OS/400 Alert: Fix Central Is Now Firewall-Enabled

May 5, 2004 Shannon O'Donnell

This week’s “OS/400 Alert” lets you in on a couple of announcements from IBM. In addition, Microsoft has released a couple of security bulletins that you should be aware of. We’ll tell you where to go to learn more.

ISERIES SUBSCRIPTION SERVICE

One of the cool things about Symantec‘s Norton utilities is its capability to notify itself that new virus definitions are available. This makes it easy for you to keep current on virus protection because you do not have to remind yourself to check for updates every so often. IBM is now offering a similar service for iSeries updates. The iSeries Subscription Service is a new online service that sends you e-mail notifications of new fixes and other support issues as they become available. You can be automatically notified about cumulative PTF packages, HIPER PTFs, defective PTFs, database fixes, Java fixes, backup and recovery PTFs, performance tools PTFs, WebSphere PTFs, IBM HTTP Server PTFs, IBM Connect PTFs, and more.

For more information, or to subscribe to this service, go to IBM’s Web site.

MICROSOFT OUTLOOK EXPRESS CUMULATIVE PATCH AVAILABLE

Microsoft has released a new cumulative security patch for users of its Outlook Express e-mail client. This is a cumulative update that includes the functionality of previously released updates for Outlook Express 5.5 and Outlook Express 6. Additionally, it eliminates a new vulnerability that could allow an attacker who successfully exploited this vulnerability to access files and to take complete control of the affected system. This could occur even if Outlook Express is not used as the default e-mail reader on the system.

Microsoft recommends that customers install this update immediately.

More information can be found on Microsoft’s Web site.

MICROSOFT SECURITY UPDATE FOR WINDOWS

Microsoft has issued its latest security update for Windows. This update resolves several newly discovered vulnerabilities. Each vulnerability is documented in this bulletin in its own section. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system and install programs, view, change, or delete data, or create new accounts that have full privileges.

Microsoft recommends that customers apply the update immediately. More information can be found on Microsoft’s Web site.

FIX CENTRAL NOW WORKS WITH FIREWALLS

If you have ever tried to use IBM’s online Fix Central iPTF support tool, and your iSeries is behind a firewall, you know that your chances of success were somewhere between non-existent and not a chance in Hades. IBM has finally recognized that most businesses might have some type of firewall protection on their networks and that they cannot get to Fix Central through that firewall, so IBM has issued PTF that addresses the problem for both V5R1 and V5R2. For more information, go to IBM’s iSeries Support Web site.

THIS WEEK’S NASTY WINDOWS WORRIES

The following information is from www.symantec.com.

Trojan.Adwaheck is a Trojan that contains both Adware and backdoor Trojan functionality.

W32.Sasser.B.Worm is a variant of W32.Sasser.Worm. It attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011, and it spreads by scanning randomly chosen IP addresses for vulnerable systems.

W32.Misodene@mm is a mass-mailing worm that sends itself to the e-mail addresses that it finds in files on infected machines. When first executed, it displays a message box that reads “Virus Liberdad.”

Backdoor.Sdbot.Z is a Trojan horse that can be controlled using IRC. The existence of the file wupdated.exe is an indication of a possible infection.

W32.Gaobot.AFW is a worm that spreads through open network shares and several Windows vulnerabilities. The worm also spreads through backdoors installed by the Beagle and Mydoom worms and the Optix family of backdoors. This worm also has the capability to act as a backdoor server program and to attack other systems. Additionally, the worm attempts to kill the process of many antivirus and security applications.

PTF’S AND FIXES FOR OS/400 AND RELATED PROGRAMS

IBM released the latest cumulative package for V5R2 customers on March 29.

The latest HIPER package was released April 27.

The Database Group PTF was updated March 30.