Websense to acquire PortAuthority Technologies

Round up of secuity news inlcuding Sony BMG settles lawsuit over rootkit technology; Apple fixes a Mac OS X glitch; and Microsoft releases the first draft of PatchGuard APIs.

Websense acquiring PortAuthority Technologies
Websense t has reached a definitive agreement to acquire PortAuthority Technologies Inc. of Palo Alto, Calif., for approximately $90 million in cash.

Websense said in a press release that the planned acquisition will "bring together two technology and market leaders in preemptive content security: PortAuthority with its information leak prevention technology and Websense with its ThreatSeeker malicious content identification and categorization technology." The result will be a new best-of-breed security software company with the capacity to help organizations prevent the unauthorized use or disclosure of confidential data while simultaneously protecting users and data from external malicious threats, the company said.

The stockholders of PortAuthority have approved the proposed acquisition. The closing of the merger is subject to standard closing conditions and is expected to close in January 2007.

Sony BMG settles lawsuit over rootkit technology
Sony BMG Music Entertainment Inc. caught the information security community's wrath last year when a researcher discovered the company was using rootkit-based antipiracy software in some of its CDs. Now, the entertainment firm will pay $750,000 in penalties and costs and reimburse California consumers whose computers were harmed by the software.

The company reached an agreement with the attorney general of Los Angeles County and the state of California to settle a lawsuit charging that it secretly embedded digital rights management software on CDs that potentially opened the door to hackers, according to the Reuters news service. The lawsuit alleged that Sony did not properly disclose information about the software, which was designed to limit the number of copies consumers could make of their music.

Tom Papageorge, a head deputy district attorney for Los Angeles County, told Reuters that Texas filed a similar agreement with the courts Tuesday and he predicted the Federal Trade Commission and other U.S. states would do the same over the next year.

Sony BMG sold about 12.6 million CDs with the software nationwide between January 2005 and November 2005 and about 930,000 in California, Reuters reported. Sony has since stopped using the technology.

As part of the settlement, Sony BMG will pay up to $175 to California consumers who can prove the software damaged their computers. The company will also pay $750,000 in penalties and fees to settle the case.

Apple fixes Mac OS X glitch
Apple Computer Inc. has released a Mac OS X security update to fix a flaw attackers could exploit to access sensitive information on a victim's machine.

According to the French Security Incident Response Team (FrSIRT), the problem is an error in QuickTime for Java when used in conjunction with Quartz Composer to obtain images rendered on screen by embedded QuickTime objects. This could be exploited by malicious Java applets to capture images that may contain local information.

The problem affects Mac OS X and Mac OS X Server versions 10.4.8 and prior.

According to the Bethesda, Md.-based SANS Internet Storm CenterWeb site, this update has nothing to do with the recently-reported phishing worm that targeted the MySpace community. It did so by exploiting the Javascript support within Apple's QuickTime player as well as a MySpace vulnerability.

Microsoft releases first draft of PatchGuard APIs
Microsoft Tuesday gave security vendors a first look at the application programming interfaces (APIs) they'll need to make some of their products work with Vista's PatchGuard kernel protection program.

Vendors will be able to test the draft APIs and make comments on them through the end of January. A final version of the APIs will be released when the software giant releases Service Pack 1 for Vista sometime in mid-2007, Windows Core Operating System VP of development Ben Fathi told Computerworld. Microsoft also released a criteria evaluation document outlining the criteria Microsoft used to evaluate vendor API requests.

"We are publishing this to be very clear and above board on what our processes are for establishing the new APIs that we are going to add to the kernel," Fathi told Computerworld. "We want to hear feedback from partners and the rest of the industry on whether this is a good set of criteria or not."

Security vendors like Symantec Corp. and McAfee have complained that PatchGuard will prevent them from developing products that work properly with Vista.

Researchers eye Skype worm
Security researchers are looking into reports that a worm is using Skype Ltd.'s popular VoIP (voice over Internet protocol) service to spread.

The worm warning was raised Tuesday by security firm Websense Inc., which said Skype users may receive a message asking them to download a file called "sp.exe." The file is infected with a Trojan horse program that could be used to steal passwords. Websense said the first infected PCs have been found in the Asia-Pacific region.

While the worm is out there, it has not led to a massive outbreak, F-Secure Corp. Chief Research Officer Mikko Hypponen told the IDG News Service. "What's clear is, there's no massive worm outbreak with Skype at the moment," Hypponen said. "We are following the situation."

Researcher readies Month of Apple Bugs
The researcher behind the Month of Kernel Bugs is now planning for a Month of Apple Bugs in January. The researcher, who goes by the initials LMH, is joining forces with Kevin Finisterre of Digital Munition to bring unpatched Mac OS X and Apple application vulnerabilities to light through the month, eWeek reported. LMH and Finisterre have apparently accumulated a pile of exploits for holes in Safari, iTunes, iPhoto, Camino and Firefox.

Read more on PC hardware