Symantec has released a free public beta of Norton AntiBot, which uses behaviour analysis to detect malware. The software is based on existing technology from Sana Security, with a few minor additions from Symantec’s SONAR behavioural scanning technology that is now included in Norton products.
Web servers running Microsoft’s IIS software are twice as likely to host malware as other site servers, it was claimed this week. Nagendra Modadugu, of Google’s newly-formed Anti-Malware Team, based his claims on an analysis of 70,000 domains that were either distributing malware or hosting attack code.
PHP version 5.2.3 released at the beginning of the month purported to eliminate a security vulnerability in the chunk_split() function that splits strings into user-defined substrings. However, according to the PHP security specialist and co-initiator of the Month of PHP Bugs Stefan Esser, this is actually not the case. According to Esser, the original fix was not only malfunctional, but more or less even nonsense, since it only pushed the fundamental problem, an integer overflow, into another line in the source code. An additional fix has been now developed which is supposed to finally eliminate the bug – thus far, however, it has been reported officially only in CVS from PHP.
Out of the top five search engines, Yahoo returns the riskiest sites for users, according to security vendor McAfee. In research published on Monday by McAfee SiteAdvisor, 5.4 percent of Yahoo searches returned links to “risky” internet sites. AOL was found to be the safest of the top five, with 2.9 percent of sites. According to McAfee SiteAdvisor, Yahoo returned the most results rated “red” or “yellow”. “Red” rated sites failed McAfee SiteAdvisor’s safety tests. “Examples are sites that distribute adware, send a high volume of spam, or make unauthorised changes to a user’s computer,” said the report. Examples of “Yellow” rated sites are those which send a high volume of “non-spammy” email, display many pop-up ads, or prompt a user to change browser settings.
MICROSOFT IS showing all comers how to hack into its Internet Information Server and is not giving any hints how to work around the problem. The Vole says an exploit, which was discovered on December 15, 2006, and made public at the end of May, is actually a feature. Apparently versions 5.x allow bypass of basic authentication by using the “hit highlight” feature. The hit-highlighting feature can be used by an unauthorised user to nick documents.
Security researchers have warned of new vulnerabilities in Mozilla’s Firefox and Microsoft’s Internet Explorer. In a posting to the Full Disclosure mailing list, security researcher Michal Zalewski outlined two vulnerabilities in each of the popular browsers. The vulnerabilities could allow attackers to overwrite the URL bar, or steal user data and remotely download and execute code.