Hotmail Security to Protect and Recover Your Account

Time and time again I see reports from Hotmail users who have lost control of their e-mail account.  As explained by Walter Harp, Director of Product Management, Windows Live, in Helping people protect their Hotmail accounts:

"In the last two years, consumer webmail and social networking services across the web have experienced an increase in the incidence of hijacking, which occurs when someone illegally gains access to another person’s account – email, social profile - and then uses that account for malicious activity. In a typical scenario, hackers will hijack large numbers of accounts and then use those accounts to send spam or social invites to the victims’ friends or others on the victims’ contact lists."  

To begin the process of recovery, hackers were purged from legitimate accounts that were identified as compromised.  The next part of the process are new security features available in Hotmail.  Now if you forget your password or your account is compromised, your Hotmail account can be recovered.  However, it is up to each of us to add the information to strengthen our account, whether by adding a secret question, alternate email, mobile number, or the newly added “Trusted PC” to your account.

How to verify your Hotmail Credentials

The options below for verifying your Hotmail credentials are accessible by clicking on your account name when logged on to Hotmail.  Select "Account", provide your account password in the requested field.  The options are located in the section on "Password reset information".

1) Designate an alternate e-mail address.  Be careful when entering the alternate e-mail address as it will need to be confirmed.

 
2) Add your mobile phone number and receive a text message with a secret code via SMS that can be used to reset your password and reclaim your account.

 3)  Create a secret answer:

Security Recommendation: 

Although providing a "secret answer" is commonly used as a means of recovering accounts, caution needs to be exercised.  Using easily determined information as your secret answer, is not advised.  Instead, for sites that still use such common personal information, use consistent false information that you will remember.

4)  Set up a "Trusted PC" -- With a trusted PC added, this becomes the only computer that can be used to recover or change your password from somewhere else. 

Note:  To add a trusted PC to your account, you need to have Windows Live Essentials installed.

If your Hotmail account is not accessible, start at Account Compromise - Unauthorized Account Access.  If assistance is still needed, a dedicated support path is available from Microsoft at http://windowslivehelp.com/accountrecovery. 

Additional security features in Hotmail include the following:

Trusted senders

One feature I am particularly looking forward to is the "Trusted Sender". This feature visually identifies legitimate mail from about 100 senders, mostly financial institutions like banks, that are commonly spoofed by identity thieves.

Account security information

The new Hotmail encourages you to increase the security of your account by adding security information that you can privately associate with your Hotmail account. For example, you can use your cell phone or other items as proof of account ownership. Then, should a problem arise with your account, you can be sent an account recapture code via an SMS message or enable regaining account access.

Single-use codes

For times when you will be using a public computer (i.e., at an internet cafe, airport, coffee shop), All it takes is clicking "request a code", and a one-time use authentication code will be sent to a private proof point (mobile phone or alternate e-mail address). By using a single-use code on a public computer instead of your password, you avoid the chances of it being stolen by key-loggers.

Full-session SSL

Hotmail currently supports SSL encryption at Wi-Fi locations but will be adding full SSL encryption later this fall.

Update: Hotmail Now Includes Full-Session HTTPS Encryption

Additional Topics on Managing Hotmail

• Hotmail Security, Common Passwords Blocked
• Hotmail Full-Session HTTPS Encryption
• Hotmail Security, How to Report a Hacked Account
• How to use Hotmail Aliases
• Link Windows Live IDs in Hotmail
• Use Hotmail to Manage All Your E-Mail Accounts
• Using Hotmail Plus Addresses

References

• Account Compromise - Unauthorized Account Access
• Helping people protect their Hotmail accounts
• Hotmail: Tips to help protect your account - Help protect your account
• Hotmail security updates protect you from account hijackers
• Security upgrades in the new Hotmail

Clubhouse Tags: Clubhouse, Windows Live, Hotmail, Security, Microsoft, Windows, How To, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Out of Band Release to Address Microsoft Security Advisory 2416728

Microsoft announced today an out-of-band security update to address the vulnerability discussed in Security Advisory 2416728. The update is scheduled for release tomorrow, Tuesday, September 28, 2010 at approximately 10:00 AM PDT.

