February 2006
Welcome to February's edition of Internet Security News, the monthly risks bulletin detailing the latest Internet software and system vulnerabilities from NTA Monitor, a leading IT security testing company. It provides a convenient way to keep up to date with the fast changing world of IT security; this month's edition includes a total of 9 risk issues: 5 Medium, 2 Low and 2 Informational .
New virus set to wipe out multiple files on 3rd February
(Medium risk) Nyxem-E has infected over 700,000 systems as measured using a counter web site used by the worm to track itself 1st February 2006 Read MoreAOL's online photo album service reveals vulnerabilities
(Medium risk) You've Got Pictures can be exploited to cause a buffer overflow 30th February 2006 Read MoreISPs told to help to eradicate Sober worm
(Informational) Some say that infected PCs should be cut off from the Internet by their service providers, as they are in the best position to identify infected users 30th February 2006 Read MoreMobile phone Trojans start to circulate
(Low risk) Bootton.E, Pbstealer.D and Sendtool.A were first spotted in mid January and currently appear to have a low infection rate 30th February 2006 Read MorePDFdirectory vulnerability permits SQL injection attacks
(Medium risk) Those using and updating a printable PDF directory could find themselves suffering SQL injection attacks 30th February 2006 Read MoreSpammer is fined $11 billion
(Informational) The US government is taking spamming seriously as one spammer is fined $11 billion and banned from using the Internet for 3 years 30th February 2006 Read MoreMozilla Thunderbird attachment vulnerability
(Medium risk) .exe and .lnk file attachments can be spoofed in Mozilla Thunderbird if the email attachment is not displayed correctly 30th February 2006 Read MoreCross site scripting attack possible in Trac's wiki processor
(Medium risk) Trac discovers a cross site scripting vulnerability in its wiki processor when viewed using Internet Explorer or Opera 30th February 2006 Read MoreWindows XP and 2000 permits automatic WiFi connections searching
(Low risk) Automatic 'hotspot' searching on wireless PCs could permit attackers to connect to a peer-to-peer network 30th February 2006 Read MoreAbout NTA Monitor
This bulletin is produced as a by-product of ongoing research carried out to develop NTA Monitor's Internet security testing service, Regular Monitor. NTA are a full-service Internet security testing company with a comprehensive range of testing services including:
- VPN Testing
- Onsite Auditing
- Web Application Test
- War Dialling
- Wireless Infrastructure Testing
- RM Vulnerability Testing
For more information on the above services please see our services page.