Symantec on Tuesday released updated hotfixes for several of its gateway products that suffer from a vulnerability hackers have already used to poison DNS caches and redirect users to malicious sites.

Although Symantec released patches earlier this month for its Gateway Security 5300 and 5400 Series, the Windows and Solaris editions of its Symantec Enterprise Firewall, 7.0.x and 8.0, and its Symantec VelociRaptor, the new fixes "further hardens the DNSd for protection against an additional potential vector identified by Symantec engineers during our post-analysis," said the Cupertino, Calif.-based security firm in a bulletin on its Web site.

The U.S. government will join select partners of Microsoft in receiving security patches as early as a month before they become generally available. The early-access program, already available to some customers, provides beta test versions of patches so customers can be prepared when vulnerabilities are publicly disclosed.

Microsoft signed a $500 million software deal with the U.S. Air Force last year, which stipulated that the Air Force will join the Security Update Validation Program and test patches before they are officially released. In turn, the military will become a beta tester for Microsoft's updates.According to the Wall Street Journal, the Air Force will first receive the prerelease patches, which, following testing, will be distributed to other government agencies by the Department of Homeland Security.

Some useful citizen has created an installer that will nail IE with spyware, even if a surfer is using Firefox (or another alternative browser) or has blocked access to the malicious site in IE beforehand. The technique allows a raft of spyware to be served up to Windows users in spite of any security measures that might be in place.

Christopher Boyd, a security researchers at Vitalsecurity.org, said the malware installer was capable of working on a range of browsers with native Java support. "The spyware installer is a Java applet powered by the Sun Java Runtime Environment, which allows them to whack most browsers out there, including Firefox, Mozilla, Netscape and others. In the original test, only Opera and Netcaptor didn't fall for the install but Daniel Veditz, who is the head of Mozilla security, has since confirmed to me that this will also work in Opera and Netcaptor," he explained.

Although Microsoft didn't release any new security bulletins in March, it did post revisions Tuesday of two critical vulnerabilities from earlier in 2005 to provide patches for obsolete operating systems.

The two patches add Windows 98, Windows 98 SE, and Windows Me to the list of those fixed against a pair of vulnerabilities in January and February of this year.

Hundreds of thousands of Web sites running Windows NT 4 remain -- and will remain -- at risk from attack via a vulnerability patched for other operating systems a month ago, a U.S.-based security firm and a British-based Web monitoring vendor said Thursday.

The bug in a key Windows protocol, Server Message Block (SMB), was patched for Windows XP, Windows Server 2003, and Windows 2000 in February, but because NT 4 had reached the end of its support lifecycle December 31, 2004, no public fix was issued by Microsoft.

Using passwords and identifications from legitimate customers, thieves broke into databases owned by information company LexisNexis and stole personal information on about 32,000 U.S. citizens, the company's corporate parent said Wednesday.

The incident was the second breach of personal data announced in the last month by a major data broker. ChoicePoint Inc. in February said scam artists had tricked the Alpharetta, Ga., company into handing over 145,000 records containing Social Security numbers and other personal information on people in 50 states.

In the LexisNexis case, the names, addresses and Social Security and drivers' license numbers of 32,000 individuals were stolen from the company's recently acquired Seisint unit, Anglo-Dutch publishing company Reed Elsevier Group PLC said in a statement. LexisNexis officials were assisting U.S. law enforcement officials in investigating the incident.

Directory harvest attacks, brute-force assaults on enterprise e-mails systems by spammers hoping to score valid addresses, were at an all-time high in February, a message security vendor reported this week.

According to Redwood City, Calif.-based messaging filtering firm Postini, DHAs were launched by spammers at a crippling rate.

BOSTON (AP) -- A computer hacker gained access to internal admissions records at Harvard, Stanford and other top business schools, then helped applicants log on and learn their fate weeks ahead of schedule, officials said Thursday.

Few of the people who followed the hacker's directions managed to find out if their applications have been accepted, according to school officials. But many of them could end up getting rejected now that the schools are checking to see who tried to exploit the security breach.

Microsoft is giving security administrators a day off next Tuesday.

One month after releasing a whopping dozen bulletins to cover 17 security flaws in a range of products, Microsoft Corp. announced that there would be no new advisories this month.

