Posts tagged as:

Microsoft

Rogue-Security Essentials 2010

by certifiedbug on February 25, 2010

in Scareware Rogues

Rogue security products use false advertising, drop malware and often have a similar name or appearance to legitimate security software.

Scareware has already mimicked the Windows Security Center. This one mimics Microsoft Security Essentials and calls itself “Security Essentials 2010”.

Microsoft Malware Protection Center.

As we in the MMPC have always been quick to point out, Microsoft Security Essentials can be downloaded and used without charge by users running genuine Windows (from here: http://www.microsoft.com/security_essentials/). So anything mimicking Microsoft Security Essentials but asking for any sort of payment is clearly Up To No Good.

Screen-shots and more information at the MMPC Threat Research & Response Blog.

Microsoft detects the imposter as Trojan:Win32/Fakeinit. Encyclopedia here

http://certifiedbug.com/blog/category/scareware-rogues/

{ 0 comments }

Microsoft Security Advisory (980088)

by certifiedbug on February 4, 2010

in Browser

TechNet.

Vulnerability in Internet Explorer Could Allow Information Disclosure
Published: February 03, 2010

Version: 1.0

Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location. These versions include Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008.

The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites.

At this time, we are unaware of any attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Article: http://www.microsoft.com/technet/security/advisory/980088.mspx

{ 0 comments }

DirectShow vulnerability exploited in drive-by attacks

July 6, 2009

From The Internet Storm Center
Handler Stephen Hall
A 0-day exploit within the msVidCtl component of Microsoft DirectShow is actively being exploited through drive-by attacks using thousands of newly compromised web sites, according to CSIS. The code has been published in the public domain via a number of Chinese web sites.
Please keep a watchful eye on your [...]

Read the full article →

Media whips users into Conficker frenzy

March 31, 2009

With April 1st around the corner sensational Conficker “journalism” is rampant in the media.
Better to be informed by reliable security researchers, Please, the world is NOT ending on April 1 and Microsoft, Protect yourself from the Conficker computer worm
Ed Bott: McAfee fails the Conficker test
Update
F-Secure: Conficker’s domain routine has already started
http://certifiedbug.com/blog/tag/conficker/

Read the full article →

Grab bag

March 13, 2009

Anti-Social Networking
Differences between IE8 Compatibility View and IE7
Completing the Windows Experience with Windows Live
TinyURL usage becoming more common in Phishing and IM Attacks – Harry Waldron – Corporate and Home Security
Conficker.C variant set for April 1st surprise, CA says
Security Updates available for Adobe Reader 9 and Acrobat 9
Foxit version 3.0 fixes serious vulnerabilities in its [...]

Read the full article →

Microsoft researchers developing new web browser

February 23, 2009

“Gazelle’s Browser Kernel is an operating system that exclusively manages resource protection and sharing across web site principals.”
This prototype for a secure web browser could offer a greater degree of security by helping prevent malicious access to a computer’s underlying operating system.
http://research.microsoft.com/apps/pubs/default.aspx?id=79655
The Multi-Principal OS Construction of the Gazelle Web Browser (PDF)

Read the full article →

Conflicker grounded French fighter planes

February 9, 2009

According to reports, the French military ignored Microsoft’s Security Bulletin MS08-067 Critical Update ‘out of cycle’ warning and failed to install the necessary security measures, resulting in French fighter planes unable to take off after military computers were infected by “Conficker”.
http://certifiedbug.com/blog/tag/conficker/
Naval officials said it suspected someone at the navy had used an infected USB key. [...]

Read the full article →

Internet Explorer 8 Release Candidate

January 26, 2009

We’re excited to make the IE8 Release Candidate available today for public download today in 25 languages for Windows Vista, Windows XP, and Windows Server customers.
You can find it at http://www.microsoft.com/ie8. Please download it now and try it out. We welcome your feedback!
IEBlog
Release Notes:
http://support.microsoft.com/kb/949787
Please be sure to read before installation.

Read the full article →

2009 International Consumer Electronics Show

January 5, 2009

CES will be held in Las Vegas, Jan. 8–11.
Steve Ballmer, chief executive officer of Microsoft, and Robbie Bach, president of the Entertainment & Devices Division, will deliver the pre-show 2009 International CES keynote address at 6:30 p.m. PST Wednesday, Jan. 7, in the Palazzo Ballroom at the Venetian Resort Hotel Casino
http://www.microsoft.com/presspass/press/2009/jan09/01-02CES2009MA.mspx
Update. January 8, 2009.
Microsoft Watch:
Steve [...]

Read the full article →

MSRT Review on Win32/FakeSecSen Rogues

November 20, 2008

An updated version of the Microsoft Windows Malicious Software Removal Tool (MSRT) is released on the second Tuesday of each month, and as needed to respond to security incidents.
Added to MSRT’s November release, Win32/FakeSecSen has been removed from 994,061 distinct machines, 548,218 of them in the USA.
Microsoft® Malware Protection Center.
Now how did one’s machine get [...]

Read the full article →

← Previous Entries