The bulletin has a severity rating of Important and addresses a publicly disclosed vulnerability in ASP.NET that affects all versions of the .NET Framework when used on Windows Server operating systems.  Although Windows desktop systems are listed as affected, there is no vulnerability to desktop systems unless running a Web server from the computer.

Unlike what usually happens when an update is released, this MSRC Blog explained that this will handled differently:

"The security update is fully tested and ready for release, but will be made available initially only on the Microsoft Download Center. This enables us to get the update out as quickly as possible, allowing administrators with enterprise installations, or end users who want to install this security update manually, the ability to test and update their systems immediately.  We strongly encourage these customers to visit the Download Center, download the update, test it in their environment and deploy it as soon as possible.

The update will also be released through Windows Update and Windows Server Update Services within the next few days as we test to make sure distribution will be successful through these channels. This approach allows us to release sooner to customers who may choose to deploy it manually without delaying for broader distribution.  

For customers using Automatic Update, this Security Update will automatically be applied once it is released broadly. Once the Security Update is applied, customers are protected against known attacks related to Security Advisory 2416728."

 


References:

• MSRC Blog: Out of Band Release to Address Microsoft Security Advisory 2416728
• TechNet: Microsoft Security Bulletin Advance Notification for September 2010
• TechNet: Security Advisory 24156728

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Microsoft Security Essentials for Small Businesses

Originally released as a free anti-virus software for personal use, Microsoft announced today that Microsoft Security Essentials (MSE) will be free to use for organizations with up to 10 PCs.  The change will take effect early in October. 

At the Windows Team Blog, the reasons below were provided as reasons why many consumers and small business computers are unprotected and why Microsoft is making this change in the terms of use:

• "Performance Concerns:  Customers worry that antimalware software can impact the performance of their machines and degrade their computing experience.
• Customer Confusion: Many customers are confused by trials and annual subscription renewals, in many cases believing their PCs are covered when in fact their subscriptions have expired and they are at risk.
• Payment Method Barriers: Traditional online subscription and payment models do not work in emerging markets where customer and small business credit is not always readily available.
• Cost: Many consumers and an increasing number of small businesses are either unwilling or unable to pay the ongoing subscription costs for the security suite solutions that come on their PCs."

Having witnessed first hand what family members went through in starting up a small business, I have no doubt that the last item listed above -- cost -- is the primary reason why small businesses forgo anti-virus protection.

The MSE works on Windows XP (Service Pack 2 or Service Pack 3); Windows Vista (Gold, Service Pack 1, or Service Pack 2) and Windows 7.  For additional information visit the Microsoft Security Essentials website.

Update:  For small businesses without dedicated IT support, managing a number of computers can be daunting.  Please see the article by Microsoft MVP Alan Burchill, "Group Policy for Microsoft Security Essentials".  Alan's article includes illustrated instructions as well as a link to an XML Group Policy Preferences Registry file for the Group Policy settings.

References:

• Microsoft Partner SMB Community Blog: Announcing: Microsoft Security Essentials available FREE to Small Businesses in October!
• PressPass:  Free Microsoft Security Essentials Coming for Small Businesses
• Windows Team Blog:  Microsoft Security Essentials now available for Small Businesses 
• Group Policy for Microsoft Security Essentials

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Antivirus, MSE, Microsoft Security Essentials, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Adobe Flash Player Critical Security Update

An Adobe Security Bulletin has been posted to address a critical security issue in Adobe Flash Player.  As described in the Adobe PSIRT Blog: Security update available for Adobe Flash Player:

"Today, a Security Bulletin has been posted to address a critical security issue (CVE-2010-2884) in Adobe Flash Player. This Security Bulletin affects Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.92.10 for Android.  Adobe recommends users apply the update for their product installation. This addresses the issue first mentioned in Security Advisory APSA10-03. "

Although Adobe suggests downloading the upate from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, the direct download links are as follows:

• IE: http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe
• Non-IE (Opera, Firefox etc) http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe

If you use the Adobe Flash Player Download Center, be careful to UNCHECK the box shown below. It is not needed for the Flash Player update!

1 MB

Free McAfee® Security Scan Plus (optional)

Free Google Toolbar (optional)

Search Google from any web page, block pop-ups
Learn more | Privacy policy | License

Free McAfee® Security Scan Plus (optional)

Verify Installation:
To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu.

