Around the time of this latest IE exploit hitting the web, there was also mention of some publicly available CWSandbox sites for the submission of malware. It’s an analysis tool that can give you a report of how the malware behaves and what it would do if run in a “non-sandboxed” environment. There are a couple up now it seems. One incidents.org reported is https://luigi.informatik.uni-mannheim.de/submit.php, Sunbelt has one at http://research.sunbelt-software.com/submit.aspx and they have alternate URLS….
Blog
-
Internet Explorer 0-day (take 2 of the last few days…)
The last zero day (activeX) seems to be less interesting than this NEW zero-day that really made a news splash in the last day. It looks as though this NEW 0-day affects VML… Incidents.org has good coverage here. Microsoft has an advisory up and they expect to release a patch on the next scheduled patch day (earlier if needed…. ahem….) Sunbelt is blogging about the “epic loads of adware” being pushed into systems via this vulnerability. Now, some workarounds….
-
Internet Explorer zero-day
This time around, the zero day is related to Internet Explorer and activex… (directanimation specifically). Incidents has a good update on the issue. This is a second exploit, there was another at the end of August, MS has an advisory on the issue. I think a safe bet would be alternative browsers until this is patched. It is possible though to enable a kill bit, or vary security settings to disable/always prompt before using activex.
-
Firefox and Thunderbird updates
As I’ve just posted to the security-update-notice category, Firefox and Thunderbird both have been released in 1.5.0.7 version…. the release fixes a number of known security issues and you should upgrade as soon as possible. Details on the issues at incidents.org Also, you can visit mozilla.com for downloads
-
Mozilla Thunderbird 1.5.0.7
Multiple Security updates release notes.
-
Mozilla Firefox 1.5.0.7
Multiple Security updates release notes.
-
Apple Quicktime 7.1.3
Quicktime multiple vulnerabilities Mac/Windows…
-
Adobe Flash Player 9.0.16.0
Flash Player multiple security vulnerability for all versions prior to (and including) 8.0.24.0 details.
Update to 9.0.16.0 (OR 8.0.33.0, 7.0.68.0, or 7.0.66.0 from advisory.) -
Microsoft Windows and Office updates (September 2006)
Several Security issues (September 2006 patch day.) Several previous patches re-released. details.
(Updated to correct year – 2006 not 2007 )
-
Microsoft Update day for September…. AND Flash… AND Apple
Yesterday, of course, Microsoft released it’s monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn’t quite a huge update day by recent standards, but here’s the summary…. Incidents.org has a nice chart showing the two re-released patches (one is actually re-re-released…) They are MS06-040 (server service patch – critical) and MS06-042 (IE 6 patch). Both of those vulnerabilities addressed are well known and could be actively exploited. The “first release” updates from this month affect Microsoft Queue System MS06-052 which is the most important of the releases….