skip to main |
skip to sidebar
Daily Report Tuesday, December 26, 2006Daily HighlightsThe Department of Homeland Security on Friday, December 22, made available for public review an aggressive and comprehensive set of proposed regulations that will improve security at high.risk chemical facilities nationwide. (See item 6)
·
The Port Authority of New York and New Jersey, in an analysis based on work by Lawrence Livermore National Laboratory and the Rensselaer Polytechnic Institute, has revised an earlier assessment of the PATH system and now states that the tunnels are structurally more vulnerable than first thought. (See item 18)
·
The Savannah Morning News reports the Savannah.Chatham Metropolitan Police Bomb Squad seized several canisters containing explosive.making materials, including German military grenades, igniters, fuses, and consumer fireworks, from Skidaway Mobile Estates in Georgia. (See item 44)
Information Technology and Telecommunications Sector
38. December 22, eWeek — Vista exploit surfaces on Russian hacker site. Proof.of.concept exploit code for a privilege escalation vulnerability affecting all versions of Windows .. including Vista .. has been posted on a Russian hacker forum, forcing Microsoft to activate its emergency response process. Mike Reavey, operations manager of the Microsoft Security Response Center (MSRC), confirmed that the company is "closely monitoring" the public posting, which first appeared on a Russian language forum on December 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server. According to an alert cross.posted to security mailing lists, the vulnerability is caused by a memory corruption when certain strings are sent through the MessageBox API. "The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems," Reavey said in an entry posted late Thursday, December 21, on the MSRC blog.MSRC blog: