Last week Apple fixed an I-Tunes vulnerability involving the loading of "safe" file types from remote network locations. A company called Acros Security says this vulnerability works when a remote attacker plants a malicious DLL with a specific name on a network share and get the user to open a media file from this network eg using I-Tunes, requiring minimal effort by the attacker.

Microsoft Windows and about 40 applications that run on it are vulnerable to this form of attack and M$ are 'investigating'. As always, Facebook/Twitter etc users beware?

BOAC,

Much as your vulnerability warning efforts are admirable, I would think you're putting yourself in a risky situation where people might start relying on you to issue the advisories ?

Given the number of combinations of different software and different vulnerabilities you're going to have to start doing a lot more posting than you are at the moment to keep up with them all.

Personally I would think the mods would do better to put a sticky at the top of the C&I forum giving links to well known sites that activley maintain lists of current security vulnerabilities (or "security advisories" as the software developers prefer to call them) .... as well as a set of FAQs which seem to come up time and time again here on C&I.

A good idea and you should PM the mod?

people might start relying on you to issue the advisories - would hope not, but that they would perhaps Google 'Acros' and see what it is all about? There are plenty of links.

Better forewarned than forlorn?

A good idea and you should PM the mod?

Maybe.... but then I do know mod Saab is regularly sighted in this dark and dingy corner of PPRuNe. :ok:

Better forewarned than forlorn?

Don't misunderstand my point, I was being genuine when I said your efforts were admirable....only wanted to put forward my 2 <currency> worth of thoughts......

BOAC:

Many of these "vulnerabilities" are, IMHO, over-exaggerated in that the majority of users would never suffer from these security lapses. As long as one is careful/cautious/paranoid about what one does on the Interweb then the chances of suffering from one of these security issues is somewhat mitigated.

RG - agreed, but how many Faceb o o k/Twitter/I-Tunes/whatever users fit that spec?:)

Correct BOAC. I've seen people do some very troubling things on sites like Facebook or Twitter. (Both of which I will never have an account on. NEVER.)

iTunes, on the other hand, is virtually problem-free.

I'll write this very small, but it now looks as if at least 200 Windows applications are affected. There is a temporary fix if anyone is interested.

Microsoft information on 'the issue' and fixes

Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution (http://www.microsoft.com/technet/security/advisory/2269637.mspx)

Microsoft Security Advisory 2269637 Released - The Microsoft Security Response Center (MSRC) - Site Home - TechNet Blogs (http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx)

and the 'fix'

A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm (http://support.microsoft.com/kb/2264107)

Over to the gurus now to decide if this is REALLY a problem or should we ignore it.

First 3 apps named:

uTorrent BitTorrent client
PowerPoint
Firefox