Do this for each browser installed on your computer.

Verify the version of Adobe AIR installed on your system in the Adobe AIR TechNote.

Details from Security Bulletin APSB10-03:

Release date: September 13, 2010
Last updated: September 20, 2010
Vulnerability identifier: APSA10-03
CVE number: CVE-2010-2884
Platform: All

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Microsoft Security Advisory 2416728 Released

Microsoft released Security Advisory 24156728 which relates to a new public report of a vulnerability in ASP.NET.  All versions of Microsoft .NET Framework are affected.  Microsoft is currently not aware of any attacks using the vulnerability and is continuing to investigate.  Mitigations and workarounds are included in the Security Advisory.

The impact of the vulnerability as well as additional information is provided by the Security, Research and Defense Blog:

"ASP.Net uses encryption to hide sensitive data and protect it from tampering by the client. However, a vulnerability in the ASP.Net encryption implementation can allow an attacker to decrypt and tamper with this data.

But what can the attacker do with this capability? Part of the answer depends on the ASP.Net application being attacked. For example, if the ASP.Net application stores sensitive information, such as passwords or database connection strings, in the ViewState object this data could be compromised. The ViewState object is encrypted and sent to the client in a hidden form variable, so it is a possible target of this attack.

If the ASP.Net application is using ASP.Net 3.5 SP1 or above, the attacker could use this encryption vulnerability to request the contents of an arbitrary file within the ASP.Net application. The public disclosure demonstrated using this technique to retrieve the contents of web.config. Any file in the ASP.Net application which the worker process has access to will be returned to the attacker."

References:

• CVE Reference:   CVE-2010-3332
• MSRC Blog: Security Advisory 2416728 Released
• Security Research and Defense: Understanding the ASP.NET Vulnerability
• TechNet: Security Advisory 24156728

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Advisory, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Mozilla Firefox 3.6.10 Stability Update

Mozilla released Firefox version 3.6.10 to fix a single stability issue affecting a limited number of users.

If not prompted to update, existing Firefox users can update via Help > Check for Updates.

References:

• Release Notes
• Complete list of Changes
  

Clubhouse Tags: Clubhouse, Security, Updates, Information







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Internet Explorer 9 (Beta)

The long awaited IE9 Beta is available for download at Beauty of the Web.  Because IE9 is in the beta phase, the usual precautions apply to not running beta software in a production environment.

The most important note regarding compatibility is that IE9 is not compatible with Windows XP SP3.  A minimum of 512 megabytes (MB) memory is required for all operating systems. Please also note the prerequisites needed for installing the beta in Microsoft KB Article 2399238.

Operating System 

• Windows Vista 32-bit and 64-bit with Service Pack 2 (SP2) 
• Windows 7 32-bit and 64-bit 
• Windows Server 2008 32-bit and 64-bit with Service Pack 2 (SP2)

The first thing I noticed with the installation is the change in the look and feel.  Where was my beloved Favorites bar?

If you find some changes difficult to adjust to -- like the hidden Favorites, Command or Status bar, it is easy to show one or all.  A simple right-click in the space to the right of the New Tab button provides the option to add the old stand-by as well as the option to move the Stop and Refresh buttons.

A major promoted feature of IE9 is improved speed and performance. One way this is accomplished is the "Add-on Performance Advisor.  As would be expected, add-ons slow browser performance.  The Advisor provides the information needed to disable a problematic add-on or fix the problem from the notification area.

Forget the address bar.  It is all about "One Box".  With the One Box, you can pin a website by clicking the icon to the left of the web address and dragging it to the taskbar, the Start menu, or your desktop.  Then launch the site without first having to open Internet Explorer.

Another feature some people may like is when opening a new tab, a selection of favorite sites is displayed.  To go to a site from that selection, just click it.  

Top Keyboard Shortcuts

With the changes in IE9, many people may find it more efficient to accomplish common tasks by using keyboard shortcuts. 

