prevention Is Better than the Cure
====================
==== Sponsor: Protecting Your Company by Managing Your Users' Internet Access ====
Companies pay plenty of attention to hardening their servers and
networks but pay little attention to how uncontrolled Internet access
from within an organization can represent a significant legal and
security risk. For example, users who browse a malicious Web site can
become infected with a Trojan or other malware without their knowledge
as a result of vulnerabilities in Internet Explorer. Internet filtering
technology is a key player in mitigating these threats. This white
paper discusses the various methods available for Internet filtering
and how to use them to increase security and decrease legal exposure.
Download this free white paper now! OR Do You Know If Your Network Is
At Risk Of A Trojan Attack? Discover the various methods available for
controlled Internet access and how to use them to increase security and
decrease legal exposure.
http://list.windowsitpro.com/t?ctl=DD4C:4FB69
====================
==== 1. In Focus: Really Simple Syndication Security ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
As you probably know by now, Really Simple Syndication (RSS) technology
is hotter than a firecracker. The technology is slated to explode into
the world of even more users with the eventual release of the next
version of Windows (code-named Longhorn).
A slight wave of concern about security has started to grow with
Microsoft's announcement that it will build RSS technology into
Longhorn. Because Windows is so widely used and RSS will be built in,
people have pointed out that RSS could become intruders' avenue of
choice for exploiting systems.
RSS can be used to deliver all kinds of content, and by far the most
popular content is HTML-based text. However, RSS can be used to deliver
more than just text. You might be aware that there are ways to include
file attachments in an RSS feed. As a result, we now have exceptionally
great technologies such as podcasting, which is a way of delivering
audio files as RSS-item attachments. Likewise, RSS can be used to
deliver video, software updates, documents, spreadsheets, and all sorts
of other files. The possibilities are nearly unlimited. And therein
resides the concern.
RSS is a delivery vehicle for content. Some type of helper application
is required to read, view, listen to, or otherwise handle that content.
For example, if you have RSS deliver an MP3 audio file, then at some
point, you'll launch your MP3 player to listen to that file. The same
goes for HTML, video, documents, and so on. If any of the applications
used to handle RSS-related data have security vulnerabilities, of
course intruders will eventually find a way to deliver an exploit.
Because RSS is so widely used and RSS feeds are typically updated in a
somewhat automated fashion, the potential is high that someone could
exploit a large number of systems very quickly. For example, a problem
in your Web browser or media player software could be exploited by
delivering specially crafted content.
Combined attacks could be used too. For example, you might subscribe to
an RSS feed at a major news site. An intruder might find a way to tweak
your HOSTS file and DNS cache so that, unknown to you, your RSS
aggregator or RSS reader goes to some other site instead. The RSS
aggregator or RSS reader would then pull content from that illegitimate
site and possibly launch an exploit on your system. All the while,
you're none the wiser, thinking you've simply pulled the latest news
articles, which of course would be designed to look exactly like the
real thing.
The bottom line is that RSS isn't much of a security risk and poses
few, if any, problems in and of itself. The real risks, so far as I can
see, are that RSS feeds often interface with other problematic
software, such as browsers, assorted media-playing software, and word
processing software. To protect users, those applications need to be
developed to be as secure as possible. If that isn't accomplished,
computer users will be less likely to use the great RSS technology we
now enjoy.
====================
==== Sponsor: Testing Your Security Configuration ====
Over a decade ago the Department of Defense (DoD) released a
statement saying, "Hack your network, or the hackers will do it for
you. Up until that point, the value of vulnerability scanning and
penetration testing was questionable. Today, vulnerability-scanning
hackers, Internet-traveling worms, and roving bots are common. The
DoD's advice given 10 years ago still holds true: You should conduct
regular vulnerability and penetration testing audits to validate your
security policy. This free white paper will discuss how to identify and
fix vulnerabilities, discover and use vulnerability assessment tools,
evaluate your security investment and more. Download your free copy
now!
http://list.windowsitpro.com/t?ctl=DD4B:4FB69
====================
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=DD52:4FB69
Microsoft Released Update Rollup 1 for Windows 2000 SP4
Microsoft released Update Rollup 1 for Windows 2000 SP4, which
contains all updates and patches issued as of April 30, 2005. A
spokesperson for Microsoft said that there will be no Service Pack 5
for Windows 2000 and that Update Rollup 1 won't be a requirement in
order to receive support during Windows 2000's extended support phase.
The company believes that "the Update Rollup will meet customer needs
more appropriately than a new service pack."
http://list.windowsitpro.com/t?ctl=DD5A:4FB69
Bluetooth Security Essentials
Microsoft introduced comprehensive Bluetooth support for desktops
and laptops in Windows XP Service Pack 2 (SP2), and for smart phones
and Pocket PCs in Windows CE. As with its better-known cousin Wi-Fi,
security questions have arisen about Bluetooth. John Howie takes a look
at the fundamentals of Bluetooth, including its security features and
potential risks and walks you through the process of securing your
Bluetooth implementation.
http://list.windowsitpro.com/t?ctl=DD56:4FB69
Preventing Data Loss When Using EFS
Many people use the Encrypting File System (EFS) to protect their
confidential files but later lose that information when they upgrade
their computer or lose the computer and try to restore from backups.
Randy Franklin Smith explains how to avoid losing data when using EFS.
http://list.windowsitpro.com/t?ctl=DD58:4FB69
====================
==== Resources and Events ====
Recover Your Active Directory
Get answers to all your Active Directory recovery questions here!
