Incidents.org has the story on an “in the wild” exploit for MS-053 vulnerability. The patch is out, so if you haven’t already – go ahead with the patching. The vulnerability is entitled “Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)”. The exploit causes 100% cpu utilitzation on visiting a page with a specially crafted file using Internet Explorer. The “attacking” page could essentially cause a system freeze.
Category: Security
-
More on the MediaMax DRM software
The OTHER Sony-BMG DRM (Digital Rights Management) software is in the news again today. freedom-to-tinker which did great research into the security flaws that the UNINSTALL process for both XCP and MediaMax had is back to give more disturbing news. What’s interesting here is that even declining the EULA for the software is no protection against having the MediaMax system service install and run….
-
The virus arms race? is locking down systems the key?
The securityfix has a post on the “dirty little secret” about antivirus. Eugene Kaspersky of Kaspersky antivirus has posted an introspective article on the antivirus industry and it’s current problems. The biggest problem with antivirus is that it’s always one step behind the virus writers. Antivirus software only can prevent you being infected by those viruses that the antivirus software knows about. In other words a quick, fast spreading infection can hit you anywhere between hours-days before your AV vendor has an update.
-
Microsoft’s unpatched security bugs
George Ou at ZDnet is mystified (as many of us are) at why Microsoft can’t patch ALL their security vulnerabilities. Most of the unpatched vulnerabilities are considered minor (as was the 6 month old bug that in the last week was discovered could be exploited for more than a Denial of Service…) His point is, if small companies (even open source groups) can patch ALL security bugs big and small, then why can’t Microsoft with it’s legions of coders?
-
Linux LiveCD for security professionals/penetration testers
I hadn’t heard of this distro before, but read at distrowatch, that Troppix has released version 1.2 of their livecd. It supports many wireless chipsets, is aimed to improve look and feel and include the latest versions of several utilities (nessus, metasploit, aircrack).
-
Scottrade announces compromise that put eCheck secure infromation at risk
The securityfix is reporting that Scottrade, one of the larger online brokers, has announced details of a security compromise that has put a good deal of customer information at risk. It looks as though it is related to the eCheck Secure service for transferring data from personal bank accounts to Scottrade. Scottrades provider for the eCheck Secure service is the Troy Group, Inc.
-
Ooops… hard drive maker ships trojan on storage media
Oooops… According to the Sunbelt blog a Japanese storage maker (I-O Data Device) has offered to exchange drives that were discovered to have been shipped out with the Tompai-A, a worm which would give a cracker backdoor access to a machine. It affects portable hard drive’s in the companies HDP-U series.
-
FBI / CIA virus
Well… the media has taken the drab name of w32sober.X@mm or w32sober.x or w32sober.y, W32/Sober.AD-mm or any of those other drab names that we’ve been looking at the last week and dubbed the latest big virus, the FBI/CIA virus…. and it’s gotten a lot of press the last few days. I suspect as people head back to work from Thanksgiving, we may see a slight bump in traffic. (Bringing infected laptops into the network maybe? or just home/office users getting back to work…)
-
Sneaky TorrentSpy bundling…
Sunbeltblog is talking about torrentspy, which has licensed their own version of Rufus, a bittorrent client. All well and good, but… they’ve decided to bundle WhenU SaveNow *(adware) with THEIR version of Rufus. This has ticked off the writers of Rufus among others.
-
Another wolf in sheeps clothing
I did an article a while back on “wolves in sheeps clothing” software that poses as security software but will usually turn around and bite you. Sunbeltblog has a post on another fake security center site. Keep an eye peeled for these, information is power in protecting yourself against this kind of stuff. This site is at www.updateyoursystem.com