Common Management Agent 3.x / ePolicy Orchestrator Agent 3.x

Common Management Agent 3.x / ePolicy Orchestrator Agent 3.x
The McAfee Virtual Technician can detect components of your VirusScan installation that are not being patched via the VirusScan patch cycle. In this case the McAfee Common Management Agent (CMA).

It would appear that Build 3.6.0.453 is installed with VirusScan v8.5i. You can download Patch 3/Hotfix 10 to update to Build 3.6.0.603, but to obtain Patch 4 Build-3.6.0.608 you’ll need your grant number.

• 3.6.0 Patch 4 Build-3.6.0.608 (Released September 2008) : KB53496
  NOTE: This patch is available from the McAfee downloads page. You will have to login using your grant number. You will see it under the section called “Common Management Agent (CMA) 3.6.0.

• 3.6.0 Patch 3 w/ HotFix 10 Build-3.6.0.603 (Released April 2008) : Release Notes : KB52556
• 3.6.0 Build-3.6.0.453 Necessary for use with VSE 8.5i (installed with VSE 8.5i?)

To apply Patch 3/Hotfix 10 you will need to be running an ePO server.

This exploit is only effective in Managed mode installations (CMA deployed and managed by ePO or PrP) because the ports are open. Standalone (unmanaged) installations of CMA are not affected by this vulnerability because the ports are not open. [4]

LINKS:
[1] Version information for Common Management Agent 3.x.x / ePO Agent 3.x.x (2008-SEP-19) [McAfee]
[2] McAfee Common Management Agent 3.6.0 Patch 4 Release Notes (2008-Nov-27) [McAfee]
[3] CMA 3.6 Patch 4 Release Notes (2008-Sep-10) [McAfee]
[4] McAfee Security Bulletin – CMA HTTP Request DoS vulnerability (2008-Oct-14) [McAfee]

No more Google lively

Lively is shutting down
Not all that long ago Google Lively was being launched. Google have recently announced that Lively is shutting down and that rooms and avatars will not be available after December 31st, 2008.

In July we launched Lively in Google Labs because we wanted users to be able to interact with their friends and express themselves online in new ways. Google has always been supportive of this kind of experimentation because we believe it’s the best way to create groundbreaking products that make a difference to people’s lives. But we’ve also always accepted that when you take these kinds of risks not every bet is going to pay off.

That’s why, despite all the virtual high fives and creative rooms everyone has enjoyed in the last four and a half months, we’ve decided to shut Lively down at the end of the year. It has been a tough decision, but we want to ensure that we prioritize our resources and focus more on our core search, ads and apps business. Lively.com will be discontinued at the end of December, and everyone who has worked on the project will then move on to other teams. — GoogleBlog [1]

Farewell Lively.

[1] Lively no more (2008-Nov-19) [GoogleBlog]
[2] Lively no more (2008-Nov) [Lively.com]

SSA 1801 Vagabond

Found via a post on The Heliograph; Second Skies Airships

SSA-1801 Vagabond

The SSA-1801 Vagabond is a flying steamship, designed to evoke the spirit of the 19th century “tramp steamer”, in a Mark Twain meets Jules Verne sort of way. — secondskies.com

Your camera, here to infect?

SANS Internet Storm Center blog had a very timely posting yesterday regarding Picture Printing Kiosks & Flash Memory Devices (2008-Nov-22)

Whether its the Secure Digital device in your Digital Camera, or the USB Flash Drive that you carry around the office, the convenient and widespread use of Flash Memory Devices also offers a negative element – as an effective method of malicious software propagation.

One senario that recently became a negative experience for a relative of mine involved the use of a “kiosk” based photo printing system at a retail outlet. After exhausting all methods of trying to understand how her computer became compromised, it quickly became aparent when I discovered an AUTORUN.INF file on her camera’s SD card.

All future visits to “kiosks” now involve CD-ROMs containing her pictures for printing.

It’s this time of year that photos are being collated for End of Year/Christmas presentations. Sure enough later that evening there is a cry from the computer room as a borrowed camera is caught by the antivirus software as it tries to infect one of our machines. As the saying from Hill Street Blues goes – “Hey, let’s be careful out there.”

This weeks links (2008-11-24)

i iz ur dj Kthxbai.

We wish you a Geeky Christmas …

• Boing Boing’s Holiday Gift Guide part three: Gadgets and stuff (2008-Nov-28) [BoingBoing]
• Boing Boing’s Holiday Gift Guide part two: Fiction (2008-Nov-27) [BoingBoing]
• Boing Boing’s Holiday Gift Guide part one: Kids (2008-Nov-26) [BoingBoing]
• 17 Holiday Gift Ideas for Geeky Kids (2008-Nov-22) [ReadWriteWeb]
• GeekDad Holiday Gift Guide #4: GeekMoms! (2008-Nov-26) [GeekDad]
• GeekDad Holiday Gift Guide #3: Kids’ Gadgets & Video Games (2008-Nov-18) [GeekDad]
• GeekDad Holiday Gift Guide #2: Dads’ Books & Activities (2008-Nov-10) [GeekDad]
• GeekDad Holiday Gift Guide #1: Kids’ Books & Activities (2008-Nov-03) [GeekDad]
• Favorite tech toys for kids: Holiday Buying Guide for Pre-Teens (2008-Nov-18) [NYT]

It’s gone what?

Viral marketing only goes viral once it turns into a poetry meme on BoingBoing.

– Motorola, could you please tell your viral marketer to get out of our comments? (2008-Nov-25) [BoingBoing Gadgets]

Australia’s largest private computer museum
Max Burnet has turned his home in the leafy suburbs of Sydney into arguably Australia’s largest private computer museum. Since retiring as director of Digital Equipment Corporation a decade ago, Burnet has converted his interest in the computing industry into an invaluable snapshot of computer history. Every available space from his basement to the top floor of his two-storey home is covered with relics from the past. His collection is vast, from a 1920s Julius Totalisator, the first UNIX PDP-7, a classic DEC PDP-8, the original IBM PC, Apple’s Lisa, MITS Altair 8800, numerous punch cards and over 6000 computer reference books. And more. He happily opened his doors for CIO to take a look. — Tech of Yesteryear: Where Old Computers Find Their Final Resting Place (2008-Nov-24) [CIO]

Alan Moore Interview
The Forbidden Planet International Blog back in June has an interview with the graphic novel legend Alan Moore.
Part I – We’re off to see the Wizard, the wonderful Wizard of Northampton – Pádraig Ó Méalóid talks to Alan Moore (2008-Jun-13)
Part II – You want Moore? You got it! (2008-Jun-13)

Steam Punk NYE@Melbourne

Euchronia – a steampunk / neo-Victorian Years End Ball in Melbourne Australia
Time is the fire in which we burn

Euchronia - a steampunk / neo-Victorian Years End Ball in Melbourne Australia | Time is the fire in which we burn

Euchronia is a steampunk / neo-Victorian Year’s End Ball taking place in Melbourne, Victoria, Australia on the last day of the calendar year of 2008. The event officially opens for general admission at 9pm and proceedings will continue ’til the early hours of the following morning. Our venue is the fabulous and anachronistic Victorian Trades Hall, an historic Victorian Era building at the edge of the Melbourne CBD which features a perfect blend of history and realism to delight the neo-Victorian enthusiast. Victorian Trades Hall is a licensed venue with full bar facilities and as such, Euchronia is an 18+ event. … — Euchronia

Dress Code: neoVictorian, steampunk, formal black tie/white tie/ballgown, pirate punk, Edwardian, vintage 20′s & 30′s, goth! See here for more costume ideas!

This weeks links (2008-11-18)

The Bond Villain Data Center
Thanks to Brian for the heads up we have the inside on this beauty;

This underground data center has greenhouses, waterfalls, German submarine engines, simulated daylight and can withstand a hit from a hydrogen bomb. It looks like the secret HQ of a James Bond villain.
And it is real. It is a newly opened high-security data center run by one of Sweden’s largest ISPs, located in an old nuclear bunker deep below the bedrock of Stockholm city, sealed off from the world by entrance doors 40 cm thick (almost 16 inches). …

The world’s most super-designed data center – fit for a James Bond villain (2008-Nov-14) [Royal Pingdom]

The Evil League of Evil
Whilst we are on the topic of Evil, The Evil League of Evil was recruiting … yes THAT Evil League of Evil!
Make the bad horse gleeful, or he’ll make you his mare.
Go to YouTube and have a chuckle at the Evil League Of Evil Applications.

