Out Of Band Patches from Microsoft I and II

Microsoft announced extraordinary updates for the Internet Explorer and for Visual Studio for this Tuesday to come. While the company rates the security issue in Visual Studio only as moderate, the IE-flaws – which also affect IE8 – are considered critical and allow for remote code execution. Prepare for those updates as they are really critical and necessary if Microsoft decides to do an out-of-band release. Install them ASAP when available.

As announced last week, Microsoft released two security bulletins out-of-band. They cope with critical vulnerabilities in all Internet Explorer Versions and with a flawed Active Template Library (ATL) for developers using Microsoft’s Visual Studio. Due to the flaw in the ATL – which gets used to build ActiveX controls for example – it is possible to bypass the kill bit restrictions within the Internet Explorer (IE). Manipulated Websites thus can call ActiveX modules with security vulnerabilities and inject malware on affected computers. Microsoft now closes three security holes in IE and hardens it against abuse of the flaws introduced by the ATL.

The error is based on flaws within the ATL of Visual Studio. Thus components build with this development environment can be affected, too. Cisco for example released a security advisory and announces workarounds and updates for the Cisco Unity software. Expect other software developers to release updates soon, too.

Interestingly, according to Microsoft’s Security Bulletins, Windows 7 is not affected by these vulnerabilities. Install the updates as soon as possible, and if you are a developer, rebuild your components with the new ATL. A knowledge-base article from Microsoft explains the issue for developers.

Read More......

Security flaw in Adobe PDF/Flash

There are security flaws within Adobe Reader and Acrobat and the Adobe Flash Player which are getting actively exploited on the net currently. The company has published a security advisory where it announces that they are currently investigating the problem and plan an update for the 30th of July. Avira antivirus solutions already detect the malicious PDF files as EXP/Pidief.TH and the dropped malware by those documents as TR/Drop.Wmach and TR/Spy.WMach, respectively. Anyhow it is a good idea to take additional security measures until Adobe provides an update.

Adobe recommends to delete or rename the file authplay.dll that ships with the Reader and with Acrobat. Also, enabling Data Execution Prevention (DEP) and activating the User Access Control (UAC) in Windows Vista shall mitigate the risk according to Adobe. Another solution would be using a different PDF reader and disabling Adobe PDF and Flash within the web browser via its add-ons-manager. The NoScript extension for Firefox also helps preventing Flash applications to run in the browser; it is possible that drive-by-downloads via malicious Flash applications embedded in web sites turn up soon.

news from aviratech

Read More......

Twitter Spam Trough Email

Twitter spam messages through the distribution of mass, Symantec Security Response has detected a false invitation Twitter bring worm email bulk dangerous. Described Ronnie Ng, Manager of Systems Engineering & Singapore Indonesia Symantec, the name is dangerous insert Invitation Card.zip and identified as W32.Ackantta.B @ mm, which was first found in viruses attack e-card in February.

W32.Ackantta.B @ mm is a mass email worm collects email addresses from computers that are infected and spread with a copy to yourself flash disk / external hard drives and folders that can be accessed by many people. Messages observed appear as if sent from Twitter account. However, different from the original Twitter message, there is no URL appears in the body of the invitation email. Instead the user will see the insertion that appears as a. Zip which contains the card, such as invitations.

Parenthetically that this is dangerous to bring a mass email worm collects email addresses from computers that are infected and spread with a copy to yourself flash disk / external disks and folders that can be accessed by many people. In May 2009, Symantec observed that spam levels increased to levels approaching 90% of all email, consistent with the level observed in May 2008.

As Twitter continues to achieve popularity among users of social networks, people routinely receive email updates and invitations from other users. Symantec estimates spammers will continue to use Twitter and social networks as a popular bait in their attacks. 

Read More......