OK – there have been a number of Excel problems floating around in the last week – week and a half. Securiteam blog has a FAQ on the Excel 0-day vulnerabilities with Excel and Excel Viewer Incidents.org kindly gives us a scoresheet documenting the three different vulnerabilities that have been recently exploited. I have not thoroughly read details, but suspect that avoiding opening unexpected xls attachments would likely be a GOOD preventative measure. If you take the attitude… “oh junk mail…. ooo attachment – wonder whats in there – let’s see…” then you’re likely already stuck by a few viruses.
Category: Windows Tech Support
-
Another wolf among us… and more spyware news
Yes, it’s another wolf in sheeps clothing. This time around Sunbelt is reporting on “Trust cleaner”. Keep your eyes out for this one, among other things it plants an altered version of the Google page complete with links to dating, gambling, ringtones, pharmacy, home loans and spyware removers…….. (the fake site is at mswindowssearch.com – trustcleaner.com trustinbar.com are download sites for the pest….) If you’re in a position to block addresses…. read more for the list….
-
Another Microsoft Office Vulnerability
Hot on the heels of the Microsoft Word patch there’s a new threat to Microsoft Office. This vulnerability is with Excel documents. According to the MS security response center blog, they’ve received one report of a system being attacked by a previously unknown vulnerability in Excel. The moral of the story is to be suspicious of any attachments, be they programs, or claim to be images, word documents, excel documents, fluffy bunnies or what…. If you weren’t expecting an attachment in email wait and find out if it’s legit through other channels.
-
Vista torrent pulled
Several days ago I mentioned vistatorrent.com that had copied the Windows Vista download into a bittorrent tracker and allowed bittorrent downloads of the DVD iso. Well, they’ve received a cease and desist order as thanks for their efforts. Some are saying the fact that the download servers are slammed to the point MS is recommending that people order the DVD for a shipping charge is proof that Windows Vista is eagerly anticipated and that the response trumps any open source release. Well, ok – I’ve got to say I was interested to see it for all the press it’s been getting (and I’m sure WILL get), and in 12 months I’ll likely be trying to support it, so I wanted to dip the toes in now. I don’t plan on running it on a desktop myself. In fact the last 24 hours I’ve been on a quest to install it in a virtual machine and I’ll pass along details of that in another post.
-
Big Windows June update day
Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of the advisories. This month it is a bit much to track in one big whallop… but I’ll try to give a summary here.
-
More Vista talk coming in
While, I’m still waiting to get the Vista Beta download anyway… I’ve seen the first of what I expect will be many posts out and about complaining about the upcoming OS from Microsoft. Admittedly it’s a beta and after seeing a lot of beta-release candidate – final cycles from open source software, I’m sure much will change. However…. some good points are raised.
-
Another wolf in sheeps clothing to watch for
Wolves in sheeps clothing are the label I give to those rogue antispyware, or antivirus programs that bring pests instead of protect against them, or are otherwise questionable in their tactics. Titan Shield seems to be a new threat on the block in this area, I haven’t seen it first hand yet, but it looks like it is one you’ll want to avoid *(You may want to block antispywarebox(dot)com and titanshield(dot)com if you’re in a position to do such things in your network.)
-
Windows 98 won’t see the MS06-15 patch
It turns out that Windows 98 is just too hard for Microsoft to support with a security patch for MS06-15 now. The official support period ends in July, but they’ve announced that this one won’t be getting a patch as the changes would be just too substantial. Some of the mitigation suggestions involve using restricted zones settings to limit ActiveX and Active Scripting. (Of course, installing something other than Windows 95/98/ME might be considered a mitigating factor as well.)
-
Cross browser javascript vulnerability
It sounds like this vulnerability would take a great deal of user interaction, but cio-today is reporting on a browser vulnerability that affects pretty much every javascript enabled browser. According to Symantec …. “This issue is triggered by utilizing JavaScript ‘OnKeyDown’ events to capture and duplicate keystrokes from users,” and is a way that the attacker could scrape/log things that are typed in (bank information, passwords, etc.) Also, they say “In one scenario, a crafty programmer might be able to trick users into entering personal data into a seemingly secure field on an online payment form, giving the hacker access to anything typed within the field.”
-
Microsoft June Patch Cycle heads up
It’s about that time again folks…. Monthly Microsoft patch cycle – June patches will be released on the 13th (next Tuesday) and it looks like a big batch. There should be 12 patches this time and at least one of the Windows updates is Critical and at least one of the Office updates is critical. It’s widely expected that an update will be released for the Word vulnerability that’s been talked about previously here. Also, there will be a change in the ActiveX behavior in Internet Explorer. That change had been scheduled to come out a few months back, but was postponed.