Microsoft Security Intelligence Report, Volume 8

The eighth volume of the Microsoft Security Intelligence Report (SIR) has been published. It covers July 2009 through December 2009 and is available in 11 languages.

As described at the MMPC Blog,

"Inside, you’ll find 248 pages of in-depth information about malware, spam, malicious Web sites, vulnerabilities, and exploits that are relevant to the Windows platform. This volume contains a new Mitigation Strategy section that provides collective advice and best practices from our own Microsoft IT organization along with other security experts from all around Microsoft. We’ve also greatly expanded our international coverage section for malware distribution. You’ll find detailed analysis for 26 countries around the globe."

The SIR is a very comprehensive report. If the 248 pages are a bit daunting, you may find the "Key Findings" a bit more palatable. You can page through the Key Findings from Microsoft Security Intelligence Report Volume 8 or download it or the full report form the link below.


Download:

• Security Intelligence Report
• Key findings summary

Clubhouse Tags: Clubhouse, Security, Microsoft, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Windows Community Live Meeting

Would you like more information about the Microsoft/Windows online Community? If you do, why not join an online live conversation with Microsoft Community Managers Matt Bernardy and Jake Grey?

The meeting will be held on May 4^th, 2010 from 9:00 A.M. – 10:00 A.M. PMT. At the session, you will have the opportunity to learn more about the Clubhouse, Microsoft Answers, the MVP Program and to ask questions about all the Windows community programs.

To join, follow these simple steps:

1. Find out what time this Live Meeting is in your country/region.
   
2. Download Microsoft Office Live Meeting 2007. Note: If Live Meeting is not installed on your computer, it is recommended that you download the program several hours in advance to avoid technical difficulties during the session.
   
3. Enter the meeting and fill in your name.

Clubhouse Tags: Clubhouse, Microsoft, Microsoft Answers, Microsoft MVP, Information, Windows,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Microsoft Office 2010 Reaches RTM!

As announced today on the Microsoft Office 2010 Engineering Blog, Microsoft reached the release-to-manufacturing (RTM) milestone for Office 2010, SharePoint 2010, Visio 2010 and Project 2010.

The official launch of Office 2010 will be on May 12, 2010 in New York City. Virtual launch events also kick off that day.Office 2010 will first become available in retail stores in June in the United States. The retail versions of Office 2010 can be pre-ordered now at the Microsoft Store to receive Office when it becomes available.

If you are using Office 2010 Beta or plan on upgrading from Office 2003 or Office 2007 to the latest version, a great resource is at hand in The Office Blog. From there you can also find links to all of the Office products blogs, including Microsoft Access, Excel, Outlook, Word, etc.

If you are located on the East Coast, you can learn more about Office 2010 during the Get On the Bus Tour during its 10-city road tour to the East Coast toward New Orleans and Tech-Ed 2010. The sessions are free and will include dive deep into both Windows 7 and Office 2010. If the bus won’t be stopping near you, there are opportunities available for IT Pros and Developers at 2010 Launch Events.

Clubhouse Tags: Clubhouse, Microsoft, Office, Announcement, Information, RTM

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Update: Java Runtime Environment (JRE) 6

Oracle released update 20 for Java SE JDK 6 and Java SE JRE 6. The update addresses the Alert for CVE-2010-0886 vulnerability. As described by Oracle, the vulnerabilities

". . . only affect Java when running in a 32-bit web browser. These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For a successful exploit, a user running an affected release in their browser will need to visit a malicious web page that exploits this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user's system."

Download Update: Java SE Runtime Environment 6u20

Please check add/remove programs to ensure that you have uninstalled all prior (and vulnerable) versions of SunJava.

Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

References:

• Release Notes
• Critical Patch Updates and Security Alerts
• Map to Public Vulnerability to Advisory/Alert

Clubhouse Tags: Clubhouse, Security, Vulnerabilities, Updates, Java


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Windows Vista RTM Support Ended

Mainstream support for all copies of Windows Vista (Home Basic, Home Premium, Business, Enterprise, and Ultimate) ended on April 13, 2010, unless you have upgraded to Service Pack 1 or higher.

Following is a chart from the Microsoft Support Lifecycle website that helps explain what is lost when Mainstream support ends:

In order to access updates on Windows Update, it is important to update to Service Pack 1 (SP1) which extends Mainstream Support for Windows Vista to July, 2011. Following SP1 installation, upgrade to Service Pack 2 (SP2 requires SP1 installation first). SP2 support is currently supported until April 2012. After that date, Extended Support is only available to Windows Vista Business/Enterprise to 2017.

Clubhouse Tags: Clubhouse, Security, Microsoft, Windows Vista, Support, Information, Updates

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Critical Adobe and Adobe Acrobat Update

Adobe has taken to using the same "patch Tuesday" as Microsoft. If you use Adobe Reader or Adobe Acrobat, it is strongly advised that you update as soon as possible. Personally, for home use, I have replaced Adobe Reader with an alternate PDF reader. There are a number of open source readers available from http://pdfreaders.org/.

