Security UPDATE--Strengthen Browser Security with Third-Party Solutions--October 6, 2004

===============

To make sure that your copy of Security UPDATE isn't mistakenly blocked by antispam software, add [email protected] to your list of allowed senders and contacts.

==========

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.

Download *Free eBook* on Active Directory Security

http://www.scriptlogic.com/wnm-oct6

Get thawte's New Step-by-Step SSL Guide for MSIIS

http://www.winnetmag.com/whitepapers/thawte/ssl/index.cfm?code=1004Sec_2

==========

1. In Focus: Strengthen Browser Security with Third-Party Solutions

2. Security News and Features

- Recent Security Vulnerabilities

- JPEG GDI+ Trojan Unleashed

- More JPEG GDI+ Exploits

- Welcome to the "You've Been Hacked" Blog

3. Security Matters Blog

- Trojans with a Twist

4. Instant Poll

5. Security Toolkit

- FAQ

- Security Forum Featured Thread

6. New and Improved

- Spam Solution Adds User Quarantine Features

==========

==== Sponsor: ScriptLogic ====

Download the FREE eBook on Active Directory Security today and gain valuable guidance and real-world examples for creating the most secure Active Directory solutions. Published by ScriptLogic Corporation, all 4 chapters are now available individually or as one complete PDF. Download "The Administrator Shortcut Guide to Active Directory Security" today.

http://www.scriptlogic.com/wnm-oct6

==========

==== 1. In Focus: Strengthen Browser Security with Third-Party Solutions ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you subscribe to our WinInfo email newsletter, then you've probably read stories by Paul Thurrott that discuss how Microsoft will handle improvements to Internet Explorer (IE) in the future. If you don't subscribe to the newsletter and want to, then visit the home page below, where you'll find a link to the subscription form.

http://www.winnetmag.com/windowspaulthurrott

As you know, it's been quite some time since Microsoft released a new version of the browser. Meanwhile, other browsers, such as Opera Software's Opera and Mozilla Firefox, have added considerable new features and functionality. But Microsoft has decided that it will introduce future IE improvements via service packs--it won't offer newer versions of the Web browser as standalone software because the company considers IE an integral part of the OS.

The recent Windows XP Service Pack 2 (SP2) offers improvements to the underlying security of the OS and various components, including IE. Microsoft isn't planning to offer similar improvements to Windows 2000 and earlier OSs.

Many of you can't upgrade to XP yet for a variety of reasons, but in the meantime, you still want to improve overall system security. You can gain some of XP SP2's improvements by using third-party products. In at least one case--Windows Firewall--third-party products are typically superior. Because Windows Firewall allows all outbound connections without any means to control them, it's probably a wise idea to use a third-party firewall on systems on which you require precise control over network traffic.

To improve the IE security on Windows 2000 and previous OSs, three options immediately come to mind, although there are probably others. One option lets you keep using IE as your primary browser; the other two options recommend that you use another browser as your primary browser and use IE only when you have to for whatever reason. I describe the options below in no particular order.

One option is to add PivX's Qwik-Fix Pro to your systems to help you modify IE zones to lock down the browser and prevent malware from exploiting the system. Another option is to purchase a browser such as Winferno Software's Secure IE 2004, which is an IE replacement that offers better security than IE versions prior to XP SP2's. The third option is to use a free third-party browser such as Mozilla Firefox or Opera Software's Opera, both of which offer functionality similar to that found in IE under XP SP2.

http://www.pivx.com/qwikfix.asp

http://www.secureie.com

http://www.opera.com

http://www.mozilla.org/products/firefox

Qwik-Fix Pro and Secure IE 2004 cost money, which of course is reasonable to expect. Opera is available for free if you're willing to view banner advertising while you use it; if you buy it, you can use it ad-free. Firefox is open source and as such is available for free and without banner advertising.

==========

==== Sponsor: thawte ====

In need of a SSL Certificate for your Microsoft Internet Information Services (MS IIS) web server? This guide will provide a solution for your need by demonstrating how to test, purchase, install and use a digital certificate on your MSIIS web server. Best practices are highlighted throughout this guide to help you ensure efficient ongoing management of your encryption keys and digital certificates. You will also discover how a particular digital certificate can benefit your business by addressing unique online security issues to build customer confidence.

http://www.winnetmag.com/whitepapers/thawte/ssl/index.cfm?code=1004Sec_2

==========

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

JPEG GDI+ Trojan Unleashed

It was only a matter of time before someone unleashed malware that exploits the JPEG GDI+ vulnerability. Over the last two weeks, various people have released proof-of-concept code. Now someone has unleashed a JPEG file that causes a buffer overrun and runs shell code on the affected system.

