July 2007

From an administrator account, start Firefox > Help > Check for Updates.

Or download: http://www.mozilla.com/firefox/all.html

Release Date: July 30, 2007

Security Update:
The following security issues have been fixed.
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows

From Bill Pytlovany, WinPatrol.

Vista Won’t Silence Scotty’s Bark
The new WinPatrol 2007 was designed to be Vista compatible as well as introduce a few other new features like Delayed Start. Much to my surprise the number one bug reported with the new version was that Scotty no longer barked on Vista machines.

Bits from Bill

Apprantly a new version of WinPatrol will be released by the end of the month, making a lot of fans happy to have Scotty barking again. Woof.

{ 0 comments }

The Windows Vista Cleanup tool enables you to clear your disk of unnecessary files. However, as I found out, if you check the hibernation file cleaner box for removal, you will no longer see the ‘Hibernate’ option in Power Options after the Disk Cleanup.

This affected not only Sleep Mode, but also my Backup Power Supply Unit, both of which were unable to save my work in the event of a blackout.

I found this handy kb at Microsoft.

Article ID: 928897
Last Review: March 15, 2007
Revision : 1.2
The hybrid sleep feature and the hibernation feature in Windows Vista may become unavailable after you use the Disk Cleanup Tool

SYMPTOMS
After you use the Disk Cleanup Tool in Windows Vista, you may experience the following symptoms:

• You cannot see the Hibernate option in Power Options.

• When you use the sleep feature, the computer does not recover its settings if power is lost.

CAUSE
This problem occurs when the Disk Cleanup Tool disables the hibernation file. The hibernation file must be enabled to access the hybrid sleep feature and the hibernation feature in Windows Vista.

When the hibernation file is disabled, and the hybrid sleep feature is enabled, a backup of open programs and open files will not be saved to the disk when you use the sleep feature in Windows Vista. Additionally, if the computer loses power while the Windows is in sleep mode, open programs and open files will not be recovered, and any unsaved work will be lost.

RESOLUTION
To resolve this problem in Windows Vista, run the powercfg -h on command at a command prompt to enable the hibernate feature and the hybrid sleep feature. To run this command, follow these steps:

1. Click Start, click All Programs, and then click Accessories.
2. Right-click Command Prompt, click Run as administrator, type powercfg -h on, and then press ENTER.

http://support.microsoft.com/kb/928897/
© 2007 Microsoft Corporation. All rights reserved.

Worked like a charm, however you will not see a confirmation message to indicate whether or not you were successful.

A simple way to check: Control Panel > Power Options > Change Advanced Power Settings.

Hibernate should be back in the Sleep menu.

TRUSTe Blog: RelevantKnowledge Removed from TDP White List for Three Months

After notification by several sources, TRUSTe investigated a distributor installing comScore’s RelevantKnowledge on consumer machines through a security exploit.

The RelevantKnowledge application was observed being installed via a security exploit amongst several other applications. The following describes the series of events observed:

• The user visited an unauthorized distribution web site.

• A series of hidden frames were loaded containing links to dozens of other websites, including sites containing code designed to test and trigger security exploits on the user’s machine.

• by way of these exploits, a cascade of maliciously installed software was downloaded/installed onto the user’s machine without any form of consent. This software included RelevantKnowledge.

Sunbelt Blog: comScore gets a spanking

{ 0 comments }

Secunia Advisory: SA26095 Mozilla Firefox Multiple Vulnerabilities

Description:
Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks and potentially to compromise a user’s system.

1) Various errors in the browser engine can be exploited to cause memory corruption and potentially to execute arbitrary code.

2) Various errors in the Javascript engine can be exploited to cause memory corruption and potentially to execute arbitrary code.

3) An error in the “addEventListener” and “setTimeout” methods can be exploited to inject script into another site’s context, circumventing the browser’s same-origin policy.

4) An error in the cross-domain handling can be exploited to inject arbitrary HTML and script code in a sub-frame of another web site.

Secunia Advisory: SA26138 Opera BitTorrent Header Parsing Vulnerability

Description: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user’s system

The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced. This can be exploited to execute arbitrary code, when the user is tricked into clicking on a specially crafted BitTorrent file and then removes it via a right-click from the download pane.

The vulnerability is reported in version 9.21 on Windows. Other versions may also be affected.

Either update from within program or download manually.

Opera v9.22

Firefox v2.0.0.5

Thunderbird 2.0.0.5

US-CERT Current Activity

{ 0 comments }

At the Security Garden Corrine blogged Ed Bott’s ‘Vista Master Driver List‘, which she has added to Windows Vista Bookmarks

That led me to Robert McLaws: Windows Vista: Six Months In, Your Mileage May Vary

This may be news to Jessica Mintz of the Associated Press, but not every Vista user has been griping.

You can count me in, I have not encountered any driver problems with a Dell XPS which had Vista pre-installed. I did elect to go with a integrated sound card because the alternative was Sound Blaster. After my own experience with Creative after upgrading another machine to Vista Ultimate, I was not going to take that route again.

Of course some people will experience problems, that is to be expected when a new Operating System is released.

However it is a sweeping statement to imply this is a problem for everyone and his mother running Vista.

{ 0 comments }

Patches available for several critical vulnerabilities.

Adobe Flash Player.
Flash Player update available to address security vulnerabilities

Sun Microsystems.
Security Vulnerabilities in the Java Runtime Environment Image Parsing Code

Many of these vulnerabilities can be exploited to execute arbitrary code on victims’ computers just by making them access a malicious URL using any application that invokes Flash Player or JRE.

{ 0 comments }

Sean runs the Microsoft MVP Program and is a true community leader, this is his blog: Community Group Therapy

Couple a cool guys from my team (Ed Hickey and Brian Boston) Podcasting on the MVP Program.

The Voice of Support: Ed Hickey and Brian Boston.
The MVP Program In-Depth (Part 1 of 4)

The next 4 podcasts will focus on the ins and outs of the MVP program. Microsoft Most Valuable Professionals (MVPs) are exceptional technical community leaders from around the world who are awarded for voluntarily sharing their high quality, real world expertise in offline and online technical communities.

The Voice of Support: April Spence and Ben Miller.
The MVP Program In-Depth (Part 2 of 4)
The Voice of Support: April Spence and Mike Fosmire.
The MVP Program In-Depth (Part 3 of 4)

Update
Community and MVP Program Roadmap

The subject matter varies, all such emails are bad news and an attempt to get people to download an exe file.

Sample:

Virus Activity Detected!
Dear Customer,

Our robot has detected an abnormal activity from your IP adress
on sending e-mails. Probably it is connected with the last epidemic
of a worm which does not have official patches at the moment.

We recommend you to install this patch (< --- concealed link) to remove worm files
and stop email sending, otherwise your account will be blocked.

Postmaster

SANS: The ever morphing Storm

AusCERT: High volume of email linking to the “Storm Worm” malware