IDGNet Virus & Security Watch Friday 13 June 2003

Introduction: * NetWare, Mercur patches, perfect crypto and MSAV 2.0 to be released? Virus News: * Microsoft buys into antivirus market Security News: * Multiple patches for NetWare * Several buffer overflows in Mercur mail server patched * 'Perfect' encryption commercially available within three years?

Introduction:

* NetWare, Mercur patches, perfect crypto and MSAV 2.0 to be released?

Virus News:

* Microsoft buys into antivirus market

Security News:

* Multiple patches for NetWare

* Several buffer overflows in Mercur mail server patched

* 'Perfect' encryption commercially available within three years?

Introduction:

Another quiet week on the security front, with a bevy of patches from Novell for various NetWare services and an updated update from Atrium Software for its Mercur Mail Server. The virus scene was quiet too, especially compared to the previous couple of weeks - well, with the exception of Microsoft buying an antivirus developer and looking set to join the fray in the antivirus market.

Virus News:

* Microsoft buys into antivirus market

Wednesday (local time), in a move that surprised many in the antivirus industry, Microsoft and Romanian antivirus developer GeCAD announced the former was acquiring the latter's virus detection products, technology and related intellectual property (IP). Although not well known in New Zealand, GeCAD has been developing its RAV antivirus product line since 1994, initially focussing on its local market, taking advantage of the fact that few, if any, other antivirus developers made Romanian language versions of their products. In the late 1990s GeCAD internationalized its offerings, producing English and other language versions.

Microsoft claims the move will further shore up its security offerings and, at least for now, is saying that it does not plan to bundle the eventually rebadged RAV scanner product with its future OSes. Cynics may see this simply as an attempt to bypass potential early anti-trust concerns. Analogies between this development and the IE/Netscape 'browser wars' are readily drawn. Contributing to possible unease in this area, one of GeCAD's product strengths of late has been its support for Unix-ish, and particularly Linux-flavoured, OSes specializing in e-mail server virus scanning. The vision of Microsoft actively pursuing development of a virus scanner for, say Sendmail or Qmail on SPARC or PowerPC Linux seems distant, at best...

In recent months Microsoft has announced several antivirus initiatives concerning technological changes in its products and OSes. Most recently it announced a partnering deal with NAI/McAfee and Trend Micro to supply better, more pertinent virus outbreak information to Microsoft customers. The viability of the latter is unclear in light of this development, but Microsoft claims that its purchase of eCAD's antivirus IP will allow it to further 'enhance the Windows platform and extend support for third-party antivirus vendors so they can provide customers with increasingly secure and comprehensive levels of virus protection'. How likely this is to work, long-term, given that those third-party antivirus developers are now direct competitors to one of Microsoft's own business units is another interesting question.

Microsoft to Acquire Antivirus Technology From GeCAD - microsoft.com

Security News:

* Multiple patches for NetWare

Novell has released three patches for NetWare in the last week. One fixes an abend in the NetWare 6.0 HTTP stack due to specially crafted keep-alive packets, one fixes a couple of denial of service (DoS) vulnerabilities in iChain 2.1 and the third fixes one of the same denial of service opportunities in iChain 2.2 (iChain 2.2 was already not vulnerable to the other DoS vulnerability in iChain 2.1). Installation details and patch download locations are available from the relevant Technical Information Documents listed at the URL below.

Novell Security Alerts - novell.com

* Several buffer overflows in Mercur mail server patched

Many commands accepted by the IMAP4rev1 MDaemon 6.7.8 from the Mercur Mail Server v4.2 SP2 (and probably earlier versions) have been shown vulnerable to multiple remotely exploitable buffer overflow attacks. At a minimum exploitation of these vulnerabilities may cause a denial of service (the IMAP service would fail and have to be manually restarted) but execution of remotely supplied arbitrary code is also possible. As there is no need for an attacker to authenticate with the server before launching any of these attacks, it should be considered to be a serious vulnerability. Mercur administrators should check with Mercur's developers, Atrium Software International, for update availability. We have linked to Atrium's update page, but nothing apparently related to this vulnerability is listed there as of this writing.

Archived Bugtraq list message - securityfocus.com

Mercur Mail Server update page - atrium-software.com

* 'Perfect' encryption commercially available within three years?

Although currently limited to transmission across glass fibre, researchers are increasingly confident that quantum cryptography is approaching practical implementation, if not commercial viability. Quantum cryptography is very attractive because it provides guaranteed detection of interception of key transmission, thus allowing new keys to be generated and another attempt made to reliably share them. The process depends on the laws of quantum physics that suggest an eavesdropper with access to the network could not measure the properties of photons without affecting those properties. This 'tampering' is reliably detectable between the two parties properly engaged in the transaction.

Holy Grail of crypto to arrive in three years - theregister.co.uk

Join the newsletter!

Error: Please check your email address.

More about LinuxMcAfee AustraliaMicrosoftNAINetWare 6NovellQuantumTechnologyTrend Micro Australia

Show Comments
[]