(IDG News Service) — Microsoft Corp. fell victim to a software
vulnerability in one of its own products on Saturday, when the W32.Slammer
worm infested host machines on the Redmond, Washington company's network,
flooding that network with traffic.
The company's travails with Slammer late Friday night and Saturday morning
were first revealed through internal e-mail messages obtained by news
agencies and reported on Monday.
A Microsoft spokesman confirmed that the Slammer worm penetrated the
company's network defenses and infected a number of SQL Server databases and
desktop machines.
"There were circumstances where we were not patched," said Rick Miller, a
spokesman for Microsoft.
The vulnerable machines were mostly in the company's Redmond campus and
concentrate... (more)
(IDG News Service) — For the second time in as many months, the Apache
Software Foundation released an updated version of the popular open source
Web server software, only to warn users of a critical security hole in
previous versions of the software that the update patches.
The new version of Apache, 2.0.46, was described as "principally a security
and bug fix release" in a bulletin rele... (more)
(IDG News Service) — A security vulnerability in one of the most
commonly used e-mail server software packages could have a wide ranging
impact, akin to the Microsoft Corp. SQL Server vulnerability that spawned the
recent Slammer worm, according to an advisory published Monday by Internet
Security Systems Inc. (ISS).
The buffer overflow vulnerability was found in a number of version... (more)
(IDG News Service) — A software vulnerability in the widely used Snort
open-source intrusion detection system (IDS) software could allow an attacker
to crash the Snort sensor or gain control of the host device on which the
sensor runs.
Snort serves as the basis for commercial IDS products such as those produced
by Sourcefire Inc. and can be used to detect a wide range of network att... (more)
(IDG News Service) — A majority of leading information technology (IT)
security experts said that the security of Microsoft's products is a top
concern, but the company still deserves credit for its efforts to tackle the
security problem, according to a report released by Forrester Research.
The report, "Can Microsoft Be Secure," surveyed 35 IT security professionals
at companies wi... (more)