As many of you may have noticed, there have been many changes to the site; and many more to come.

We are currently undergoing a reorganization of the site. It has been decided to consolidate much of the site. What that means, is we will be closing down both the Blog and the Wiki. Most of the content contained in the Blog and Wiki will be moving to the main site. A permanent redirect via the htaccess for the Blog and Wiki subdomains will be put in place to redirect that traffic to the new address for that content; including redirecting the Blog and Wiki main pages to the MalwareTeks main site.

This will be accomplished slowly and over the next year. It is very time consuming to move content, as it has to be recreated in it's new location before redirecting traffic from the old page to the new page. Two reasons are driving this decision: 1) Maintenance. Currently the site uses 4 different content systems that power all the various parts of MalwareTeks. Dropping the Blog and Wiki content systems and consolidating it under the main site content system will free time. 2) Traffic. Dropping the Blog and Wiki and moving the content to the main site will drive that traffic to the MalwareTeks main site. Which, is where we want people coming to in any case.

Affiliate Software Sales
At the the start of the year, MalwareTeks ceased offering software for sale through affiliate programs. This happened because Digital River who manages the Element5, RegNow, and ShareIt! software affiliate programs; terminated all it's New York based affiliates. This was as a result of the State of New York's very liberal interpretation of "physical presence". The State of New York has determined that an "affiliate" constitutes "physical presence" and therefore Digital River would now be required to collect New York State sale taxes.

I am happy to announce that MalwareTeks is once again able to offer affiliate software sales. The selection of software we are currently able to offer is very limited and should expand over time. You may have noticed some banner ads on the site for various software vendors and their offerings. These lead to "checkout" pages for the various software ads.

Google Ads
Yes, we display Google ads. It takes money to operate this site and the revenue from the Ads help to offset that cost. Be sure to review our Privacy Policy, as it was updated earlier this year to cover Third Party Advertising to include Google Advertising Cookie and Google Privacy Policies.

Thank you for your understanding and patience,
ShadowPuterDude

Comments are turned off for this item

A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to the application misinterpreting an ICQ web message as an ICQ SMS message. This can be exploited to trigger an out-of-memory condition and terminate the application via a specially crafted ICQ web message.

Software Affected:
Pidgin 2.x

Recommendations:
Update to version 2.5.8

Advisories:
Pidgin: http://developer.pidgin.im/ticket/9483
http://developer.pidgin.im/viewmtn/revision/info/9bac0a540156fb1848eedd61c8630737dee752c7
Secunia: SA35652

Comments are turned off for this item

Some vulnerabilities have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), disclose sensitive information, conduct cross-site scripting and cross-site request forgery attacks, or compromise a user's system.

1. Multiple vulnerabilities in CoreGraphics can be exploited by malicious people to compromise a user's system.
   
2. An error in the handling of untrusted Exchange server certificates can lead to the disclosure of credentials or application data due to the certificate being accepted with no prompt and validation.
   
3. A vulnerability in ImageIO can be exploited by malicious people to compromise a user's system.
   
4. A vulnerability in International Components for Unicode can be exploited by malicious people to bypass certain security restrictions.
   
5. Some vulnerabilities in IPSec can be exploited by malicious people to cause a DoS (Denial of Service).
   
6. Some vulnerabilities in libxml2 can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
   
7. An error in Mail can result in a phone call being initiated without user interaction if an application causes an alert during the call approval dialog.
   
8. An input validation error in the handling of MPEG-4 video files can lead to an unexpected device reset.
   
9. Clearing Safari's history via the Settings application can lead to disclosure of the search history.
   
10. An assertion error in the handling of ICMP echo request packets can be exploited to cause a device reset via a specially crafted ICMP echo request.
    
11. Some vulnerabilities in WebKit can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to compromise a user's system.
    
12. An error in the separation of JavaScript contexts can be exploited to overwrite the "document.implementation" of an embedded or parent document served from a different security zone.
    
13. A type conversion error exists in the JavaScript exception handling in WebKit. This can be exploited to corrupt memory when assigning the exception to a variable that is declared as a constant and may allow execution of arbitrary code when a user visits a specially crafted web site.
    
14. An error in the JavaScript garbage collector implementation can potentially be exploited to corrupt memory and execute arbitrary code.
    
15. Multiple unspecified errors in the handling of javascript objects can potentially be exploited to conduct cross-site scripting attacks.
    
16. An error in WebKit can be exploited to alter standard JavaScript prototypes of websites served from a different domain.
    
17. An error in WebKit in the handling of HTMLSelectElement objects can be exploited to cause a device reset.
    
18. An error in WebKit can be exploited to load and capture an image from another website by using a canvas and a redirect.
    
19. An error in WebKit allows frames to be accessed by an HTML document after a page transition, which can be exploited to conduct cross-site scripting attacks.
    
