Microsoft Security Bulletin Advance Notification for April 2009
Revision Note: Advance Notification published.Summary: This bulletin summary lists security bulletins released for April 2009
My recent alerts from HP - Advisory: Run the threat removal tool if you have the Conficker worm virus!
Virus Threat: Conficker; Advisory: Run the threat removal tool if you have the Conficker worm virus! Priority: Virus Threat; Products: All products; OS: Those not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.; Release Date: Apr 09 2009; Description: Advisory: Researchers estimate the Conficker worm has infected millions of computers since January. The Conficker worm tries to take advantage of a problem with Windows called MS08-067 to quietly install itself and spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malwares creator. The worm then tries to spread itself to other computers on the same network. To ensure you are protected from the Conficker and other viruses, please ensure your antivirus software is up-to-date. Posted on: Fri, Apr 10 2009 9:11 AM
Twitter Worm(s), (Sun, Apr 12th)
We've received a number of reports from readers pointing to articles about this weekends Twitter XSS ...(more)...
Hosted javascript leading to .cn PDF malware, (Fri, Apr 10th)
Unfortunately such subject lines are all so common. However, lets work through this one together to ...(more)...
Patches for critical VMWare vulnerability, (Fri, Apr 10th)
Our friends at VMWare have made the ISC aware of new patches for both VMWare Hosted products, and fo ...(more)...
Two XSS Worms Slam Twitter (CGISecurity.com)
Bugtraq: BMSA 2009-04 Remote DoS in Internet Explorer (SecurityFocus Vulnerabilities)
CVE-2009-1157 (adaptivesecurityappliance5500, pix) (Natl. Vulnerability Database)
Conficker Shows Its Colors, Installs Rogue Antivirus (PC World) (Yahoo Security)
What Will the Cybersecurity Act of 2009 Do to Your Job and Business? (E-Week Security)
Conficker Awakens, Starts Scamming (PC World) (Yahoo Security)
Tech Insight: Making The Most Of Open-Source Forensics Tools
Open source tools make it possible for enterprises to implement low-cost, do-it-yourself security processes
Scareware scammers adopt cold call tactics
Supportonclick scam spreading
Scareware scammers are phoning up prospective marks in an effort to frighten people into buying software that has little or no value or utility.…
Two XSS Worms Slam Twitter
By Robert A. on XSS
UPDATE: F-Secure has posted more detailed information. "Some 24 hours after a worm spread advertising on Twitter, the popular social networking website, a second worm emerged on Sunday. Both worms appear to be created by Mikeyy Mooney, a 17-year-old from Brooklyn, New York. The first worm emerged on Saturday when Twitter...
Nessus Version 4 Released
By Robert A. on Security Tools
"Tenable is pleased to announce the release of Nessus version 4! This blog post highlights some of the enhancements and new features available in Nessus 4.0. One of the most notable features is the ability to create custom XSLT reports based on your scan results. Nessus now also supports a fully...
Brief: Power grid's vulnerability no surprise
Power grid's vulnerability no surprise
Brief: Cable sabotage knocks out Bay Area networks
Cable sabotage knocks out Bay Area networks
Netifera - Modular Open Source Platform for Security Tools
MapServer Multiple Vulnerabilities
MapServer [1] is a popular open-source, multi-platform program for creating interactive map applications. It was originally developed by the University of Minnesota with support from the U.S. National Aeronautics and Space Administration (NASA) [2]. It is currently supported by the Open Source Geospatial Foundation [3].
Making a PBX 'botnet' out of Skype or Google Voice?
Flaws in popular Internet-based telephony systems could be exploited to create a network of hacked phone accounts, somewhat like the botnets that have been wreaking havoc with PCs for the past few years.
Conficker Shows Its Colors, Installs Rogue Anti-virus
We knew it would try to make a buck somehow, but until now Conficker hasn't done much beyond spread and update. That changed yeThursday, when the worm began installing a rogue antivirus app called SpywareProtect2009 on infected machines.
Conficker botnet could flood Web with spam
Windows PCs infected with the Conficker worm have turned into junk mail-spewing robots capable of sending billions of spam messages a day, a security company warned today.
Conficker Awakens, Starts Scamming
The Conficker worm is back in action and stumping security experts once again. One of the most craftily designed pieces of malware recently got an update and is finally starting to behave like other worms. Here's what's going on:
Russian President warns of foreign threat to 'Net security
Foreign investors in Internet companies pose a potential threat to national security, Russian President Dmitry Medvedev warned members of the United Russia political party at a meeting on Wednesday.
Microsoft warns of monster patch day next week
Microsoft Thursday said it will issue eight security updates on Tuesday, the most since October 2008, to patch problems in Windows, Internet Explorer (IE), DirectX, Excel, Word, and the company's security software.
Warning: Virtualization Has 'Dark Side'
An analyst is sounding the alarm over security uncertainties and other downsides in the rush to visualization.
Microsoft Set Records for Bug Fixes in 2008
Security updates and flaws surged in the second half of 2008, a company report says.
Conficker-Infected Systems Spew Spam
The Conficker botnet could send billions of messages daily, security researcher says.
VoIP Services are Vulnerable to Botnets, Security Researchers Say
Flaws in both Skype and Google Voice easily allow scammers to make a PBX 'botnet' and intercept or listen in on calls.
Microsoft Security Patches Due Tuesday
The biggest set of updates in six months will fix Windows, IE, Excel, and Word flaws.
Microsoft Office 2007 Update Due
The company will post Service Pack 2 to WSUS and Microsoft Update in April
Conficker Shows Its Colors, Installs Rogue Anti-virus
The widespread worm finally reveals a money-making strategy and installs a fake security app.
Conficker Awakens, Starts Scamming
The widespread worm is morphing into true malware, seeking new victims, and regrouping.
Silicon Valley Cable-Cutters: The Real Harm
The people who cut the fiber optic cable of Silicon Valley's communications backbone should be treated as terrorists, not vandals.
After Attacks, Excel Update Due From Microsoft
UPDATE: UPDATE: Both Microsoft and Oracle are due to release security updates on Tuesday
Posts
No comments:
Post a Comment