Join industry guru Darren Mar-Elia in this free Web seminar and
discover how to use native recovery tools and methods, how to implement
a lag site to delay replication, limitations to native recovery
approaches, and more. Learn how you can develop an effective AD backup
strategy. Register today!
http://list.windowsitpro.com/t?ctl=DD4E:4FB69
Are Your Prepared to Answer Your CEO for Money Lost When Your Systems
Are Down?
In this free Web seminar, you'll get the tools you need to ensure
your systems aren't going down. You'll discover the various categories
of high-availability and disaster-recovery solutions available and the
pros and cons of each. You'll learn what solutions help you take
preemptive, corrective action without resorting to a full system
failover, or in extreme cases, that perform a nondisruptive, automatic
switchover to a secondary server. Register Now!
http://list.windowsitpro.com/t?ctl=DD4F:4FB69
SQL Server 2005 Features for Developers
SQL Server 2005 offers great features for every role: DBAs, Business
Intelligence (BI) analysts, and developers. In this free Web seminar,
you'll discover the numerous features and productivity enhancements
over SQL Server 2000, including Common Table Expressions (CTEs), DDL
triggers, XML data type, using T-SQL commands, and more.
http://list.windowsitpro.com/t?ctl=DD50:4FB69
Back By Popular Demand--SQL Server 2005 Roadshow in a City Near You
Get the facts about migrating to SQL Server 2005. SQL Server experts
will present real-world information about administration, development,
and business intelligence to help you implement a best-practices
migration to SQL Server 2005 and improve your database computing
environment. Attend and receive a 1-year membership to PASS and 1-year
subscription to SQL Server Magazine. Register now!
http://list.windowsitpro.com/t?ctl=DD51:4FB69
You Could Win An iPod Mini!
Your expert opinion makes a difference--tell us what you think about
industry conferences and events. Your feedback is very valuable to us.
Take this short survey today!
http://list.windowsitpro.com/t?ctl=DD53:4FB69
====================
==== Featured White Paper ====
Is Your Network at Risk of a Trojan Attack?
Uncontrolled Internet access from within an organization can
represent a significant legal and security risk. Internet filtering
technology is a key player in mitigating these threats. In this white
paper, learn the various methods available for Internet filtering and
how to use them to increase security and decrease legal exposure.
Download this free white paper now!
http://list.windowsitpro.com/t?ctl=DD4D:4FB69
====================
==== Hot Release ====
FREE Download - The Next Generation of End-point Security is Available
Today.
NEW NetOp Desktop Firewall's fast 100% driver-centric design offers
a tiny footprint that protects machines from all types of malware even
before Windows loads and without slowing them down. NetOp provides
process & application control, real-time centralized management,
automatic network detection & profiles and more. Try it FREE.
http://list.windowsitpro.com/t?ctl=DD4A:4FB69
====================
==== 3. Security Toolkit ====
Security Matters Blog: Any Problems with Win2K Update Rollup 1?
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=DD5E:4FB69
I've heard a couple of reports of problems regarding the new Update
Rollup 1 package for Windows 2000 Service Pack 4 (SP4). Have you
experienced any problems?
http://list.windowsitpro.com/t?ctl=DD57:4FB69
FAQ
by John Savill, http://list.windowsitpro.com/t?ctl=DD5C:4FB69
Q: How can I use a script to determine password-expiration dates for
users in a domain or an organizational unit (OU) and send an email
message to accounts whose passwords expire soon?
Find the answer at
http://list.windowsitpro.com/t?ctl=DD59:4FB69
====================
==== Announcements ====
(from Windows IT Pro and its partners)
Check Out the New Windows IT Security Newsletter!
Security Administrator is now Windows IT Security. We've expanded
our content to include even more fundamentals on building and
maintaining a secure enterprise. Each issue also features product
coverage of the best security tools available and expert advice on the
best way to implement various security components. Plus, paid
subscribers get online access to our entire security article database
(over 1900 security articles)! Order now:
http://list.windowsitpro.com/t?ctl=DD55:4FB69
Exclusive Content for VIP Subscribers!
Get inside access to all of the content and vast resources from
Windows IT Pro, SQL Server Magazine, Exchange & Outlook Administrator,
Windows Scripting Solutions, and Windows IT Security, with over 26,000
articles at your fingertips. Your VIP subscription also includes a 1-
year print subscription to Windows IT Pro and a VIP CD (includes entire
article database). Sign up now:
http://list.windowsitpro.com/t?ctl=DD5B:4FB69
====================
==== 4. New and Improved ====
by Dustin Ewing, products at windowsitpro.com
Prevention Is Better than the Cure
Symantec has released Symantec Critical System Protection 4.5, an
intrusion-prevention solution for desktops and servers running Windows,
UNIX, and Linux OSs. Symantec Critical System Protection enforces
behavior-based security policies that defend and proactively protect
applications on client and server platforms. The software is designed
to protect against day-zero attacks and maintain system compliance.
Buffer overflow and memory-based attack protection provide an added
defense against sophisticated attacks. The product includes a
high-performance firewall that monitors inbound and outbound network
traffic connections and can block by port, protocol, and IP address
range. For pricing and more information, see the company's Web site.
http://list.windowsitpro.com/t?ctl=DD60:4FB69
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you.
whatshot at windowsitpro.com.
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and
solutions in the Windows IT Security print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rwinitsec at windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
====================
==== Sponsored Link ====
Argent versus MOM 2005
Experts Pick the Best Windows Monitoring Solution
http://list.windowsitpro.com/t?ctl=DD49:4FB69
====================
==== Contact Us ====
About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=DD5F:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com
====================
This email newsletter is brought to you by Windows IT Security,
the leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for
internal users. Subscribe today.
http://list.windowsitpro.com/t?ctl=DD54:4FB69
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All rights reserved.
More information about the ISN
mailing list