Alt	Show the menu bar. After you make a selection, the menu bar goes away.
Alt+M	Go to your homepage.
Alt+C	View your favorites, feeds, and browsing history.
Ctrl+J	Open Download Manager.
Ctrl+L	Highlight the text in the Address bar.
Ctrl+D	Add a webpage to your favorites.
Ctrl+B	Organize your favorites.

Although I have only had IE9 installed for a couple of hours, I already appreciate the increased webpage viewing area of IE9 over previous versions of Internet Explorer.  I particularly like the combined search and address bar (One Bar).  Another feature of IE9 that Windows 7 users will appreciate is the Windows 7 integration, including Snap, Jump Lists, and more.  

Try IE9, I think you will like it!

References

• Download languages for Internet Explorer 9 Beta
• Get help for Internet Explorer 9 Beta
• How do I install or uninstall Internet Explorer 9? 
• Internet Explorer 9 Home
• Prerequisites for installing Internet Explorer 9 Beta

Clubhouse Tags: Clubhouse, Microsoft, Internet Explorer, IE9, Beta, Windows Vista, Windows 7, Information, Windows

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Bulletin Release for September, 2010

Microsoft released nine (9) bulletins addressing 13 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. Four of those bulletins carry a Critical rating, with the rest rated Important.  All except two relate to Remote Code Execution.

It is worthwhile noting that due to security enhancements in both products, there are no critical bulletins for Windows 7 or Windows Server 2008 R2. In addition, the Office bulletin does not affect Office 2010.

Microsoft has also released two security advisories:

• Security Advisory 2401593, which describes a vulnerability affecting Outlook Web Access (OWA) that may affect Microsoft Exchange customers to gain elevation of privilege. An attacker who successfully exploited this vulnerability could hijack an authenticated OWA session.
  

• Security Advisory 973811, is an updated Advisory enabling Outlook Express and Windows Mail to opt in to Extended Protection for Authentication.

For complete details, see the references listed below.


References:

• MSRC: September 2010 Security Bulletin Release
• TechNet: Microsoft Security Bulletin Summary for September 2010

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Advisory for Adobe Flash Player

Adobe issued a security advisory about a critical vulnerability in Adobe Flash Player 10.1.82.76 and earlier versions for all platforms.  The vulnerability also affects Adobe Reader and Adobe Acrobat 9.3.4.

This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system.  Although Adobe is currently not aware of any attacks using this vulnerability against Adobe Reader or Acrobat at this time, the exploit is being actively exploited in the wild against Adobe Flash Player.

Adobe reported that a fix is in the works for Adobe Flash Player and is expected to be released during the week of September 27, 2010.  Updates for Adobe Reader and Adobe Acrobat are not expected until the week of October 4, 2010.

If you use Firefox, you may be interested in QuickJava which provides the capability to enable and disable Java, Javascript, Flash, Silverlight and Images from the Statusbar and/or Toolbar without having to open any dialogs.


Release date: September 13, 2010
Vulnerability identifier: APSA10-03
CVE number: CVE-2010-2884
Platform: All


References:

• Adobe PSIRT: Security Advisory for Adobe Flash Player (APSA10-03)
• Security Advisory (APSA10-03) 
• US-CERT Current Activity

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit

Adobe updated Security Advisory APSA10-02 to add the mitigation that Windows users can utilize Microsoft's Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent this vulnerability from being exploited.

The Enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your computer system.  Rather than needing complicated code for applying mitigations due to security exploits, with EMET, mitigations can be applied on a per process basis. 



As explained in detail in the Security Research & Defense blog, with EMET enabled for AcroRd32.exe, the Adobe exploit in Security Advisory APSA10-02 is blocked.  Although it is recommended that you read the complete description, following are the instructions for blocking the exploit:

In order to enable EMET for Adobe Reader and Acrobat you have to install EMET and run the following simple command line as an Administrator. Please note the path to the Adobe Reader and Acrobat could be different in your system (especially if you are not using a 64 bit system).

