From the category archives:

Microsoft

Microsoft Security Advisory (981374)

by certifiedbug on March 9, 2010

in Microsoft

TechNet

Vulnerability in Internet Explorer Could Allow Remote Code Execution

Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected. The main impact of the vulnerability is remote code execution. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.

http://www.microsoft.com/technet/security/advisory/981374.mspx

{ 0 comments }

Mariposa Botnet infection cleanup

by certifiedbug on March 6, 2010

in Microsoft

Microsoft Malware Protection Center. In focus: Mariposa botnet

The MMPC added Win32/Rimecud to MSRT’s removal capability in January 2010 and between January and February reported over 1 million distinct machines disinfected from this worm.

The Mariposa botnet criminals presumably use a number of different threats, but it appears to be primarily Win32/Rimecud. It is great to see our industry colleagues moving in the same direction to address these disruptive threats. Rimecud isn’t particularly new and the criminals apparently were trading their goodies at their counter. We first observed Win32/Rimecud in November 2008.

Since January 2010
Rimecud

Certifiedbug: March 3, 2010. Three arrested for running “Mariposa” botnet

{ 0 comments }

Microsoft Security Bulletin Advance Notification for March 2010

March 4, 2010

The Microsoft Security Response Center (MSRC)
Advance Notification. Preliminary information, subject to change.
Today we are providing advance notification to customers that we will be releasing two bulletins this month affecting Windows and Microsoft Office products. Both bulletins are rated Important and address a total of 8 vulnerabilities.
We recommend that customers review the Advance Notification webpage and [...]

Read the full article →

MS10-015 security update re-released

March 3, 2010

The Microsoft Security Response Center (MSRC)
Jerry Bryant
Sr. Security Communications Manager Lead
I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection [...]

Read the full article →

win32hlp and Internet Explorer issue

February 28, 2010

The Microsoft Security Response Center (MSRC)
Sunday, February 28, 2010
On Friday 2/26/2010, an issue was posted publicly that could allow an attacker to host a maliciously crafted web page and run arbitrary code if they could convince a user to visit the web page and then get them to press the F1 key in response to [...]

Read the full article →

Microsoft knocks out Waledac Botnet

February 25, 2010

Microsoft, a founding member of the Botnet Task Force, announced that a federal judge has granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals controlling a vast network of infected PCs.

This action has quickly and effectively cut off traffic to Waledac at the “.com” or domain registry level, [...]

Read the full article →

Alureon Rootkit and MS10-015 Issues

February 18, 2010

Wednesday, February 17, 2010
The Microsoft Security Response Center (MSRC)

Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and [...]

Read the full article →

Update – MS10-015 Issues

February 12, 2010

Friday, February 12, 2010
The Microsoft Security Response Center (MSRC)
Update – Restart Issues After Installing MS10-015
In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes [...]

Read the full article →

MS10-015 Issues

February 11, 2010

The Microsoft Security Response Center (MSRC)
Thursday, February 11, 2010 4:07 PM
Restart issues after installing MS10-015
Jerry Bryant. Sr. Security Communications Manager Lead writes,
I am writing to let you know that we are aware that after installing the February security updates a limited number of users are experiencing issues restarting their computers. Our initial analysis suggests that [...]

Read the full article →

WGA spyware lawsuit tossed out

February 10, 2010

Arstechnica
A lawsuit that accused Microsoft of misleading consumers to download and install an update for Windows Genuine Advantage (WGA) under the guise that it was critical security update has been tossed out. Last month, a federal judge refused to certify the lawsuit as a class action, which would have meant anyone who owned a Windows [...]

Read the full article →

← Previous Entries