Tech News » Security

Out-Of-Band IE Security Update (KB980182)

admin — Tue, 30 Mar 2010 16:05:15 +0000

Today, Microsoft released an out-of-band security update (KB980182) and related security bulletin (MS10-018) for all version of IE including IE8. The vulnerability affect virtually all version of Windows desktop and server platforms including 32-bit 64-bit and Itanium editions and can result in code execution by visiting a malicious or compromised website. This patch is marked as critical and Microsoft recommends that users install the fix immediately. (Also see Microsoft Security Advisory 981374 for more info)

Status: Critical
Version Affected:

Windows Internet Explorer 8, when used with:
- Windows Server 2008 for Itanium-Based Systems
- Windows Server 2008 Datacenter
- Windows Server 2008 Enterprise
- Windows Server 2008 Standard
- Windows Web Server 2008
- Windows Server 2008 R2 Datacenter
- Windows Server 2008 R2 Enterprise
- Windows Server 2008 R2 Standard
- Windows Web Server 2008 R2
- Windows 7 Enterprise
- Windows 7 Home Basic
- Windows 7 Home Premium
- Windows 7 Professional
- Windows 7 Ultimate
- Windows Vista Business
- Windows Vista Enterprise
- Windows Vista Home Basic
- Windows Vista Home Premium
- Windows Vista Ultimate
- Windows Vista Enterprise 64-bit Edition
- Windows Vista Home Basic 64-bit Edition
- Windows Vista Home Premium 64-bit Edition
- Windows Vista Ultimate 64-bit Edition
- Windows Vista Business 64-bit Edition
- Microsoft Windows XP Professional
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003, Datacenter x64 Edition
- Microsoft Windows Server 2003, Enterprise x64 Edition
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Windows Internet Explorer 7, when used with:
- Windows Server 2008 for Itanium-Based Systems
- Windows Server 2008 Datacenter
- Windows Server 2008 Enterprise
- Windows Server 2008 Standard
- Windows Web Server 2008
- Windows Vista Business
- Windows Vista Enterprise
- Windows Vista Home Basic
- Windows Vista Home Premium
- Windows Vista Ultimate
- Windows Vista Enterprise 64-bit Edition
- Windows Vista Home Basic 64-bit Edition
- Windows Vista Home Premium 64-bit Edition
- Windows Vista Ultimate 64-bit Edition
- Windows Vista Business 64-bit Edition
- Microsoft Windows XP Professional
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003, Datacenter x64 Edition
- Microsoft Windows Server 2003, Enterprise x64 Edition
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Internet Explorer 6.0, when used with:
- Microsoft Windows XP Professional
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003, Datacenter x64 Edition
- Microsoft Windows Server 2003, Enterprise x64 Edition
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Internet Explorer 6.0 SP1, when used with:
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows 2000 Server
Microsoft Internet Explorer 5.01 Service Pack 4, when used with:
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows 2000 Server

Microsoft Releases IE Patch for Aurora Vulnerability

admin — Fri, 22 Jan 2010 04:52:28 +0000

Today, Microsoft released a patch (KB978207) to address the IE security hole discovered after the Google attacks of last week. Interestingly, if you notice the patch isn’t just for IE6, but also IE7 and IE8, as discussed in our previous post.

If you have automatic updates enabled (as you should) this patch will be downloaded and installed automatically, but if you can’t wait (for example if you have a Windows Server 2003 or 2008 with auto-updates disabled), you can go to the link below and download and install it yourself:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a38aa9d0-c3fe-4d41-8805-7d5370263c1b

Behind the Google attacks

admin — Sat, 16 Jan 2010 04:42:57 +0000

Apparently the method used in compromising the Google emails last week (termed Aurora) was traced to an as yet unknown security hole in Internet Explorer. Microsoft claims that the security flaw is limited to Internet Explorer 6 and Windows XP only and very unlikely under Windows Vista or Windows 7, however experts, including McAfee disagree with Microsoft’s threat assessment.

http://www.mcafee.com/us/threat_center/aurora_enterprise.html

http://www.betanews.com/joewilcox/article/Should-you-dump-Internet-Explorer-NOW/1263750606

http://news.bbc.co.uk/2/hi/technology/8465038.stm

Even if you take Microsoft’s claim at face value, XP must be SP3 or later and Vista SP1, assuming the user didn’t disable Data Execution Prevention (DEP). Furthermore, DEP is not a panacea against memory buffer overflow attcks, as stated here:

http://www.microsoft.com/windows/internet-explorer/readiness/developers-existing.aspx

McAfee has so far explored only one of the attach vectors exploited in the Aurora attack. There may be, and likely are, more which we don’t know about, yet, and in fact those vectors may extend to Firefox, Opera and Chrome. We just don’t know yet.

