PREVIOUS GNEWS This is Gary Gnu and the

PREVIOUS GNEWS "This is Gary Gnu. . . and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever. "

• 13 Patches originally expected – 7 Security • 2 fixes for Windows, 2 fix for Office, 1 Exchange, 1 CAPICOM and Biz. Talk – 6 Non-Security related updates, Malicious Tool Update • 7 Security Patches, 19 bugs addressed – – – – MS 07 -023 - Microsoft Excel Could Allow Remote Code Execution *MS 07 -024 - Microsoft Word Could Allow Remote Code Execution MS 07 -025 - Microsoft Office Could Allow Remote Code Execution MS 07 -026 - Microsoft Exchange Could Allow Remote Code Execution MS 07 -027 - Cumulative Security Update for Internet Explorer MS 07 -028 - CAPICOM Could Allow Remote Code Execution *MS 07 -029 - Windows DNS RPC Interface Could Allow Remote Code Execution * Patches 0 -day vuln

Holes • Apple Patch release for April fixes 25 bugs – Includes 3 0 -days from January ‘Month of. . . ’ – Other fixes include AFP Client, Air. Port, diskdev_cmds, fetchmail, ftpd, Help Viewer, Kerberos, Libinfo, Login Window, network_cmds, SMB, Systems Configuration, URLMount, Video Conference, Web. DAV, and Web. Foundation • Oracle Patch release for April fixes 42 bugs – Various Components in 9 i, 10 g, 11 j, and 12 – 6 Remote exploits without Authentication • Adobe Photo. Shop CS, – Remote execute with malformed. bmp, . dib, . rle • Adobe Photo. Shop CS and Elements – Remote execute with malformed. png

DATA LOSS • 30+ reported cases – 9 Universities, Bank of America, Neiman Marcus, CVS, DHS • Web exposes 250, 000 names and addresses of customers that purchased or requested free samples of Astroglide.

Holes 2 • Mad. Wi. Fi, remote overflow – Touted as first remote linux wifi hole • Roxio, Sonic. DVDDash. VRNav. dll Buffer Overflow • Apache HTTPD su. EXEC, local exploit – 2 race conditions, 1 input validation • Zone. Alarm SRESCAN driver, local privilege escalation • Winamp. mp 4 file handling, code execution • Secustick, data protection bypassed • Wizz RSS Reader (Mozilla add-on), code execution

Corp. Hell • Apple Mac OS X Leopard delayed until October • Windows XP Service Pack 3 scheduled for first half of 2008 • Intel opens Front Side Bus (FSB) • Google buys Double. Click • Websense buys Surf. Control • Joanna Rutkowska launches ‘Invisible Things Lab’

Holes 3 • Month of My. Space bugs wrap up – 19 bugs announced, most fixed within a day • May is Month of Activex Bugs • • MS DNS RPC, bug patched on Patch Tuesday MS URL parsing, agentdpv. dll – code execution MS bios hack bypasses Vista Activation MS Trojan. Kard. Phisher, impersonates piracy control warning • New worm hitting Skype • Some Toshiba Laptops blue screen with Quick. Time on Vista

Papers • Statisitcal analysis and residual plots, NCSU – New method for Crypto / Stego? ? ? • Notes on Vista Forensics, securityfocus. com • NIST Guidance for Securing RFID Systems • Security. Focus interview with Nitin and Vipin Kumar, vboot rootkit

• AACS Flaws fixed • Xbox 360 skip Auth check Film • MPAA uses DMCA to protect number • Digg censors and gets pummeled

WTF!? • Dallas Cops and Fire - run red light and pay $75 • Improved Sony DRM prevents some DVD Players from reading – Sony tells customers to get manufacturer upgrade / later backs down • Vinyl album sales are up 10% – lack of DRM and USB turntables sighted as possible cause • Adobe to release Flash player with ‘forced’ ads • Former nuclear plant employee downloads training files while in Iran • • Goatse. cx is for sale / was sold (bids reported as high as 50 K) Verio drops cryptome. org, claims violation of ‘Acceptable Use’ • Homeless man takes down internet 2 between NYC and Boston • AOL passwords only recognize first 8 characters

Updates • • • Open. Office Password Recovery AVG Anti-Root. Kit Clam av 0. 90. 2 Thunderbird 2. 0. 0 Bind 9. 4. 1 Open. BSD 4. 1 Linux Kernal 2. 6. 21 Cent OS 5 PHP 5. 2. 2 and PHP 4. 4. 7 Released – Fixes 7 month of bugs MOPB-03 -2007 , 14, 20, 21, 26, 33 and 34 • Pidgin 2. 0 (formerly Gaim) • MS Longhorn Beta 3

Updates • • • Tor 0. 1. 2. 13 Aircrack NG 0. 8, fixes recent code execution overflow Bluediving 0. 7 Scapy 1. 1. 1 Nipper 0. 9. 1 Streams 1. 56 Strings 2. 40 LUA Buglight 1. 0. 10 MS Media Player Firefox Plugin • Long Block Data Sector Standard Approved • RFID Guardian

Legal • • The Liberal Party of Norway supports P 2 P file sharing EU approve new directive which toughens piracy laws • Canada to introduce a DMCA style legislation • Montana rejects Real ID / Comments Deadline May 8 th • • NC State advises students to stay anonymous / fighting RIAA University of Wisconsin-Madison order to turn over student names • • Australia to ban “terror” films US extradites ‘Drink or Die’ member (copyright infringement) • DVD Ripping Ruled Legal by California court

CON Results • Determina, ‘Heap Feng Shui in Java. Script’ • Juniper, Arm and Xscale null pointer flaws • Metasploit, ‘Live Free or Hack Hard: Metasploit 2007’ • Metasploit, ‘Lightning talk: ANI Vulnerability’ • MAC pwn to own – Quicktime at the heart of the Apple Mac Book flaw • MS, Mark Russinovich tells the world UAC will not stop malware – Splits hairs and semantics about “security barriers” • More fun w/ car navigation, Radio Data System (RDS) use FM band

CON Events • Completed Cons – – Can. Sec. West, 18 – 20 April 2007 – Vancouver Infosec Europe, 24 – 26 April 2007 - London NOTACON, 27 – 29 April 2007 - Chapel Hill NC Layerone, 5 – 6 May 2007 - Pasadena CA • Future Cons – – – Dallas. Con, 11 – 12 May 2007 – Dallas , TX REcon Party, 13 - 16 June 2007 - Montreal Black. Hat, 28 July thru 2 Aug 2007 – Las Vegas, NV Def. Con, 3 – 5 August 2007 – Las Vegas, NV Chaos Communications Camp, 8 - 12 August - Berlin Hack In The Box, 3 – 6 Sept. – Kuala Lumpur

All images scavenged without permission