C:\Program Files (x86)\EMET>emet_conf.exe -add "c:\program files (x86)\Adobe\Reader 9.0\Reader\acrord32.exe"

The changes you have made may require restarting one or more applications

EMET Supported OS:

Windows 7;Windows Server 2003 Service Pack 1;Windows Server 2008;Windows Server 2008 R2;Windows Vista Service Pack 1;Windows XP Service Pack 3



References:

• Adobe Product Security Incident Response Team (PSIRT) Blog: Update to Security Advisory for Adobe Reader and Acrobat (APSA10-02)
• Adobe - Security Advisories: APSA10-02 - Security Advisory for Adobe Reader and Acrobat
• Download: Enhanced Mitigation Experience Toolkit v2.0
• Security Research and Defense: Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit
• Security Research and Defense: The Enhanced Mitigation Experience Toolkit 2.0 is Now Available

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Waledac Botnet: R.I.P. b49

A botnet is a network of computers hijacked by bot-herders to spread malware, send spam and commit other forms of cyber crime, such as click fraud and DDoS (Distributed Denial of Service) attacks on websites.  In the case of the Waledac botnet, the network comprised tens of thousands of hijacked computers.


Waledac botnet background described by USA Today:

"The Waledac botnet was a major source of spam and PC infections, at its peak in 2009 delivering 1.5 billion spam messages daily. Microsoft added detection and filtering for Waledac infections to its free malicious software removal tool. But cleaning infected PCs one by one did not stop the command PCs.

By December, Microsoft Hotmail accounts were getting swamped with more than 650 million e-mail spam messages sent out by Waledac. That helped motivate the company to pursue a court order to shut down the command domains.

Even after the botnet's command center got knocked out, tens of thousands of infected PCs continued trying to phone home for instructions."

Waledac botnet take down:

Through the efforts of Microsoft’s Digital Crimes Unit, in partnership with Microsoft’s Trustworthy Computing team and the Microsoft Malware Protection Center, Microsoft undertook a combination of technical measures and previously untried legal techniques to disrupt and control the Waledac botnet, referenced by Microsoft as Operation b49,

The result of this effort takes us from this:

to this:  

Image from Accelerating Change through Technology

Additional background information is available in my earlier post, Waledac Botnet Takedown.

Clean-up:

The exciting news is that the legal action by Microsoft to permanently shut down the botnet was successful.  As a result, Microsoft is now in a position to work with Internet Service Providers (ISPs) and CERTS to help customers remove the Waledac infection from their computers. 

Although communications with the Waledac botnet remain dead, there are still If you believe  your computer is infected by Waledac, free help is available at the Microsoft Virus and Security Solution Center.

Prevention:

The standard advice applies:

1. Keep a software firewall turned on at all times.
2. Update not only your computer operating system but third-party software (i.e., Adobe products, Quick-Time and Java, as well.
3. Maintain up-to-date antivirus and anti-malware software.

The future of botnets from the Microsoft Blog:

"The Waledac takedown is the first undertaking in a larger Microsoft-led initiative called Project MARS (Microsoft Active Response for Security), which is a joint effort between Microsoft’s Digital Crimes Unit, the Microsoft Malware Protection Center (MMPC), Microsoft Support and the Trustworthy Computing team to annihilate botnets and help make the Internet safer for everyone.  We believe the Waledac takedown will be the first of many successful endeavors for Project MARS and we’re already working to apply the lessons we learned from this operation to future initiatives.  

We’re also seeing other members of the security industry and law enforcement taking proactive action to both study and dismantle other botnets, such as the recent actions against Mariposa and Pushdo/Cutwail.  While the approaches to these actions have differed somewhat from the Waledac takedown, all of these efforts demonstrate that the industry is beginning to take a more aggressive stance against botnets."

References:

• Microsoft B49 Virus Removal: Virus and Security Solution Center
• Microsoft Blog: R.I.P. Waledac: Undoing the damage of a botnet
• Microsoft on the Issues: Cracking Down on Botnets
• MMPC: An Update on Operation b49 and Waledac
• MMPC Blog: What we know and learned from the Waledac takedown
• USA Today: Microsoft gets legal might to target spamming botnets

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Vulnerabilities, Information

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Bulletin Advance Notification for September, 2010

On Tuesday, September 14, 2010, Microsoft is planning to release nine (9) bulletins addressing 13 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office. Four of those bulletins carry a Critical rating, with the rest rated Important.  All except two relate to Remote Code Execution.

