5 must patch vulnerabilities
In its post, Symantec listed only which holes the new MPack version targets; I followed up with the company to get specifics and links to fixes. All of the vulnerabilities allow an attacker to take over your PC if you view a tainted Web page. And according to Roger Thompson of Exploit Prevent Labs, another popular kit called Icepack attacks the same flaws.
Since thousands of poisoned Web sites actively attack these program vulnerabilities, they are must-close holes -- and making sure they're fixed will go a good ways toward keeping you safe online. The first three vulnerabilities listed here affect Windows; if you've been keeping up with Automatic Updates, you should have the patches. To make sure, run Windows Update from the Start menu, or download the patches individually from the listed Microsoft links. The other two attacks hit QuickTime and WinZip, and are meant to catch people who might update Windows but not worry about other programs.
The must-close holes
Microsoft XML Core Services overflow
- Critical flaw for Windows XP SP2, Windows 2000 SP4 and Windows Vista
- Get the fix from Windows Update or Microsoft
WebViewFolderIcon overflow
- Critical flaw for Windows XP SP1 and SP2 and Windows 2000 SP4
- Get the fix from Windows Update or Microsoft
ANI overflow
- Critical flaw for Windows XP SP2, Windows 2000 SP4, Windows Vista and Windows Server 2003
- Get the fix from Windows Update or Microsoft
WinZip ActiveX overflow
- Critical flaw for WinZip 10 prior to Build 7245 on Windows (WinZip doesn't specify which versions of Windows)
- Get the fix (and instructions) from WinZip
QuickTime overflow
- Critical flaw for QuickTime Player 7.1.3 on Windows XP/2000
- Get the fix (and instructions) from Apple, or choose Help, Update Existing Software from the QuickTime menu.
And the hits just keep coming
But just as a steering-wheel lock won't stop someone from smashing your car window, closing these holes doesn't guarantee that you'll be safe online. Bugs and Fixes column can help you stay on top of tomorrow's critical fixes, which can help protect you against browser-busting Web attacks.
To repel e-mail threats, the other major attack vector, be on your guard against any unsolicited e-mail links or attachments, even if the message uses your name and doesn't contain obvious grammatical errors. One currently operating assault uses data stolen from Monster.com to send personalized attack messages to job seekers.
And of course, keep your antivirus software up to date. Antivirus software won't usually be of direct help in blocking crooks' intrusions via exploits like these, but often it can stop the malicious software that criminals attempt to install after breaking in. |