Intego Security Alert
Malware: OSX/OpinionSpy
Risk: High
Description: Intego has discovered a spyware application that is installed by a number of freely distributed Mac applications and screen savers found on a variety of websites. This spyware, OSX/OpinionSpy, performs a number of malicious actions, from scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.
OSX/OpinionSpy is installed by a number of applications and screen savers that are distributed on sites such as MacUpdate, VersionTracker and Softpedia. The spyware itself is not contained in these applications, but is downloaded during the installation process.
http://blog.intego.com/2010/06/01/intego-security-alert-osxopinionspy-spyware-installed-by-freely-distributed-mac-applications/
by certifiedbug on April 12, 2010
in Microsoft
The Microsoft Security Response Center (MSRC)
Advance Notification. Preliminary information, subject to change.
Tuesday April 13 Microsoft will release 11 bulletins addressing 25 vulnerabilities in Windows, Microsoft Office, and Microsoft Exchange.
The following open Security Advisories will be closed with this update:
- Microsoft Security Advisory (981169) – Vulnerability in VBScript Could Allow Remote Code Execution.
- Microsoft Security Advisory (977544) – Vulnerability in SMB Could Allow Denial of Service
The April edition of the monthly bulletin webcast will be held on Wednesday April 14 at 11:00 a.m. PST (UTC -8)
Register for the webcast:
https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032427721
- Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
- Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.
- Windows Vista RTM will no longer be supported after the April 13, 2010 bulletin release. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.
by certifiedbug on March 4, 2010
in Microsoft
The Microsoft Security Response Center (MSRC)
Advance Notification. Preliminary information, subject to change.
Today we are providing advance notification to customers that we will be releasing two bulletins this month affecting Windows and Microsoft Office products. Both bulletins are rated Important and address a total of 8 vulnerabilities.
We recommend that customers review the Advance Notification webpage and prepare to deploy these bulletins as soon as possible. To provide additional guidance for deployment prioritization, customers should note that both bulletins will address issues that would require a user to open a specially crafted file. There are no network based attack vectors.
We’re also continuing to monitor the situation with Security Advisory 981169, the VBScript issue disclosed on Monday. There are no known attacks but we encourage customers to review the advisory and apply the suggested workarounds where possible. Customers that are running Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista are not affected.
The March edition of the monthly bulletin webcast will be held on Wednesday, March 10 at 11:00 a.m. PST (UTC -8)
Register for the webcast here: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032427711
Reminder
After the dates below, those products/service packs, will no longer receive security updates thus it is important to move to supported platforms.
- Windows XP Service Pack 2 will no longer be supported after July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
- Windows Vista RTM will no longer be supported after April 13, 2010. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.
- Extended support for Windows 2000 will also be retired as of July 13, 2010. After that time, we will no longer provide security or any other updates for Windows 2000.
by certifiedbug on November 13, 2009
in Microsoft
Microsoft announces that it has launched a dedicated Twitter feed for its anti-piracy enforcement team. Despite attempts by Microsoft and other IT companies to curb piracy, often through aggressive policies, a recent report by McAfee suggests that the rate of file-sharing sites hosting unauthorized content has been rising steadily in the past few months.
eWeek
MSFTGenuine: http://twitter.com/MSFTGenuine
