http://www.freerepublic.com/tag/securityflaw/ en-us Wed, 6 Dec 2006 15:14:46 GMT Focus Forum 15 http://www.freerepublic.com/focus/f-chat/1749271/posts 0xbl00d writes "Eweek.com is reporting a new Microsoft Word zero-day attack underway. Microsoft issued a security advisory to acknowledge the unpatched flaw, which affects Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. Simply opening a word document will launch the exploit. There are no pre-patch workarounds or anti-virus signatures available. Microsoft suggests that users 'not open or save Word files,' even from trusted sources." Slashdot http://www.freerepublic.com/focus/f-chat/1749271/posts#comment Wed, 6 Dec 2006 15:14:46 GMT http://www.freerepublic.com/focus/f-chat/1746748/posts "Microsoft's Vista may be vulnerable to at least three pieces of widespread malware, two of which date back to 2004 , according to security vendor Sophos," Tom Espiner reports for ZDNet UK. "At least three well-known Internet worms -- labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos -- are able to execute on the OS, according Sophos." "These worms comprise 39.7 percent of all malware currently in circulation, according to the security vendor. The MyDoom and Netsky variants were first detected back in 2004," Espiner reports. Espiner reports, "These are among the first flaws found in the finalised version of Vista.... MacDailyNews http://www.freerepublic.com/focus/f-chat/1746748/posts#comment Fri, 1 Dec 2006 04:06:57 GMT http://www.freerepublic.com/focus/f-news/1705072/posts Although Microsoft has acknowledged that in-the-wild exploits are taking advantage of an unpatched flaw in Internet Explorer, the developer has not committed to cranking out a fix before next month's regularly-scheduled update on Oct. 10. Users who want to protect themselves now, however, do have options. Disable the vulnerable .dll: In the security advisory posted yesterday, Microsoft suggested that users can disable the vulnerable "Vgx.dll" from the command line. -- Click Start, choose Run, and then type -- regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll -- Click OK, then click OK again in the confirmation dialog that appears. To undo the command,... TechWeb http://www.freerepublic.com/focus/f-news/1705072/posts#comment Wed, 20 Sep 2006 19:41:51 GMT http://www.freerepublic.com/focus/f-chat/1652816/posts Attack code for a new security hole in Excel has surfaced on the Internet, just as Microsoft is scrambling to respond to a separate bug in the spreadsheet program. The latest vulnerability could cause Excel to crash after a malicious file is opened, according to an alert Symantec sent to customers on Monday. The security company also said there was a risk that an intruder could commandeer a PC. "Attackers may also be able to execute arbitrary code…but this has not been confirmed," it said. The security hole exists because Excel fails to properly check user-supplied input before copying it... CNET News.com http://www.freerepublic.com/focus/f-chat/1652816/posts#comment Wed, 21 Jun 2006 02:47:56 GMT http://www.freerepublic.com/focus/f-chat/1649571/posts Microsoft today gave the world a rare -- albeit conservative -- glimpse of its view on just how bad the virus and bot problem has gotten for Windows users worldwide. The data comes from 15 months' worth of experience scanning computers with its "malicious-software removal tool," a free component that Microsoft offers Windows XP, Windows 2000 and Windows Server 2003 users when they download security updates from Microsoft. The tool has been run approximately 2.7 billion times by at least 270 million unique computers, leading to the removal of 16 million instances of malicious software from 5.7 million unique Windows-based... Washington Post http://www.freerepublic.com/focus/f-chat/1649571/posts#comment Thu, 15 Jun 2006 02:09:04 GMT http://www.freerepublic.com/focus/f-news/1609313/posts Excerpt - LAKE BUENA VISTA, Fla. — In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at... FoxNews.com (Excerpt) http://www.freerepublic.com/focus/f-news/1609313/posts#comment Wed, 5 Apr 2006 01:41:25 GMT http://www.freerepublic.com/focus/f-chat/1604381/posts A dangerous new exploit in Internet Explorer could put PCs and data at risk, Microsoft has admitted. The flaw, for which code has already been published on the internet, could be exploited to set an email-borne virus free on the unsuspecting public. Potential viruses could come as an attachment that conceals the code, or could possibly redirect users to a site that will unleash the code on the user's machine, leaving the computer open to remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs. Even supposedly... theregister.co.uk http://www.freerepublic.com/focus/f-chat/1604381/posts#comment Tue, 28 Mar 2006 02:58:48 GMT