Tuesday, October 30, 2007
- · The International Herald Tribune reports that, according to a Government Accountability Office report, more than a year after the U.S. Congress told the Energy Department to harden U.S. nuclear bomb factories and laboratories against terrorist raids, 5 of the 11 sites are certain to miss their deadlines. (See items 6)
- · Computerworld reports that hackers amped up attacks using malicious PDF files that exploit a broad flaw in Windows. The attacks, which began Tuesday, exploit bugs in the Windows versions of Adobe Systems Inc.’s Reader and Acrobat software; Adobe patched the newest editions of those programs Monday, but has not yet updated older variants. (See item 31)
released October 19, for Windows, however, are not vulnerable to the half-dozen bugs, RealNetworks Inc. said. After revealing that RealPlayer included a serious flaw that had
been exploited by hackers who compromised an ad server owned by 24/7 Real Media to spread malware to visitors of legitimate, trusted Web sites, Seattle-based RealNetworks Thursday posted information about the latest vulnerabilities. All six bugs involve RealPlayer’s problems parsing file formats and could be exploited by hackers who first crafted malicious files, then duped users into either opening those rigged files when they received them as e-mail attachments or visiting an attack site that hosted such files. Among the file types: .mov, .mp3, .rm, SMIL, .swf, .ram and .pl.