20. An error in the handling of XMLHttpRequest headers in WebKit can be exploited to bypass the same-origin policy.
    
21. A Use-After-Free error exists in WebKit within the handling of the JavaScript DOM, which can potentially be exploited to execute arbitrary code.
    
22. An error in WebKit within the handling of Location and History objects can be exploited to conduct cross-site scripting attacks.

Hardware Affected:
Apple iPhone
Apple iPod touch

Recommendations:
Update to iPhone OS 3.0 or iPhone OS for iPod touch 3.0 (downloadable and installable via iTunes).

Advisories:
Apple: http://support.apple.com/kb/HT3639
JVN: http://jvn.jp/en/jp/JVN87239696/index.html
Secunia: SA35449

Comments are turned off for this item

Firefox 3.0.11 fixes several issues found in Firefox 3.0.10:

• Fixed several security issues.
  
• Fixed several stability issues.
  
• Several issues were reported with the internal database, SQLite, which have now been fixed by upgrading to a newer version.
  
• Fixed an issue where, in some specific cases, the bookmarks database would become corrupt. (bug 464486)
  
• See the Firefox 3.0.10 release notes for changes in previous releases.

See the complete list of bugs fixed.

Comments are turned off for this item

Software/Operating Systems Affected:

• Microsoft Windows
  
• Microsoft Office
  
• Microsoft Internet Explorer

As part of the Microsoft Security Bulletin Summary for June 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Office, and Internet Explorer.

A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.

Solution:
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

Advisories:
Microsoft Security Bulletin Summary for June 2009: http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx
Microsoft Windows Server Update Services: http://technet.microsoft.com/en-us/wsus/default.aspx
US-CERT Vulnerability Notes for Microsoft June 2009 updates: http://www.kb.cert.org/vuls/byid?searchview&query=ms09-jun
Secunia: SA35184, SA35355, SA35362, SA35364, SA35365, SA35366, SA35371, SA35372, SA35373, SA35377,

Comments are turned off for this item

Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or compromise a user's system.

1. An error in the handling of TrueType fonts can be exploited to corrupt memory when a user visits a web site embedding a specially crafted font.
   
   Successful exploitation may allow execution of arbitrary code.
   
2. Some vulnerabilities in FreeType can potentially be exploited to compromise a user's system.
   
3. Some vulnerabilities in libpng can potentially be exploited to compromise a user's system.
   
4. An error in the processing of external entities in XML files can be exploited to read files from the user's system when a users visits a specially crafted web page.
   

Other vulnerabilities have also been reported of which some may also affect Safari version 3.x.

Software:
Safari 3.x
Safari for Windows 3.x

Recommendation:
Upgrade to Safari version 4

Advisories:
Apple: http://support.apple.com/kb/HT3613
Chris Evans: http://scary.beasts.org/security/CESA-2009-006.html
Secunia: SA35379

Comments are turned off for this item

A vulnerability in LogMeIn, has been discovered, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change proxy settings or schedule a restart.

Note: In combination with other problems, this can further be exploited to disclose sensitive information (e.g. local files) and conduct script insertion attacks.

The vulnerability is confirmed in LogMeIn Pro version 4.0.784. Other versions may also be affected.

Software Affected:
LogMeIn 4.x

Recommendations:
Do not browse untrusted websites while being logged in to LogMeIn.

Advisories:
Inferno: http://securethoughts.com/2009/06/multiple-vulnerabilities-in-logmein-web-interface-can-be-used-to-control-your-computer-and-steal-arbitary-files/
Secunia: SA34934

Comment(s): 0

A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in various URI handlers including "itms", "itmss", "daap", "pcast", and "itpc" and can be exploited to cause a stack-based buffer overflow.

Successful exploitation allows execution of arbitrary code.

Software Affected:
iTunes 8.x

Recommendation:
Update to version 8.2

Advisories:
Apple: http://support.apple.com/kb/HT3592
TippingPoint DVLabs: http://dvlabs.tippingpoint.com/advisory/TPTI-09-03
Secunia: SA35314

Comments are turned off for this item

A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when processing calls to the "SystemParametersInfo()" function. This can be exploited to cause a kernel crash by issuing specially crafted SPI_SETDESKWALLPAPER and SPI_GETDESKWALLPAPER calls.

The vulnerability is confirmed in fully patched versions of Windows XP SP3 and Windows Server 2003 R2 Enterprise Edition SP2. Other versions may also be affected.

Operating Systems Affected:
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Recommendation:
Restrict local access to trusted users only.

Advisories:
http://www.ragestorm.net/blogs/?p=78
Secunia: SA35323

Comments are turned off for this item

VMware has released a security advisory to address multiple vulnerabilities in VMware Workstation, Player, ACE, Server, Fusion, ESX, and ESXi. The first of these vulnerabilities is due to a error in the VMware Descheduled Time Accounting driver. Exploitation of this vulnerability may result in denial of service in Windows-based virtual machines. The second vulnerability is due to a known error in the libpng package used by some VMware products. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

Comments are turned off for this item