Security Patch Watch: Apple, Nortel, Symantec | eWeek

Security Patch Watch: Apple, Nortel, Symantec

Verfasst von
Ryan Naraine
Ryan Naraine
Jun 1, 2005
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

Network security vendor Symantec has released a patch to fix a security flaw in its enterprise-facing Brightmail AntiSpam software.

In a published advisory, Symantec Corp. warned that the flaw can be exploited by malicious hackers to bypass security restrictions.

Affected software includes Symantec Brightmail AntiSpam 4.x through 6.x.

Security alerts aggregator Secunia rates the bug as “moderately critical” and urged Brightmail AntiSpam users to upgrade to version 6.0.2 through the Symantec Support Web site.

Symantec said the vulnerability is caused due to a static database administration password, which can be exploited to gain administrative access to the database containing quarantined messages for review.

Apple Patches QuickTime Vulnerability

Apple Computer Inc. has updated its flagship QuickTime media player to correct a security flaw that could be exploited to hijack sensitive data.

An alert from Apple contains instructions on updating to QuickTime 7.0.1 to fix the bug.

“With QuickTime 7.0, a QuickTime movie containing a maliciously crafted Quartz Composer object can leak data to an arbitrary Web location,” the company warned.

Apple said a Quartz Composer object can gather local data and send it using an encoded URL to an arbitrary Web location.

With the update, the software modifies the QuickTime Quartz Composer Plugin to prevent access to remote Web locations.

Moderately Critical Bug in Nortel VPN Routers

Nortel Networks Corp. on Wednesday issued an alert for a denial-of-service vulnerability in the Nortel VPN Router products, previously known as Nortel Contivity.

“We believe that this is a serious vulnerability, because a single malformed IKE packet causes the VPN router to crash. Also it is not normally possible to prevent the malformed packet from reaching the router,” the company said in an advisory.

The vulnerability has been reported in the 600, 1010, 1050, 1100, 1600, 1700, 1740, 2600, 2700, 4500, 4600, and 5000 models.

Nortel recommended that users update to version 5.05.200 or install patched version of 4.76, 4.85, 4.90, or 5.00, which are expected to ship in a few weeks.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.