http://www.windowsitpro.com/article/articleid/44039/44039.html

More JPEG GDI+ Exploits

As could probably be expected, intruders have begun using AOL Instant Messenger (AIM) and other methods to exploit unsuspecting users who have the JPEG GDI+ vulnerability. At least two new Trojan Horse programs have been unleashed.

http://www.windowsitpro.com/article/articleid/44075/44075.html

Welcome to the "You've Been Hacked" Blog

We've added a second security blog, "You've Been Hacked," hosted by Brett Hill. Over the next few months, Hill will host a frank discussion of security issues related to Microsoft OSs, services, and products. As the blog title suggests, the blog will focus on what to do if you think you've been hacked. We want to hear from you about your experiences, questions, and concerns.

http://www.windowsitpro.com/article/articleid/44038/44038.html

==========

==== Announcements ====

(from Windows IT Pro and its partners)

Want the "69 Top SQL Server Tips?"

Order SQL Server Magazine today and get 30% off the cover price and receive free, subscriber-only access to the entire SQL Server article archive--filled with thousands of exclusive articles, insider notes, and savvy instructions. Bonus--subscribe now and get the "69 Top SQL Server Tips" guide free! This is a limited-time offer, so order now.

https://secure.pentontech.com/nt/sql/index.cfm?promocode=tgep214Ayt

Get the Charter Issue of Windows IT Pro!

Windows & .NET Magazine is now Windows IT Pro! Act now to get our special charter issue rate of just $39.95--that's 52% off the cover price! The September issue shows you how to plug DNS holes and select the best scripting editor, plus learn more about the business side of IT. And discover the top 10 PC trends we think you need to keep an eye on. This is a limited-time offer, so order today!

http://www.winnetmag.com/rd.cfm?code=thep204jul

==========

==== 3. Security Matters Blog ====

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Check out this recent entry in the Security Matters blog:

Trojans with a Twist

Trojan horse programs are a bad enough problem because they can allow remote access to a user's computer. One would think that having a firewall in place would prevent a Trojan from opening back doors in case of infection. But Windows Firewall won't prevent the Win32.Surila.K Trojan from opening a back door on your system.

==== 4. Instant Poll ====

Results of Previous Poll:

Have you experienced difficulty determining which of your systems need the latest Microsoft security patches (MS04-027 and MS04-028)?

The voting has closed in this Windows IT Pro Security Hot Topic nonscientific Instant Poll. Here are the results from the 20 votes.

- 65% Yes

- 20% No

- 15% I'm not sure

(Deviations from 100 percent are due to rounding.)

New Instant Poll:

Have you been affected by a recent JPEG GDI+ exploit?

Go to the Security Hot Topic and submit your vote for

- Yes

- No, we've patched our systems

- No, we've patched our systems and removed vulnerable JPEG images

- No

- I'm not certain

http://www.windowsitpro.com/windowssecurity#poll

==== 5. Security Toolkit ====

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: Has Microsoft updated any of the Windows Support Tools in Windows XP Service Pack 2 (SP2)?

Find the answer at http://www.windowsitpro.com/article/articleid/43965/43965.html

Security Forum Featured Thread: Disabling .vbs Files in an OU

A forum participant is looking for a way to use a policy to disable the use of some .vbs files in an Active Directory (AD) organizational unit (OU) while allowing the use of some .vbs files that he approves of. His understanding is that he can implement only an "all or nothing" policy and wonders whether anyone knows a way around this limitation. Join the discussion at

http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=126103

==========

==== Events Central ====

(A complete Web and live events directory brought to you by Windows IT Pro at http://www.windowsitpro.com/events )

Get Your Fax Servers Up and Running Smarter, Faster, and More Cost-Effectively

In this free Web seminar, you'll learn the latest trends and developments in the fax market, as well as learn best practices for seamless integration with Microsoft Exchange Server and Outlook with real-time fax technologies. Find out integration faxing architecture and multifunction device tactics, deployment techniques, and more. Register today!

http://www.windowsitpro.com/seminars/outlookfax/index.cfm?code=1004emailannc

==========

==== 6. New and Improved ====

by Renee Munshi, [email protected]

Spam Solution Adds User Quarantine Features

Trend Micro announced new End User Quarantine (EUQ) features for Trend Micro Spam Prevention Solution (SPS) to reduce Help-desk burdens, to help corporate users manage their own "approved senders" lists, and to improve accuracy and effectiveness. EUQ, a free add-on, quarantines suspicious "graymail" messages (i.e., messages not clearly identifiable as spam) into Microsoft Exchange Server folders for each user. Thus, SPS users have instant access to potentially important messages and can individually approve any problematic senders. EUQ improves SPS's reporting and management capabilities and decreases the number of false positives while increasing the spam detection rate.

http://www.trendmicro.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==========

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

===============

This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

http://www.windowsitpro.com/sub.cfm?code=wswi201x1z

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish