Microsoft Security Advisory 977544 Released

Microsoft released Security Advisory 977544, "Vulnerabilities in SMB Could Allow Denial of Service", on November 13, 2009.

From the MSRC Blog:

"Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected.

I want to be clear that this is a DoS vulnerability that is unrelated to Microsoft Security Bulletin MS09-050 which addressed a remote code execution vulnerability in the SMBv2 protocol. This vulnerability would not allow an attacker to take control or install malware on a user’s system, but could cause the affected system to stop responding until manually restarted."

Mitigating factors are provided in Microsoft Security Advisory 977544:

"Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the SMB ports should be blocked from the Internet."

For complete information, see Microsoft Security Advisory 977544 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQs), and links to additional resources.

References:

• Microsoft Security Advisory 977544
• MSRC Blog:Microsoft Security Advisory 977544 Released

Clubhouse Tags: Clubhouse, Security, Advisory, Windows 7, Information

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Lest We Forget

Whether you call it Veteran's Day, Armistice Day or Remembrance Day, November 11th is a time to put aside politics and pay tribute to all who died for their country. As in previous years, I am republishing my friend Canuk's last tribute. The comment he posted provides one example of why he was a special person:

"I too "will remember your friends who never had a full life", while thanking you and your comrades who have served with pride, honesty and honour.

Despite anyone's thoughts of the current conflict in Iraq - opposition or agreement, we must always remember that these brave young men and women are fighting for a cause they also may or may not agree with. The huge difference between them and us is that they are putting their lives on the line 24/7 while we sit in our homes in comfort, using the freedom of speech previous warriors won for us, and for that they deserve our love, respect, and support."

LEST WE FORGET

We Shall Keep the Faith by Moira Michael, November 1918 Oh! you who sleep in Flanders Fields, Sleep sweet - to rise anew! We caught the torch you threw And holding high, we keep the Faith With All who died. We cherish, too, the poppy red That grows on fields where valor led; It seems to signal to the skies That blood of heroes never dies, But lends a lustre to the red Of the flower that blooms above the dead In Flanders Fields. And now the Torch and Poppy Red We wear in honor of our dead. Fear not that ye have died for naught; We'll teach the lesson that ye wrought In Flanders Fields. Flags courtesy of3DFlags.com

Clubhouse Tags: Clubhouse, Story

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft Security Bulletin: November 2009

Microsoft released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word).

In-depth technical detail on MS09-063, MS09-064 and MS09-065, is available at the Security Research & Defense team blog at this link.

Microsoft also re-released MS09-045 to add detection for users who may be running JScript 5.7 on Windows 2000 Service Pack 4. MS09-051 was re-released to update Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue.

• MS09-063 - addresses a vulnerability in Windows (KB 973565)
• MS09-064 - addresses a vulnerability in Windows (KB 974783)
• MS09-065 - addresses a vulnerability in Windows (KB 969947)
• MS09-066 - addresses a vulnerability in Windows (KB 973309)
• MS09-067 - addresses a vulnerability in Microsoft Office (KB 972652)
• MS09-068 - addresses a vulnerability in Microsoft Office (KB 976307)

References:

• MSRC: November 2009 Security Bulletin Release
• TechNet: Microsoft security bulletin summary for November 2009
  
  

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information

Advance Notice: November 2009 Microsoft Security Bulletin Release

On November 10, 2009, Microsoft is planning to release six bulletins (three critical and three important), addressing 15 vulnerabilities to Remote Code Execution. The affected products include Windows and Microsoft Office products. A restart will be needed in order to install the updates.

According to the Advance Notification, Bulletins 1-4 are planned for Windows (three Critical, one Important). The remaining two bulletins are updates for Microsoft Office and are designated Important.

References:

• MSRC: November 2009 bulletin Release
• TechNet: Microsoft Security Bulletin Advance Notification for November 2009

Clubhouse Tags: Clubhouse, Security, Updates, Microsoft, Information

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Critical Security Update for Sun Java JRE 6

Sun Microsystems released update 17 for Java SE JDK 6 and Java SE JRE 6. The update addresses multiple vulnerabilities. These vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure.

For detailed information on the updates, see Sun Alerts 269868, 269869, 269870, 270474, 270475, and 270476.

For English-lanugage operating systems, the download link is located at: Java SE Runtime Environment 6u17.



Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

Release Notes: Java SE 6 Update 17 Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Clubhouse Tags: Clubhouse, Security, Java, Vulnerabilities, Updates, Windows, How-to

Celebrating 12 Years of WinPatrol!

In celebration of Scotty's 12th birthday, WinPatrol PLUS subscribers who have helped a friend or family member by having them adopt Scotty are eligible to register to win the grand prize in the WinPatrol Birthday Celebration: Windows Ultimate, Signature Edition!

See the details and register at WinPatrol Birthday Celebration.

Congratulations, Scotty.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Fix it Solution for Windows 7 Upgrade Hanging at 62%

When upgrading from Windows Vista to Windows 7, a number of people have experienced the situation where the upgrade stops responding at 62% and does not resume. In addition, Windows creates a file that is named system_drive:\$WINDOWS.~BT\Sources\Panther\setupact.log

As explained in Microsoft Knowledge Base Article 975253, Upgrade stops responding (hangs) at 62% when you upgrade to Windows 7, this is because the Iphlpsvc service stops responding during the upgrade. According to KB 975253, it could also be other services causing a problem which results in the upgrade process hanging at 62%.

Microsoft released today a Fix it to fix the problem automatically. Note the caveat below specifically indicating that this solution is only to be used if the upgrade stops at 62%.

Important

The Fix it solution is ONLY if the upgrade stops responding at 62%. Do NOT use it if the upgrade stops responding at a different percentage than 62% or if the log entries are not logged.

From KB 975253:

Fix it for Me

To fix this problem automatically, restart the computer where the upgrade to Windows 7 fails at 62%. Your computer will roll back to Windows Vista. Either download the following fix to a flash drive or to a CD or return to this article on the machine where the upgrade fails. If you return to this article on the machine where you experience this problem, click the Fix this problem link. Click Run in the File Download dialog box, and follow the steps in the Fix it wizard.

Fix this problem
Microsoft Fix it 50319

Clubhouse Tags: Clubhouse, Microsoft, Windows 7, Windows Vista, Microsoft Fix it

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Advance Notice: Security Updates for Java SE

The Sun Security Blog published the following update announcement:

"On November 3, 2009, Sun will release the following security updates:

• JDK and JRE 6 Update 17
• JDK and JRE 5.0 Update 22
• SDK and JRE 1.4.2_24
• SDK and JRE 1.3.1_27

The following Sun Alerts corresponding to these updates will be released following the availability of these updates.

• 269868
• 269869
• 269870
• 270474
• 270475
• 270476"

Sun Security Blog



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Firefox and Opera Browser Updates

Browser updates were released yesterday for Mozilla Firefox and today for Opera. Details and download links for both browsers follow:

Firefox 3.5.4

In addition to the security fixes listed below, the update to Firefox fixed several stability issues, added the ability to re-submit crash reports and addressed the issue where after using Clear Recent History some SSL sites would not load all images and styles without pressing reload.

To get the update, click Help -> check for updates.

Security Issues:

• MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
• MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
• MFSA 2009-62 Download filename spoofing with RTL override
• MFSA 2009-61 Cross-origin data theft through document.getSelection()
• MFSA 2009-59 Heap buffer overflow in string to number conversion
• MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
• MFSA 2009-56 Heap buffer overflow in GIF color map parser
• MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
• MFSA 2009-54 Crash with recursive web-worker calls
• MFSA 2009-53 Local downloaded file tampering
• MFSA 2009-52 Form history vulnerable to stealing

Release Notes and Download: http://en-us.www.mozilla.com/en-US/firefox/3.5.4/releasenotes/


Opera 10.01

Opera users can obtain the update to version 10.01 by clicking "Help -> check for updates and following the prompts.

New users can download Opera from http://www.opera.com/browser/download/
Features: http://www.opera.com/browser/features/




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Windows 7 Launch = Success!

Hello, Windows 7!

Windows 7 Default Desktop, designed by Chuck Anderson

Although the Windows 7 launch events were scaled down from the Windows Vista launch, there was no less enthusiasm on the part of Microsoft employees, partners and Windows fans. If you missed the launch event, it is available at Microsoft PressPass.

The full video is 54:02 in length, but worth the time. I particularly enjoyed the demonstration by Brad Brooks, corporate vice president located around the 29 minute mark. Of course, Kylie, the little girl who won hearts around the world, made everyone smile when she introduced Steve Ballmer.

Kylie, from the Windows commercials, introduces
Microsoft CEO Steve Ballmer at the launch event
in New York City on Oct. 22.
(Silverlight Required)

If you are in the market for a new PC, check what is available in Brandon’s Guide to Awesome New Windows 7 PCs. From there, move on to the refreshed Windows 7 web site, being sure not to miss the 7 days of Windows 7 savings .

Edit Note: As pointed out in the comments, if available in your country, the URL link for the "7 days of Windows 7 savings" offers will vary. The above link is to the U.S. site.

Clubhouse Tags: Clubhouse, Windows 7, Microsoft, News, Tips, Information


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

How Would YOU Change the World?

To celebrate the launch of Windows 7, Microsoft wants to discover creative ways that a PC running Windows can help an organization make an even greater impact in the community

Do you have an idea how you could use Windows 7 to help your local community? Submit a short video explaining or illustrating how you would use Windows to help a community organization. Why? Because the 7 people with the best submissions (selected by Microsoft judges) will each win a new PC running Windows 7. In addition, each winner's chosen (eligible) community organization will receive a $7,000 grant.

Find the rules, get additional information and submit your video at 7 Ways to Change the World. The deadline for submission is November 11, 2009.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Ok, I can hear the groans from here. You have a great idea and a worth-while community organization that could really benefit from that grant but you have never created a video before. Take my word for it, even an amateur can create a video with Windows Live Movie Maker.

For simple instructions check out the videos the Windows Live Team created and soon you will be on your way. Don’t take too long though, the deadline for submitting your video to 7 Ways to Change the World is November 11, 2009.

Windows Live Movie Maker Videos:

• Getting started with Windows Live Movie Maker
• Using AutoMovie
• Easily create beautiful videos using AutoMovie
• Three ways to share your video creation (YouTube, burn to DVD, save as HD)
• Add photos and videos to Movie Maker to get started
• Add transitions or visual effects
• Edit video clips to include the best footage in your movie
• Add and edit music
• Why we like the storyboard
• Add a title, captions and credits
• Publish to YouTube

Windows Live Movie Maker References:

• Download Link: http://download.live.com/
• The new Windows Live Movie Maker
• Hands on with Windows Live Movie Maker
• Podcast: Windows Live Movie Maker

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Clubhouse Tags: Clubhouse, Microsoft, Windows 7, Windows Live, Movie Maker, family, story, tips

Windows 7 Launch Events and Deals!

Windows 7 Launch Events

Finally the event that people from around the globe have been waiting – the official launch of Windows 7! Live streaming video, event photos, video highlights and more will be available starting at 8 AM Pacific (11 AM Eastern) at PressPass where you can “Watch the New York City Windows 7 Launch Party LIVE”.

Live coverage will also be provided by WinPatrol developer and fellow Microsoft MVP, Bill Pytlovany. He will be joined by the PC Pitstop Pit Crew. Join them tomorrow at: “Live Coverage – Windows 7 Launch Event in NYC”.

Watch for Windows 7 Launch Party invites in your area or host your own Windows 7 Meetup!. Brandon LeBlanc provided additional details in the Windows 7 Team Blog: Windows 7’s Big Day Tomorrow + New Offers Announced!

7 Days of Windows 7

Microsoft worked with their partners to introduce a series of limited-time offers that will include deals on hardware, Microsoft worked with their partners to introduce a series of limited-time offers that will include deals on hardware, software, upgrades, support, and other options. Brandon reported at the Windows 7 Team Blog that new offers will be released daily. The deals will be available for the next 7 days on Windows.com (site live tomorrow). The limited-time offers will also be available through participating retail and OEM partner sites.

Following are the Day 1 offers posted on the Windows Team Blog that will be included in Day 1:

• Best Buy Bundle: HP Laptop, Desktop PC with monitor, Netbook, wireless router and set-up by Geek Squad for $1,199.
• Dell: Save more than $100 on a Dell Studio XPS13
• Gateway: All-in-one Acer Gateway ZX6800 23" for $880

Buy a PC - Get a Discounted Upgrade for another PC:

Buy a PC with Windows 7 Home Premium, Professional or Ultimate and purchase a discounted copy of Windows 7 Home Premium, Professional, or Ultimate to upgrade an existing Windows PC.

This offer will run through January 2nd, 2010 and be available in Germany, UK, Czech Republic, Greece, Slovakia, Poland, Latvia, Hungary, U.S., Canada, Denmark, France, New Zealand, Australia.

Windows 7 Family Pack:

The Windows 7 Family Pack is also available today while supplies last. Customers can buy 3 licenses of Windows 7 Home Premium for one low price – for the U.S. it’s available for $149.99.

The Windows 7 Family Pack is available in the U.S., Japan, Canada, Germany, UK, France, Netherlands, Switzerland, Austria, Ireland, Luxembourg, Sweden.

Windows 7 Student Offer:

If you are a student (an .edu email address is required), you can upgrade to Windows 7 at the LOWEST PRICE offered, $29.99 in the U.S.

This offer runs through January 3rd, 2010 for US, Canada, France, Germany, Korea, Mexico and UK and March 31st, 2010 for Australia.

See Microsoft Student for details.

Clubhouse Tags: Clubhouse, Windows 7, Microsoft, News, Tips, Information


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Firefox Add-ons Blocklist

Yesterday I told you about MS09-054: IE and Firefox Attack Surface and included recommendations for protecting your computer. Before posting that article, I made the changes to both Firefox and Internet Explorer on my computers.

Today, when I returned from running errands, I discovered the following Firefox pop-up message, "Add-ons may be causing problems"

Following the "More information" link illustrated at the bottom of the above image, led me to a Mozilla page which lists blocklisted add-ons that should no longer be used with Mozilla products.

Take a couple minutes to confirm that you do not have the following add-ons active on your computer:

• Internet Download Manager, v2.1-3.3 for Firefox 3.0a1 and newer. Reason: caused startup crashes (see bug 382356).
• Free Download Manager, v1.0-1.3.1 for Firefox 3.0a1 and newer. Reason: high crash volume (see bug 408445).
• Yahoo Application State Plugin, v1.0.0.5 and older for Firefox 3.0a1 and newer. Reason: high crash volume (see bug 419127).
• Vietnamese Language Pack, v2.0 for all applications. Reason: corrupted files (see bug 432406).
• Apple QuickTime Plugin, v7.1.*, for all Firefox 3 versions on Windows. Reason: remote code execution in multiple versions (see bug 430826).
• Crawler Toolbar, for Firefox 3.0a1 and newer. Reason: high crash volume (see bug 441649).
• Daemon Tools Toolbar, versions older than 1.0.0.5, for all applications. Reason: high crash volume (see bug 459850).
• AVG SafeSearch, versions older than 8.0, for Firefox 3.1a1 and newer. Reason: breaks a core navigation method (see bug 479095).
• Microsoft .NET Framework Assistant and Windows Presentation Foundation, all versions, for all applications. Reason: remote code execution vulnerability (see bug 522777).

Compliments to the Mozilla developers for providing this service.

Clubhouse Tags: Clubhouse, Firefox, Tips, Security, Windows Vista, Windows 7, Information, How-To

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

MS09-054: IE and Firefox Attack Surface

The Security Research & Defense blog provided additional information on the attack surface for the IE Security Bulletin MS09-059, Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467). As explained:

“A browse-and-get-owned attack vector exists. All that is needed is for a user to be lured to a malicious website. Triggering this vulnerability involves the use of a malicious XBAP (XAML Browser Application). Please not that while this attack vector matches one of the attack vectors for MS09-061, the underlying vulnerability is different. Here, the affected process is the Windows Presentation Foundation (WPF) hosting process, PresentationHost.exe.

While the vulnerability is in an IE component, there is an attack vector for Firefox users as well. The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox”

In other words, if you happen upon a malicious website, with the Windows Presentation Foundation (WPF) plug-in enabled in Firefox, your computer is vulnerable.

Recommendations:

Internet Explorer

Although XBAP is disabled in IE8 on Win2k8 and Win2k3, that is not the case for IE7 or other operating systems. To disable this setting, edit the security settings in the Internet Zone as follows:

Launch Internet Explorer --> Click Tools --> Security Tab --> in Internet, click Custom level. Under .NET Framework --> XAML browser applications, Change the setting to Disable:

Firefox:

The WPF plug-in was installed in Firefox with .NET Framework 3.5. To disable the plug-in, do the following:

Click Tools --> Add-ons --> Click the Plugins Tab.
Select “Windows Presentation Foundation”, and click “Disable”.

To uninstall the “Windows Presentation Foundation” plug-in from Firefox, see to Microsoft KB Article 963707, How to remove the .NET Framework Assistant for Firefox.

References:

• Microsoft KB Article 963707, How to remove the .NET Framework Assistant for Firefox
• Security Bulletin MS09-059, Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)
• Security Research & Defense: MS09-054: Extra info on the attack surface for the IE security bulletin
• ZDNet.com: Microsoft exposes Firefox users to drive-by malware downloads

Clubhouse Tags: Clubhouse, IE8, IE7, Firefox, Internet Explorer, Tips, Security, Windows Vista, Windows 7, Information, How-To

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Reader and Acrobat Critical Update

Adobe has released a Security bulletin addressing 28 vulnerabilities in Adobe Reader and Acrobat. The updates are identified as critical. Details are available in Adobe Security Bulletin apsb09-15.

Should you wish to switch to an alternate PDF reader, there are a number of open source readers available from http://pdfreaders.org/.

Warning: Hat tip from my friend Randy. The Google Toolbar is not required as part of the installation. If you do not want the toolbar, uncheck that option when installing the update.

Affected software versions

• Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
• Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh

Adobe Reader Update Locations:

• Windows: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
  
  
• Macintosh: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh
  
  
• UNIX: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix.

Acrobat Update Locations:

• Windows Acrobat Standard and Pro: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
  
  
• Windows Acrobat Pro Extended: http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows
  
  
• Windows Acrobat 3D: http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows
  
  
• Macintosh Acrobat Pro: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Reference: Adobe Security Bulletin apsb09-15

Clubhouse Tags: Clubhouse, Security, Updates, Vulnerabilities, Adobe

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft Security Bulletin: 13 October 2009

Microsoft released 13 new bulletins which address 34 vulnerabilities in Windows, Internet Explorer and Microsoft Office.

Microsoft is also re-releasing MS08-069, vulnerability in Microsoft XML Core Services could allow remote code execution (955218) to add detection for Windows 7 and Windows Server 2008 R2. Although this component does not ship with these platforms but many applications install it in order to use its functionality.

There was a change in the severity rating since the advance notification for several versions of Windows in the .NET bulletin (MS09-061). Microsoft elevated the severity from Important to Critical. This is not a regular practice, however, it was determined that this was the appropriate rating for these products when certain versions of the .NET Framework are installed on them.

The Malicious Software Removal Tool (MSRT) adds one new family this month: Win32/FakeScanti.

Critical

• MS09-050: Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)
• MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
• MS09-052: Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)
• MS09-054: Cumulative Security Update for Internet Explorer (974455)
• MS09-055: Cumulative Security Update of ActiveX Kill Bits (973525)
• MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
• MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)
• MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Important

• MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)
• MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
• MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)
• MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)
• MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

References

• Microsoft Malware Protection Center blog: Scanti-ly Clad – Another Rogue Stripped by MSRT
• MSRC: October 2009 Security Bulletin Release
• TechNet: Microsoft security bulletin summary for October 2009
• Security Research & Defense blog:
• Assessing the risk of the October security bulletins
• MS09-051: A note on the affected platforms
• MS09-050: Exploit timeline for SMB2 RCE vulnerability
• MS09-054: Extra info on the attack surface for the IE security bulletin
• MS09-061: More information about the .NET security bulletin
• Microsoft Malware Protection Center blog: Scanti-ly Clad – Another Rogue Stripped by MSRT
  

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information