I confess I did not make this post’s title up. I actually copied it from InformationWeek because I found it so funny. Is MI5 really going to e-mail a terrorist some alerts? How convenient for him/her…”Dear terrorist, this is an automated email message from MI5 just to let you know that our alert level is now Lavender, soon to be Magenta if you do not turn yourself in. This is your last e-mail alert.”

The United Kingdom’s Security Service — better known as MI5 — announced Tuesday that it will soon warn citizens of changes in the nation’s terrorist threat ranking via e-mail.

Oh, oh, I see now. But how will citizens know that it’s really MI5 writing to them? And how does this play into the hands of phishers who will send out warning email telling users to click on a link for terror alert information?

I find it pretty annoying to read through system logs and see that people in Russia appear to be loudly searching for systems vulnerable to a wp-trackback.php flaw. Is this the one from 2005 or the one from 2006, or is this a result of the January 5th, 2007 security warning and 2.0.6 release?

It appears the Russians (or at least Russian speaking users, perhaps someone who is a fan of Belfegor, coming from cedsl.simtel.ru:3128 (Oops 1.5.24 proxy) using 89.19.160.21) are trying the following Google query to find targets:

http://www.google.ru/search?q=inurl:wp-trackback.php&hl=ru&lr=&newwindow=1&start=10&sa=N

Patch, patch, patch…

Looks like version 7.0.9 for Acrobat has been released today to address the PDF XSS flaw discussed last December and widely reported on January 3rd:

Adobe has provided an update to resolve a vulnerability in Adobe Reader and Acrobat. For more information, please refer to the APSB07-01 Security Bulletin. This cross-site scripting (XSS) vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat could allow remote attackers to inject arbitrary JavaScript into a browser session.

Bad stuff if you use a browser and view PDFs…which is basically (almost) everyone who “browses the web”. Recently the debate had moved on to how the flaw allows remote attackers to browse files on your local system…

You can also just upgrade to Acrobat 8.

eEye wants you to know that Microsoft has eight lingering zero day vulnerabilities, including one they say has been exposed for 420 days…

The following entries are active zero-day vulnerabilities. They have been publicly disclosed and/or used in attacks, and do not have any published vendor-supplied patch.

No vendor patch…but eEye will sell you some software that will “fix” things. The site is actually an advertisement for eEye products, so it’s interesting to see them alerting people to a low risk vuln that is over a year old, while still calling it “zero day”. Usually people talk about protecting you from tomorrow’s risks, rather than the ones you know of and probably aren’t planning to do anything about. On the other hand, maybe someone will find a way to increase damage or expand the risk of Microsoft’s memory exhaustion flaw.