Ok, there were no much entries these past days and I want to share some updates.

• There’s another variant of the W97M_DLOADER, detected as W97M_DLOADER.BVS, which arrives as a .doc file attached to spammed email. It drops a Trojan downloader which is also detected as TROJ_DLOADER.BVS.
  
  
  
• Mac OS X 10.4.7 Update
  
  

  This update fixes multiple vulnerabilities found in version 10.4.6 and below.

  AFP : (CVE-ID: CVE-2006-1468)
  - File and folder names may be disclosed to unauthorized users
  
  ClamAV: (CVE-ID-2006-1989)
  - When virus scanning is configured to update automatically, a malicious database mirror may cause arbitrary code execution
  
  ImageIO: (CVE-ID-2006-1469)
  - Viewing a maliciously-crafted TIFF image may result in an application crash or arbitrary code execution
  
  Launchd: (CVE-ID-2006-1471 )
  - Local users may gain elevated privileges
  
  OpenLDAP: (CVE-ID-2006-1470)
  - Remote attackers may cause Open Directory server to crash
  
  
  

  You may get your updates by visiting Apple’s support page.

  
  

  References:

  
  
  
  
  • http://www.apple.com/support/downloads/
    
  • http://docs.info.apple.com/article.html?artnum=303973
    
  • http://www.securityfocus.com/bid/18686/info
  
  
  
  
• An IRC bot, to be detected as BKDR_IRCBOT.CR, targeting the irc.shadowfire.org IRC server submitted to the Service team for further analysis and detection.