Bulletin ID	Maximum Severity Rating and Vulnerability Impact	Restart Requirement	Affected Software
Bulletin 1	Critical Remote Code Execution	Requires restart	Microsoft Windows
Bulletin 2	Critical Remote Code Execution	May require restart	Microsoft Windows
Bulletin 3	Critical Remote Code Execution	May require restart	Microsoft Windows, Microsoft Office
Bulletin 4	Critical Remote Code Execution	May require restart	Microsoft Office
Bulletin 5	Important Remote Code Execution	May require restart	Microsoft Windows
Bulletin 6	Important Remote Code Execution	Requires restart	Microsoft Windows
Bulletin 7	Important Remote Code Execution	May require restart	Microsoft Windows
Bulletin 8	Important Elevation of Privilege	Requires restart	Microsoft Windows
Bulletin 9	Important Elevation of Privilege	Requires restart	Microsoft Windows

References:

• MSRC Blog: September 2010 Bulletin Release Advance Notification
• TechNet: Microsoft Security Bulletin Advance Notification for September 2010

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Advisory for Adobe Reader and Acrobat

Adobe released a critical security advisory for all platforms.  From the advisory:

"A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability."

Other than the announcement of the advisory, no additional details are available in the Adobe Product Security Incident Response Team blog.

Edit Note: Via my friend, Randy, a more indepth look at the vulnerability: Adobe Reader 0day under active attack

Release date: September 8, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883
Platform: All

References:

• Adobe - Security Advisories: APSA10-02 - Security Advisory for Adobe Reader and Acrobat
• Adobe Product Security Incident Response Team

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Vulnerabilities, Information,

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Mozilla Firefox 3.6.9 Security Update

Mozilla released Firefox version 3.6.9 which fixes several security and stability issues.  In addition, this version introduces support for the X-FRAME-OPTIONS HTTP response header. Site owners can use this to mitigate clickjacking attacks by ensuring that their content is not embedded into other sites.


If not prompted to update, existing Firefox users can update via Help > Check for Updates.

Security Issues Fixed in Firefox 3.6.9

• MFSA 2010-63 Information leak via XMLHttpRequest statusText
• MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
• MFSA 2010-61 UTF-7 XSS by overriding document charset using
• MFSA 2010-59 SJOW creates scope chains ending in outer object
• MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
• MFSA 2010-57 Crash and remote code execution in normalizeDocument
• MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
• MFSA 2010-55 XUL tree removal crash and remote code execution
• MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
• MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
• MFSA 2010-52 Windows XP DLL loading vulnerability
• MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
• MFSA 2010-50 Frameset integer overflow vulnerability
• MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)

References:

• Release Notes
• Complete list of Changes
  

Clubhouse Tags: Clubhouse, Security, Vulnerabilities, Updates, Information





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

New! MBR Backup by Mischel Internet Security

Introduced today by Mischel Internet Security, the makers of the well known Trojan Hunter software, is a very timely new program, MBR Backup.  This freeware program will allow you to easily back up the Master Boot Record (MBR).  In the event you need to restore the MBR you will have a valid copy available.

So, what does the MBR do?  The MBR is this first sector the BIOS locates when starting the computer.  It is also known as the partition table, or master boot block.  The MBR uses the partition information to determine which partition is bootable and then attempts to boot from it. If the MBR is damaged or corrupted, the data on your hard drive is lost. 

What we are finding today is MBR rootkits such as TDL3 (also known as TDSS or Alureon).  With MBR Backup, recovery from such situations may be possible. 

As described by Magnus Mischel, following is what MBR Backup does:

"MBR Backup helps you create a backup of your Master Boot Record. If you ever need to restore it you know you will have a valid copy available. MBR Backup gives you two ways of backing up your MBR - to a file or by printing(!) it. Believe it or not, printing it is actually the best method to back up your MBR, for several reasons:

• With a printout you always have a physical copy of the MBR to hand
• No chance of saving the MBR to a file on the hard drive that gets corrupted
• The MBR is only 512 bytes in size. Typing it in manually will be the least of your concerns if all your data is gone"

Product page:  http://www.misec.net/products/mbr-backup/
Download:  http://www.misec.net/products/MBRBackup.exe


Clubhouse, Microsoft, Windows, Security, Information

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More