Cyber Security Awareness Tip of the Day: October 27

It is Monday morning and the weekend is already a distant memory. You either managed to take some deserved R&R time, avoiding even the most mundane of tasks or your weekend was packed with family activities, leaving no time for those same mundane tasks -- like checking your computer for needed security updates.

Although keeping your computer software updated has been included in previous posts, in view of the seriousness of the recent Out-of-Band Critical Update MS08-067, please consider this additional information.

The following is what has been reported that TrojanSpy:Win32/Gimmiv.A gathers from infected computers:

• User Name
  
• Computer Name
  
• Network Adapters / IP Addresses
  
• Installed com objects
  
• Installed programs and installed patches
  
• Recently opened documents
  
• Outlook Express and MSN Messenger credentials
  
• Protected Storage credentials
  

There is NO patch for operating systems that have reached "end of life" support. That means that only Windows 2000, XP, Windows Server 2003, Vista and Windows 7 (Beta) can be patched. Note further that on Windows 2000, XP, and Windows Server 2003 systems, the code can be run without authentication. This is not the case on Vista (or Windows 7 Beta) where authentication is needed.

There are no visual effects informing about the infection. It has been confirmed that the exploits can download a malicious .exe automatically. The most likely methods being used are drive-by downloads and fake codec Web sites.

October 27 Tip of the Day

Get the patch at Microsoft Update: http://update.microsoft.com/


References:

• Microsoft Support Lifecycle
• Securiteam

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...