Only about one in five companies is "completely prepared" for the next virus attack, according to the results of a survey of 150 IT professionals who manage software updates for their companies. The biggest problem when businesses are hit by a virus is user downtime.

The survey, completed last month by research firm InsightExpress and commissioned by SupportSoft Inc., a developer of software for managing software updates, portrays patch management as an ongoing issue that poses a variety of risks.

For example, patching still takes a week or longer at about a quarter of companies. That compares with 19% of respondents who say their IT organizations distribute patches to all computers within hours and 57% that do the job in days.

It may not be the second Tuesday of the month -- Microsoft's normal day to release security bulletins and patches -- but the Redmond, Wash.-based developer has posted a critical fix to Windows XP Service Pack 2 (SP2) on its Windows Update site, and pushed it to users relying on Automatic Update.

The problem, which has actually been public since December 2004, also affects Windows Server 2003 and Windows XP Tablet PC Edition 2005. In some cases, installing third-party anti-virus or firewall software -- Microsoft didn't name makers or package titles -- can bring down the operating system in a Blue Screen of Death with a cryptic error that reads "Stop 0x05 (INVALID_PROCESS_ATTACH_ATTEMPT)."

Microsoft has begun reminding users who last year blocked the installation of Windows XP Service Pack 2 (SP2) that a deadline is fast approaching. On April 12, all blocking mechanisms will expire and Windows XP and XP SP1 systems will automatically download and update to SP2.

"The intent of this alert is to provide you with a reminder about the upcoming deadline around the date on which Automatic Update (AU) and Windows Update (WU) will deliver Windows XP SP2 regardless of the presence of the blocking mechanism," said Microsoft.

Netcraft has the story that Mozilla has decided to drop support for international domain names in future versions of its Firefox Web browser. The decision comes after demonstrations by the Schmoo Group that the feature can be used to aid in phishing scams and other browser naughtiness.

The attack can be disabled in Firefox and Mozilla by setting 'network.enableIDN' to false in the browser's configuration (enter about:config in the address bar to access the configuration functions). The Mozilla development team today made this the default setting. Users who want IDN support will be able to turn it on, but will be warned about the risks involved.

Virus makers will push into the virgin territories of cell phones, handhelds, and embedded computers, perhaps even those used in cars, IBM's annual security report said this week.

IBM's 2004 Global Business Security Index both summarizes the year past -- something virtually every major security vendor has done during December and January -- and puts the spotlight on the trends it sees for 2005.

Computer hackers captured the names, Social Security numbers and other information of more than 30,000 students and staff at George Mason University earlier this month, school officials said Monday.

The university, which is in Fairfax, near Washington D.C., discovered on Jan. 3 that intruders had hacked into a server containing the protected information, school spokesman Daniel Walsch said. He said the university notified all students and staff.

It didn't take hackers long to start banging hard on the vulnerabilities Microsoft disseminated Tuesday.
Just a day after the Redmond, Wash.-based developer rolled out a dozen advisories containing 16 vulnerabilities, 10 of them tagged as "Critical," exploit code has gone public for one, Microsoft said late Wednesday.

Hacker group "Shmoo" demonstrated an amazing new browser exploit to the audience of Shmoocon.
The exploit allows ANY domain name to be hi-jacked from a link, including its SSL secure addresses.

Their example showed a joke page being masked by eBays address. Surprisingly enough its not Microsoft Internet Explorer this time that is venerable. All other browsers however are currently susceptible to the attack.

The FBI said Friday it has shut down an e-mail system that it uses to communicate with the public because of a possible security breach.

The bureau is investigating whether someone hacked into the www.fbi.gov e-mail system, which is run by a private company, officials said.

Microsoft on Thursday gave early warning that next week's monthly dose of security bulletins and patches will be among its biggest ever.

According to the Advance Notification service, which pre-announces upcoming patches but limits the information disclosed, next Tuesday's roundup will include 13 security bulletins, at least three of which will be marked "Critical" the Redmond, Wash.-based developer's most dire warning.

Apple Computer released its first security patch of 2005 this week in order to plug some holes in its Mac OS X operating system.

Security Update 2005-001 for Mac OS X addresses issues with Apple's "at" commands, library (libxml2), ColorSync, Safari and Mail programs as well as specific problems found in PHP and third-party supplied "SquirrelMail."