There is a history in all men's lives.
William Shakespeare (1564 - 1616) English dramatist and poet.

- Weekly summary -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 17, 2004 - This week Oxygen3 24h-365d has dealt with the
issues summarized below, which can be accessed at:

http://www.pandasoftware.com/about/press/oxygen3/oxygen.asp

- Software vulnerabilities: an increasingly popular resource for spreading
malware (04/12/04).
Vulnerabilities can be essentially defined as 'flaws or security holes
detected in programs or IT systems'. In practice, these security holes can,
for example, allow viruses to automatically carry out their actions, without
user intervention. This means of transmission is not new, as the Klez.I worm
used this method almost two years ago and is still one of the viruses most
frequently detected on users' computers. Due to the success of this tactic,
virus authors have seen it as an effective means of spreading their
creations far and wide, and as a result, viruses that try to exploit
software vulnerabilities are becoming more common. In fact, the time lag
between a new vulnerability being discovered and a virus that tries to
exploit it being released is getting shorter.

- Vulnerability in the Internet Explorer ITS protocol handler (04/13/04).
US-CERT has reported a security flaw in Microsoft Internet Explorer (IE)
that could allow an attacker to run arbitrary code with the privileges of
the user of the browser. This vulnerability, which allows an attacker to
read and handle data on websites in other domains or zones, lies in how ITS
protocol handlers determine the security domain of an HTML component stored
in a Compiled HTML Help (CHM) file.

- Critical updates for Windows (04/14/04).
Microsoft has released its monthly security bulletins for April, which
include four critical updates that fix multiple vulnerabilities in Windows.
Due to the nature of the vulnerabilities fixed and the number of affected
components and systems, all Windows users are advised to update their
systems, either automatically -through the Windows Update service-, or
manually, by downloading the corresponding patches.

- Updates available for BEA WebLogic (04/15/04).
BEA has released a set of patches for WebLogic Server and WebLogic Express
that fix four vulnerabilities that can be used for different malicious
purposes. One of the updates published by BEA prevents administrative
privileges from being unintentionally assigned when creating new groups.
Another two solve problems related to password exposure, whereas the fourth
prevents user impersonation.

- Netsky.V is downloaded from computers that it has previously infected
(04/16/04).
Although the V variant of Netsky has not caused a significant number of
infections, it stands out for the means of transmission it uses. Unlike the
majority of worms, Netsky.V does not hide in an attached file and wait for
the user to run it, but exploits a vulnerability to download itself from
another computer that it has already infected.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.