From the Adobe Security Bulletin:

Summary

Critical vulnerabilities have been identified in Adobe Reader 9.3.1 (and earlier versions) for Windows, Macintosh, and UNIX, Adobe Acrobat 9.3.1 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.1 (and earlier versions) and Adobe Acrobat 8.2.1 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.2. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.2, Adobe has provided the Adobe Reader 8.2.2 update.) Adobe recommends users of Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.2. Adobe recommends users of Acrobat 8.2.1 and earlier versions for Windows and Macintosh update to Acrobat 8.2.2.

Affected software versions

Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh

Solution

Adobe Reader
Users can utilize the product's automatic update feature. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Additional update information is available in the Security Bulletin.

Reference:

Adobe - Security Bulletins: APSB10-09 - Security update available for Adobe Reader and Acrobat

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Microsoft released 11 security bulletins to address 25 vulnerabilities: five rated Critical, five rated Important and one rated Moderate. The release affects Windows, Microsoft Office, and Microsoft Exchange.

Also note that the Malicious Software Removal Tool (MSRT) was updated to include Win32/Magania.

The table from the Security Research & Defense blog, referenced below, clarifies the importance of the updates. Note further that Windows 7 is not affected in several of the updates.


References:

• MSRC: The Microsoft Security Response Center (MSRC) : April 2010 Security Bulletin Release
• MSR&D: Assessing the risk of the April Security Bulletins
• TechNet: Microsoft Security Bulletin Summary for April 2010

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Fake Security Programs -- Rogues

Malware disguised as security programs; that is, rogues, have been plaguing internet surfers for the past five years. As time passes, the rogues have become more sophisticated, having the ability to disable Windows Update, firewall, antivirus and anti-malware software, cause web search re-directs and change file associations.

I follow a number of resources to stay up-to-date on the latest rogues. Often times two or three new rogues can be reported in any given day. These sources include sites such as Malwarebytes blog, updates by S!Ri on his blog, Bleeping Computer reports such as "Script kiddies making rogues for fame and not profit", SunbeltBLOG and others.

Security Garden readers may not have much interest in following those sites. However, it is important that you understand what a rogue is and what it can do. Even more importantly, understand how to check for and remove a rogue if your computer becomes infected. Just like the realistic phishing e-mails you may occasionally receive in your mailbox, the rogues are very realistic appearing.

The brief videos linked below were created by Microsoft to provide general information and help about rogue software. Take a few minutes now to add to your personal knowledge base so you will know not only what to do but, most importantly, how to prevent your computer from being infected.

What is rogue software?




How to check for rogue software?



How to defend your computer against rogue software?



Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Safety, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

April 2010 Bulletin Release Advance Notification

On Tuesday April 13, 2010, Microsoft will release 11 bulletins addressing 25 vulnerabilities in Windows, Microsoft Office, and Microsoft Exchange.

In addition, Microsoft will be closing the following open Security Advisories with next week’s updates:

· Microsoft Security Advisory (981169) - Vulnerability in VBScript Could Allow Remote Code Execution.

· Microsoft Security Advisory (977544) - Vulnerability in SMB Could Allow Denial of Service

Please also note the included reminder in the MSRC blog post that products/service packs will no longer receive security updates.

• Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
• Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.
  
• Windows Vista RTM will no longer be supported after the April 13, 2010 bulletin release. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.

References:

• MSRC Blog: April 2010 Bulletin Release Advance Notification
• TechNet: Microsoft Security Bulletin Advance Notification for April 2010

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Happy Easter

My husband is from Ukraine so we celebrate Easter according to Ukrainian traditions. What ever traditions you follow, I wish you a Happy Easter.

"Khrystos Voskres!"

(Christ is Risen!)

"Voistyno Voskres!"

(He is Truly Risen!)

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Mozilla Firefox 3.6.3 Security Update

Mozilla released Firefox version 3.6.3 to fix the vulnerability Nils used at CanSecWest to "take down" Firefox in the Pwn2Own Event (See Pwn2Own hack topples Firefox on Windows).

Security Advisory

"Title: Re-use of freed object due to scope confusion
Impact: Critical
Announced: April 1, 2010
Reporter: Nils (MWR InfoSecurity)
Products: Firefox

Fixed in: Firefox 3.6.3

Description

A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.


Note: The contest winning exploit only affects Firefox 3.6 and not earlier versions. We will be patching Firefox 3.5 in an upcoming release just in case there is an alternate way of triggering the bug."

References:

• Release Notes
• Security Advisory

Clubhouse Tags: Clubhouse, Security, Vulnerabilities, Updates, Information






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More