Bugs & Fixes: Drive-by downloads

They could lurk in booby-trapped banner ads on a site you regularly visit, or in a poisoned HTML e-mail. And because of new holes, such drive-by downloads can bust your Internet Explorer 6 or Outlook client and fill your PC with malicious software.

This latest risk for IE 6 on Windows XP (SP1 and SP2), 2000, and Server 2003, plus Outlook 2003, is much like the huge WMF vulnerability Microsoft fixed in January 2006. In this case, the hole involves a rarely used, Microsoft-only Web graphics format called Vector Markup Language. It's like a little-used window you forgot to lock. Worse, you'd only have to read or preview an e-mail or visit a poisoned site in IE to be infected, no click required.

If you have Automatic Updates turned on, you should already have the patch. Otherwise, you can get it at www.microsoft.com/technet/security/bulletin/ms06-055.mspx, along with additional information. But you're not safe yet. IE 6 has another graphics bug, this time in the way it handles movie or game files that employ DirectAnimation.

Exploit code for the hole is already on the Web. Like the VML problem, this one also facilitates drive-by downloads, and the same versions of Windows are affected. Microsoft is likely to have distributed a patch by the time you read this; you can also retrieve it at www.microsoft.com/technet/security/advisory/925444.mspx. Note that Firefox, Opera, and even IE 7 are unaffected by these holes. If you've been waiting for a good reason to drop IE 6, this might be it.

Media woes

As if that weren't enough, Adobe patched critical holes in its Macromedia Flash Player as well. Version 8.0.24 and earlier could open you up to yet another drive-by download if you simply view a doctored Flash movie. Microsoft distributed vulnerable versions with Windows XP SP1 and SP2, and with XP Pro 64-bit.

For the fix, upgrade to version 9.0.16.0, available from www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash or via Flash's auto-update feature. See the details at www.microsoft.com/technet/security/advisory/925143.mspx. And just to show that media across the board is unsafe this month, Apple patched six critical holes in all QuickTime versions prior to 7.1.3E running on Windows 2000 and XP. The popular media player has playback flaws with several file formats, including H.264 and native QuickTime movies. Grab the upgrade and more information from http://docs.info.apple.com/article.html?artnum=304357.

More vendors recall notebook batteries

Toshiba, Lenovo and Fujitsu have hopped on the recall bandwagon for hundreds of thousands of notebook batteries that use defective Sony-made battery cells. Some of the defective batteries pose a fire hazard; others just stop working; while some recalls are 'just-in-case'. To see whether your notebook is affected, head to www. isd.toshiba.com.au if you have a Satellite, Portege, Qosmio or Tecra series Toshiba, and to www.lenovo.com/au if you have an R, T or X series ThinkPad. For Fujitsu's LifeBook models, check www.fujitsu.com/global/news/pr/n20060929-01.html. And be ready for more: Sony says it will announce additional recalls for other notebook batteries that use the defective cells.

---

In Brief

SEGWAYS STUMBLE
Watch out for Segways: the company is recalling all 23,500 of the vehicles for suddenly careening over forward when their wheels reverse direction, with no warning, because of a software bug. Get more details at www.segwaysoutherncross.com.
MOZILLA FIXES
Mozilla patched four critical flaws in the Firefox browser; two also affect the Thunderbird e-mail program. At press time, there were no reports of attacks exploiting these holes. Get the fix by updating both apps to version 1.5.0.7 via their update feature, or at www.mozilla.org/projects/security/known-vulnerabilities.html.
POWERPOINT PAIN
Another zero-day security hole hit PowerPoint 2000, 2002 and 2003. Go to www.microsoft.com/technet/security/advisory/925984.mspx for a patch, and, as always, exercise caution with unexpected e-mail attachments.

---