http://www.freerepublic.com/focus/f-news/1589886/posts Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed. In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing. But Microsoft has now quelled the suggestion that law enforcement might get such access. "Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail. The... Cnet http://www.freerepublic.com/focus/f-news/1589886/posts#comment Sat, 4 Mar 2006 14:22:54 GMT http://www.freerepublic.com/focus/f-news/1576965/posts Microsoft's Anti-Spyware program is causing troubles for people who also use Symantec's Norton Anti-Virus software; apparently, a recent update to Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it. According to several different support threads over at Microsoft's user groups forum, the latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)." When Microsoft Anti-Spyware users remove the flagged Norton file as prompted, Symantec's product gets corrupted and no longer protects the user's machine. The Norton user then has to go through the Windows registry and delete multiple... Washington Post http://www.freerepublic.com/focus/f-news/1576965/posts#comment Sun, 12 Feb 2006 13:35:35 GMT http://www.freerepublic.com/focus/f-news/1559010/posts This is a transcript from a show Steve Gibson did with Leo LaPorte. The link to the audio is at the above link. Also, I will excerpt a little of the relevant information here.Steve: And so, you know, because I'm a developer when I'm not being a hacker, I wanted to understand - oh, and the other thing is, I want to write a robust testing application, you know, that always works all the time. So I wanted to know, like, okay, what bytes have to be set which way, what matters, what doesn't. Because, you know, that's the way... Security Now! http://www.freerepublic.com/focus/f-news/1559010/posts#comment Mon, 16 Jan 2006 17:48:37 GMT http://www.freerepublic.com/focus/f-news/1550547/posts Looking forward to the week ahead, I find myself in the very peculiar position of having to say something that I don't believe has ever been said here in the Handler's diary before: "Please, trust us." I've written more than a few diaries, and I've often been silly or said funny things, but now, I'm being as straightforward and honest as I can possibly be: the Microsoft WMF vulnerability is bad. It is very, very bad. The SANS Institute http://www.freerepublic.com/focus/f-news/1550547/posts#comment Mon, 2 Jan 2006 13:07:56 GMT http://www.freerepublic.com/focus/f-news/1551217/posts Excerpt - NEW YORK -(Dow Jones)- Microsoft Corp. (MSFT) plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain. "Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence." "It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s (SYMC) security response team. SANS Institute, via its Internet Storm Center, has taken the unusual... Dow Jones News Service (excerpt) http://www.freerepublic.com/focus/f-news/1551217/posts#comment Tue, 3 Jan 2006 19:42:23 GMT http://www.freerepublic.com/focus/f-news/1550822/posts Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers. “The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.” The flaw, which allows hackers to infect computers using... Financial Times via Drudge http://www.freerepublic.com/focus/f-news/1550822/posts#comment Mon, 2 Jan 2006 23:54:03 GMT http://www.freerepublic.com/focus/f-news/1548350/posts This alert is a follow-up to a post made yesterday on our blog: http://www.websensesecuritylabs.com/blog/ Websense® Security Labs™ has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware... Websense Security Labs http://www.freerepublic.com/focus/f-news/1548350/posts#comment Wed, 28 Dec 2005 22:55:03 GMT http://www.freerepublic.com/focus/f-news/1548427/posts Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Washington ComPost http://www.freerepublic.com/focus/f-news/1548427/posts#comment Thu, 29 Dec 2005 01:45:47 GMT http://www.freerepublic.com/focus/f-news/1540932/posts Before all you anti-MS fanboys attack my setup let me first say I am an ASP/VB web developer for an online company and require IE and MS so save the firefox/mac posts for another day. On to the problem at hand... I got the automatic update last night on my XP pro system and now my IE acts very odd. It seems to open fine but it always opens a new window no matter how I try (ie. type in an addres, using favorites). The original window stays open but it doesnt allow any interaction with it. If I try... http://www.freerepublic.com/focus/f-news/1540932/posts#comment Thu, 15 Dec 2005 15:22:32 GMT http://www.freerepublic.com/focus/f-news/1535418/posts I hate vanity posts, but I am wondering if anyone in FR land knows anything about the Spy Axe 3.0 virus. It has set up shop in my toolbar and has hijacked my home page. eTrust isn't touching it. Help?!?! My PC http://www.freerepublic.com/focus/f-news/1535418/posts#comment Wed, 7 Dec 2005 