Daily Report Friday, November 24, 2006
Daily Highlights
In the first nuclear−related evacuation since the Three Mile Island accident of 1979, a Tennessee school district sent all 1,800 pupils home on Tuesday morning, November 21, because operators at a nearby nuclear reactor believed they might have had a leak of radioactive cooling water inside the plant. (See item 2)
·
The Associated Press reports a chemical plant near Boston exploded early Wednesday, November 22, sparking a massive fire and blowing debris for blocks that damaged nearly 90 homes but caused only minor injuries. (See item 5)
·
The Department of Homeland Security and the Department of State have announced the official requirement for citizens of the United States, Canada, Mexico, and Bermuda to present a passport to enter the United States when arriving by air from any part of the Western Hemisphere beginning January 23, 2007. (See item 16)
·
WHO−TV reports nearly 1,000 Iowans have gotten ill in the last several weeks due to norovirus, which has occurred in a wide variety of settings such as social receptions, long−term care facilities, a gaming facility, business functions, restaurants, and schools (See item 27)
Information Technology and Telecommunications Sector
34. November 22, eWeek — Exploit code published for Apple OS X glitch. Researchers have published exploit code that targets an unpatched kernel vulnerability in Apple's OS X desktop software. An independent vulnerability analyst working as part of the "Month of Kernel Bugs" campaign released the details necessary to attack the hole in OS X on Wednesday, November 22, revealing the manner in which hackers could target the glitch, which affects the way Apple's software handles disk image files. The researcher, identified only by the screen name "LMH," issued the exploit via a post on the Kernel Fun Website. "Mac OS X fails to properly handle corrupted image structures, leading to an exploitable denial−of−service condition," LMH wrote in his latest blog. "Although it hasn't been checked further, memory corruption is present under certain conditions." The researcher said that the demonstration exploit offered on the site would be unlikely to allow arbitrary code execution if applied by attackers, however, the analyst indicated that the flaw could be taken advantage of by malware writers by targeting the manner in which Cupertino, CA−based Apple's Safari browser downloads online image files.
Source:
skip to main |
skip to sidebar
Subscription to the full report on a daily basis can be obtained: Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe. To obtain a complete copy of the current report proceed to the DHS link below. To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.
Blog Archive
- ► 2016 (256)
- ► 2015 (254)
- ► 2014 (255)
- ► 2013 (244)
- ► 2012 (260)
- ► 2011 (250)
- ► 2010 (248)
- ► 2009 (254)
- ► 2008 (252)
- ► 2007 (233)
Links
About Me
- BobJ
- U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions. Motto: "When entrusted to process, you are obligated to safeguard"
No comments:
Post a Comment