Bruce Schneier is reporting that the SHA-1 hash algorithm has been broken:
The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper describing their results:
• collisions in the the full SHA-1 in 2**69 hash operations, much less than the brute-force attack of 2**80 operations based on the hash length.
• collisions in SHA-0 in 2**39 operations.
• collisions in 58-round SHA-1 in 2**33 operations.
This attack builds on previous attacks on SHA-0 and SHA-1, and is a major, major cryptanalytic result. It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important).
From the "I hate it when that happens" department: there's a vuln in the BlackBerry software (at least in the 7230 model) that can be used to cause the device to reboot on demand. The problem is triggered by >128Kb of text in the "Location" field of a meeting request. As RIM points out, Outlook limits that field to 255 characters, so you'd have to hand-craft attack messages. However, these messages don't do permanent damage; they just cause annoying reboots.
RIM confirms that they've already fixed this for version 3.8 of the handheld software, and that they will be adding a filter on their server-side software versions to keep these messages from getting to the device in the first place. It does raise the interesting question of what other vulns might exist in the RIM devices (as well as those from Good, Palm, and Microsoft).
This month's Security Tuesday only includes one bulletin: 04-026. It fixes a cross-site scripting/script injection vulnerability in Exchange 5.5's Outlook Web Access component. If you're using OWA 5.5, a) you should get this fix and b) you should probably be upgrading.
That's not just because I like new shiny things; it's because OWA 2000 and 2003 have a number of security features that either require third-party add-ons or can't be implemented at all in 5.5. Attachment blocking, freedoc control, and support for S/MIME are my three favorites, but chapter 14 of my book discusses all of the new features in much more detail.
Microsoft has taken the unusual step of releasing a security fix outside of their normal release cycle. The bulletin, MS04-025, is a cumulative update that addresses three separate vulns in IE: CAN-2004-0549, CAN-2004-0566, and CAN-2003-1048.
Because the MSRC has rated the bulletin as "critical", you should download and install it on affected machines immediately.
It's Security Tuesday again. This month, we get MS04-015, which covers a vuln in Help and Support Center on XP SP1 and Windows 2003 RTM (32- and 64-bit versions), and updates to MS04-014 (pretty much everyone) and MS01-052 (NT4.0 TSE SP6 and Windows 2000 SP2). Happy patching!
Well, it's the second Tuesday of the month, so it must be time for the latest crop of Microsoft security bulletins. The summary is here. There are four bulletins (MS04-011, MS04-012, MS04-013, and MS04-014), and all of them are rated "critical". Patch now.
I've never been much on centralized contact managers like Plaxo. Why would I want to outsource all of my contacts to some company in the naïve hope that they won't hose me? Turns out that this may have been a legitimate concern; this describes a trivial script injection attack against Plaxo that lets an attacker 0wn your contact data. Oops. So, if you're using Plaxo, you should probably stop.
Microsoft announced a security flaw in Exchange 2003. Basically, if you install Windows SharePoint Services (WSS) on an Exchange 2003 back-end, you may be allowing OWA users to access other users' mailboxes. This occurs when Kerberos authentication gets turned off; to fix things, you should make sure that Kerberos is turned back on. You can also turn off connection reuse to fix the problem. The number of affected users is quite small, and it's certainly understandable that MS didn't test this particular configuration, but it's still embarrassing.
C|Net (and others, but I'm picking on them because their reporter should know better), are breathlessly reporting an allegedly new approach to breaking Windows passwords. The article conveniently ignores the fact that trading space for time is a well-known technique for lots of applications, and it presents without comment the claim that this is a major vuln. It's not. Here's why:
Microsoft has MS03-007 out. The bulletin describes a buffer overflow vulnerability in the WebDAV component of IIS 5.0 on W2K; Windows 2003 and Windows XP aren't affected. The practical effect of this vuln is that an attacker can run code of her choice on your server (at which point it's not really your server anymore.) The worst part is that an exploit for this problem is already circulating.
There are several ways to avoid this problem:
What about long-term solutions? Well, you should definitely be using IIS Lockdown on all your Windows 2000 servers. If you combine that tool with reasonable attention to patches, you will be in relatively good shape. You should aggressively follow up with MBSA scans to check for correct patch installation. In almost all cases, your life will be easier if you deploy the Software Update Service (SUS) to pull patches and stage them for mass installation. When I get a free minute, I'll be writing an article here describing exactly how to use SUS.
In the meantime, if you read and follow the recommendations in chapters 6 and 14 of the book, you can relax.
UPDATE: Microsoft has pulled the downloadable update, citing mismatches between the rollup binaries and the associated symbol files. They haven't yet provided an ETA for restoring the download, although the KB articles are still there.