04:16:34 GMT http://www.freerepublic.com/focus/f-news/1535370/posts My computer apparently picked up a virus from spyaxe.net. I have a pop-up window saying I have spyware and "it is recommended to use antispyware tools to prevent data loss." Everytime I close the popup it pops up again. I got tired of closing it and installed it then removed it with "Add/Remove Software" in the control panel. The pop-up is back. Can anyone help? http://www.freerepublic.com/focus/f-news/1535370/posts#comment Wed, 7 Dec 2005 02:38:12 GMT http://www.freerepublic.com/focus/f-news/1524860/posts Sony's controversial copy-protection scheme had been in use for seven months before its cloaking rootkit was discovered, leading one analyst to question the effectiveness of the security industry. "[For] at least for seven months, Sony BMG Music CD buyers have been installing rootkits on their PCs. Why then did no security software vendor detect a problem and alert customers?" asked Joe Wilcox, an analyst with JupiterResearch. "Where the failure is, that's the question mark. Is it an indictment of how consumers view security software, that they have a sense of false protection, even when they don't update their anti-virus and... TechWeb News http://www.freerepublic.com/focus/f-news/1524860/posts#comment Fri, 18 Nov 2005 23:16:07 GMT http://www.freerepublic.com/focus/f-news/1523760/posts When the news first broke in the mainstream press that Windows expert and blogger Mark Russinovich (he wrote a book about Windows for Microsoft) had found that Sony's anti-piracy efforts had gone too far and that Sony's DRM was installing an undetectable rootkit on customers' computers which they couldn't safely remove, the first reaction from Microsoft was guarded. They were concerned, they said, and were evaluating what, if anything, to do: Microsoft, which also ships an anti-spyware program, recently renamed "Windows Defender," hasn't yet decided whether it will also flag the Sony DRM software as malicious code, the spokesperson said.... Groklaw http://www.freerepublic.com/focus/f-news/1523760/posts#comment Thu, 17 Nov 2005 14:09:52 GMT http://www.freerepublic.com/focus/f-news/1522663/posts More than one-half million networks infected by Sony including U.S. military and various countries. Dan Kaminsky, http://www.doxpara.com/ ,is the expert who broke this and did the work. His U.S. and Europe infection maps are shown below and are frightening. Dan did a hell of a good job. Search Google News for "sony numbers trouble" for more in an excellent article today that is very worth reading. Welcome to Planet Sony http://www.freerepublic.com/focus/f-news/1522663/posts#comment Tue, 15 Nov 2005 21:43:21 GMT http://www.freerepublic.com/focus/f-news/1519576/posts Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs. Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory.... The Register http://www.freerepublic.com/focus/f-news/1519576/posts#comment Thu, 10 Nov 2005 18:03:29 GMT http://www.freerepublic.com/focus/f-news/1035015/posts I have been receiving an email since mid-afternoon. I guess its really huge and I tried to get the program to quit, but it won't. How do I stop this? PLEASE HELP! ILBBACH http://www.freerepublic.com/focus/f-news/1035015/posts#comment Sat, 6 Dec 2003 06:02:05 GMT http://www.freerepublic.com/focus/f-news/964813/posts Just days after announcing that it planned to halt development on Outlook Express, Microsoft has been forced to change its position following internal confusion and an outcry from customers. As reported earlier this week on silicon.com Microsoft had planned to stop product development on Outlook Express, which forms part of the Internet Explorer code bundled with consumer versions of Windows. At the time Dan Leach, Office product manager, said: "The technology doesn't go away, but no new work is being done." Under that vision, consumers would have been directed towards the company's MSN software, while businesses would be encouraged... Silicon.com http://www.freerepublic.com/focus/f-news/964813/posts#comment Fri, 15 Aug 2003 17:30:34 GMT http://www.freerepublic.com/focus/f-news/963573/posts It might be the world's most widely distributed e-mail client, but Microsoft has confirmed that it has no intention of further developing Outlook Express. "[Outlook Express] just sits where it is," said Dan Leach, lead product manager for Microsoft's information worker product management group. "The technology doesn't go away, but no new work is being done. It is consumer e-mail in an early iteration, and our investment in the consumer space is now focused around Hotmail and MSN. That's where we're putting the emphasis in terms of new investment and new development work." While Outlook Express has always been... ZDNet http://www.freerepublic.com/focus/f-news/963573/posts#comment Wed, 13 Aug 2003 21:52:32 GMT