Microsoft will likely come up with an out-of-band patch shortly. Until then, I am recommending using Firefox (all patched up, of course).

Experts, including the citation in my original message and McAfee disagree
with Microsoft's threat assessment.

http://www.mcafee.com/us/threat_center/aurora_enterprise.html

XP must be SP3 or later and Vista SP1, assuming the user didn't disable
Data Execution Precention (DEP). Furthermore, DEP is not a panacea against
memory buffer overflow attcks, as stated here:

http://www.microsoft.com/windows/internet-explorer/readiness/developers-existing.aspx

McAfee has so far explored only one of the attach vectors exploited in the
Aurora attack.  There may be, and likely are, more which we don't know
about, yet, and in fact those vectors may extend to Firefox, Opera and
Chrome.  We just don't know yet.

Microsoft will likely come up with an out-of-band patch shortly.  Until
then, I am recommending using Friefox (all patched up, of course).

Juniper Networks at NYSE

admin — Thu, 29 Oct 2009 17:41:26 +0000

Juniper Networks () announced its listing at the NYSE by ringing the ceremonial bell at the stock exchange floor and holding a conference in which Juniper CEO Kevin Johnson announced a range of new products and system, including Junos Space, a new software integration program which present an open platform through which third parties can develop applications to run under the company’s flagship, Junos network operating system. Also unveiled was Junos Pulse, which is an integrated software client, and the Trio chipset, which powers a new family of Juniper MX 3D routers.

With that, Juniper unveiled its strategy for opening and licensing its JUNOS operating system to developers and partners. It also rolled out a new generation of processors, called Trio, designed to massively scale the edge of the service provider network. It also introduced new MX-series Ethernet edge routers with “3D” scaling of bandwidth, subscribers and services.

In addition, Juniper disclosed Project Falcon, an initiative to develop products for the mobile packet core and subscriber management of 4G networks, as well as “universal edge” applications integrating wireline and wireless networks.

Lastly, Juniper provided an update on its Stratus cloud computing project that included three steps to cloud-enable a data center: simplify the environment through a unified fabric managed as a single switch; sharing resources through virtual partitioning and VPLS; and securing the environment with security policies based on the new JUNOS Space platform and enhancements to Juniper’s SRX Services Gateway.

Firefox disables Microsoft Plug-in

admin — Sun, 18 Oct 2009 01:33:24 +0000

Less than a week after Microsoft’s record-size patch update, Firefox disabled one of the Microsoft’s updates due to security flaws.

the recent Microsoft patch, which included 13 patches addressing 34 separate vulnerabilities in the Windows operating system, included a patch for the .NET Framework as well as two plug-ins for the Firefox browser called “Microsoft .Net Framework Assistant” and “Windows Presentation Foundation”, which got installed silently if you had Automatic Updates turned on. After discovering the vulnerability in this plug in, today Mozilla, with the knowledge and consent of Microsoft, disabled this plug-in from Firefox. You might see this screen pop up the next time you open Firefox:

Notice that the plug in is still installed on your system. If you want to completely remove it, go here for a removal tool.

Microsoft releases largest patch update yet

admin — Tue, 13 Oct 2009 14:10:20 +0000

Today, on “Patch Tuesday”, Microsoft release it’s largest set to date of patches for the Windows platforms.

There were 13 patches addressing 34 vulnerabilities including 2 zero-day flaws involving Server Message Block (SMB).

Those two technologies are addressed in MS09-054 (IE) and MS09-062 (GDI), which were two of the patches released Tuesday. The patches ran in number from MS09-050 to MS09-062.

Included in this update was also a re-release of patch MS08-069 to fix a vulnerability in Windows 7 and Windows Server 2008.

The most critical of these 13 patches are those for IE and Windows Graphics Device.

Microsoft releases regular patch updates on the second Tuesday of the month, however emergency patches (out of bound releases) may be released at any time.

Microsoft Antivirus released today

admin — Wed, 30 Sep 2009 04:30:16 +0000

The long-awaited free Microsoft antivirus designed to protect Windows desktops and users from malware was released today.

Today, Microsoft announced the release of its malware protection software. Labeled Microsoft Security Essentials, it is designed for the Windows operating systems (XP, Vista, Windows 7). Code named Morro and rumored to be in beta testing for months, Microsoft Security Essentials can be downloaded for free here.

Microsoft Security Essentials is a malware scanning tool and is targeted at consumers running Windows. It shares code base with Microsoft’s Forefront Client Security, however, unlike Forefront, it is only a detection and removal tool, not anti-virus and malware blocking features and unlike retail products such as McAfee, Symantec/Norton anti-virus and Kaspersky, it lacks central management.

Most security experts who examined and compared the product with existing products such as Malwarebytes, gave it a medium rating.

Microsoft also announced today the discontinuance of it’s legacy OnceCare product.