2008 Elluminati Community Conference
The ECC 2008 Recordings are now online.

You can close a desert?
The Simpson Desert will be closed for the first time this summer because of the danger posed by extreme temperatures. From the press release;

The South Australian Department for Environment and Heritage (DEH) has announced that the Simpson Desert will be closed during the hottest months of the year to ensure the safety of visitors and emergency personnel.
The closure, to apply from 1 December to 15 March each year, will affect the Simpson Desert Conservation Park and Regional Reserve in South Australia.
The closure was proposed after a risk assessment identified that extreme temperatures constituted a high safety risk to people attempting to cross the Simpson Desert during this period.
Consultation with local businesses, tour operators and other people with an interest in the area showed the community was very supportive of the closure. …
– Simpson Desert closed during summer to ensure visitor safety (PDF) (2008-Nov-11) [Department for Environment and Heritage SA]

Safari 3.2

Apple have released Safari 3.2, which addresses a number of bugs and several security vulnerabilities;

• Safari : CVE-ID: CVE-2005-2096 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-1767 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-3623 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-2327 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-2332 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-3608 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-3642 (Windows XP or Vista)
• Safari : CVE-ID: CVE-2008-3644 (Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista)
• WebKit : CVE-ID: CVE-2008-2303 (Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista)
• WebKit : CVE-ID: CVE-2008-2317 (Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista)
• WebKit : CVE-ID: CVE-2008-4216 (Mac OS X v10.4.11, Mac OS X v10.5.5, Windows XP or Vista)

The new release is available through Apple Software Update or as a standalone download.

[1] About the security content of Safari 3.2 (2008-Nov-13) [Apple]
[2] Download Safari 3.2 now (2008-Nov-13) [Apple]
[3] Safari 3.2 for Mac OS X 10.4.x (Tiger) and Mac OS X 10.5 (Leopard) released (2008-Nov-14) [MacFixIt]
[4] Safari 3.2: crashing, broken plugins and installation problems (2008-Nov-14) [MacFixIt]

Firefox 2.0.0.18

Mozilla released Firefox 2.0.0.18 on November 12, 2008

Fixed in Firefox 2.0.0.18 [1]
MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
MFSA 2008-50 Crash and remote code execution via __proto__ tampering
MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
MFSA 2008-48 Image stealing via canvas and HTTP redirect
MFSA 2008-47 Information stealing via local shortcut files

Vulnerability ratings: 6 Critical, 3 High, 1 Moderate, 1 Low
Evaluation: Update now

We strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3 or Firefox 2, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu. [3]

[1] Fixed in Firefox 2.0.0.18 [Mozilla]
[2] Mozilla Firefox 2.0.0.18 Release Notes [Mozilla]
[3] Firefox 2.0.0.18 and 3.0.4 security updates now available for download (2008-Nov-12) [Mozilla]

FireFox 3.0.4

Mozilla released Firefox 3.0.4 on November 12, 2008
Firefox 3.0.4 fixes several issues found in Firefox 3.0.3 including several security issues and several stability issues.

Fixed in Firefox 3.0.4 [1]
MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
MFSA 2008-51 file: URIs inherit chrome privileges when opened from chrome
MFSA 2008-47 Information stealing via local shortcut files

Vulnerability ratings: 4 Critical, 2 High, 2 Moderate, 1 Low
Evaluation: Update now

We strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3 or Firefox 2, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu. [3]

[1] Fixed in Firefox 3.0.4 [Mozilla]
[2] Mozilla Firefox 3.0.4 Release Notes [Mozilla]
[3] Firefox 2.0.0.18 and 3.0.4 security updates now available for download (2008-Nov-12) [Mozilla]