|
|
|
March 21, 2002
Microsoft Updates Its Warning on Critical Windows Vulnerability
Microsoft issued an updated bulletin on a critical vulnerability
in its Java Virtual Machine code. The latest vulnerability affects
users who access the Web via proxy servers, which involve the
majority of business users.
Microsoft originally warned of the potential vulnerability in a
March 4th bulletin, saying that a malicious attacker could place
a Java applet on a user's machine that was capable of silently
hijacking web traffic. Once the web traffic was rerouted to the
malicious java applet, the attacker could then record a user’s
session information and possibly search for usernames, passwords,
or credit card numbers.
The latest bulletin warns that the vulnerability could further
allow the attacker to essentially take over a user's machine and
perform any task the user was authorized to perform. Microsoft
has issued critical updates to patch the vulnerability which affects
all Windows systems running the Microsoft Virtual Machine.
Microsoft has made a patch available to correct the vulnerability.
Safeguarding Customer Information
Recent prosecutions involving theft of customer information by employees
of financial institutions.
Chase Employee Pleads Guilty to Computer Fraud
Unauthorized Computer Access by California Financial Institution Employee
Fed to Discontinue FedLine for Windows NT, Move to Web
The Federal Reserve is discontinuing development of the FedLine® for the Windows NT® operating system. Instead, the Federal Reserve will be using Web technology as a platform for accessing all Federal Reserve services. The new Web based technology will include all the features and functions from the current DOS-based FedLine software. For more information go to: Federal Reserve FedLine
Previous Tech Alerts:
03/14/02 New Virus (W32/Fbound-C) Spreading Rapidly in the Wild
03/08/02 Unauthorized E-Mail Scam Attempts to Steer Unwitting Customers to Fraudulent Bank Web Site
03/06/02 Klez-E Worm and W32.Gibe Virus Warnings
03/01/02 CERT Issues Warning on PHP Scripting Language Flaw
02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw
02/22/02 SNMP Patches and Detection Tools Available
02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
02/13/02 SNMP VULNERABILITY
02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed
Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.
|
|
|
Print Friendly!
Email This Article!
Discuss NOW!