Security Net Aggregator

Patch Tuesday Continues.. Now With IE Vulnerability!

Wed, 10 Mar 2010 01:30:35 +0100

This patch Tuesday had been quiet, perhaps too quiet.

It turns out there is also a new advisory for Internet Explorer.

For a more complete list, please see the SophosLabs Vulnerability Analysis page.

Prepoznajte lažni antivirus program

Wed, 10 Mar 2010 01:00:35 +0100

Blic: Predstavnici softverskog diva upozoravaju korisnike da se na internetu pojavilo antivirusno rešenje koje svojim nazivom pokušava da zavara korisnike da softver u stvari dolazi iz "Majkrosofta".

Re: Proces lsass.exe?

Wed, 10 Mar 2010 12:30:47 +0100

To je legitiman proces i sastavni je deo svakog Windowsa...medjutim,afere u vezi virusa su uglavnom vezane za ovaj proces (tipa lsass.exe itd.)...ako sumnjas ili ako imas jasne indikacije zaraze,odradi scan nekim anti-rootkit-om,npr F-Secure Blacklight... :)))

Mal/FakeAV-CS

Wed, 10 Mar 2010 12:00:37 +0100

GeoIPgen v0.4 – Country-to-IPs generator

Wed, 10 Mar 2010 12:00:37 +0100

GeoIPgen is a country-to-IPs generator. It's a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country.
Version 0.4 (07/03/2010)
Faster and smaller memory usage. It now uses the fast-random algorithm by default instead of the bit-field method
Re-wrote README file
Simplified usage instructions
Video: Geo (...) - Security Tools / Enumeration, Information Gathering, Network Discovery, GeoIPgen

March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th)

Tue, 09 Mar 2010 07:30:52 +0100

Overview of theMarch 2010 MicrosoftPatchesand their status.

#
Affected
Contra Indications
Known Exploits
Microsoft rating
ISC rating(*)

clients
servers

MS10-016
Vulnerability in Windows Movie Maker Could Allow Remote Code Execution

Moviemaker:

CVE-2010-0265

KB 975561
no known exploits.
Severity: Important

Exploitability: 1
Important
Important

MS10-017
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution

Excel:

CVE-2010-0257

CVE-2010-0258

CVE-2010-0260

CVE-2010-0261

CVE-2010-0262

CVE-2010-0263

CVE-2010-0264
KB 980150
no known exploits.
Severity: Important

Exploitability: 1,2,1,1,2,1,1
Critical
Important

We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.

The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them

--

John Bambenek

bambenek at gmail /dot/ com

Codevanced | ASP.NET MVC security checklist

Tue, 09 Mar 2010 05:30:42 +0100

Shared by dre
This is probably the coolest article I've seen in years

Mondo: Čuvajte se lažnog Microsoftovog antivirusa

Mon, 08 Mar 2010 10:00:49 +0100

Mondo

Kompanija Microsoft upozorila je korisnike na pojavu antivirusa koji ima slično ime kao i legitimni antivirus ove kompanije, ali se zapravo radi o trojancu.

Originalni naziv legitimnog antivirus programa glasi Microsoft Security Essentials, dok se lažni softver razlikuje u jednom slovu i nosi naziv Secirity Essentials 2010. Problem nastaje kada korisnici, koji u naslovu vide natpis Microsoft, automatski krenu sa učitavanjem lažnog antivirusa, ne znajući da time u kompjuter ubacuju malicioznog trojanca pod nazivom Win32/Fakeinit. Ovaj trojanac instalira lažnu antivirus komponentu koja gasi [...]
Vaš komentar

Mail Manager Pro CSRF Vulnerability / Milos

Fri, 05 Mar 2010 11:31:56 +0100

Mail Manager Pro / 1.0 / http://www.scriptsez.net/?action=details&cat=Mailing%20List%20Managers&id=1192650742 Vulnerability: Cross Site Request Forgery Author: Milos Zivanovic http://packetstormsecurity.org/0912-exploits/mmp-xsrf.txt http://secunia.com/advisories/37750/ http://www.exploit-db.com/exploits/10433

Incoming, outgoing Apple employees

Fri, 05 Mar 2010 05:00:46 +0100

Filed under: Apple Corporate, Software, Apple, Security

A few Apple employees played some musical chairs this week. Executive Pablo Calamera, who was in charge of MobileMe while at Apple, is off to work as the CTO of Thumbplay, a company that peddles ringtones and music to mobile devices.

HR shouldn't have to change the big "35,000 employed worldwide" sign, though: former Mozilla security chief Window Snyder was picked up by Apple this week. She'll jump in as a senior security product manager, a job that will take advantage of her work both at Mozilla and previously at Microsoft, where she worked on both Windows XP and Windows Server 2003. Sure, she's got the experience, but has she ever worked for a company that does this for its incoming employees? Didn't think so.

Incoming, outgoing Apple employees originally appeared on The Unofficial Apple Weblog (TUAW) on Thu, 04 Mar 2010 22:45:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments