Friday, April 29, 2011

Critical Updates for Firefox Versions 3.6 and 4.0


Updates released yesterday by Mozilla for both Firefox versions 3.6 and 4.0 included critical security updates.  To get the update, click Help > About Firefox > check for updates.

Fixed in Firefox 3.6.17

MFSA 2011-18 XSLT generate-id() function heap address leak
MFSA 2011-16 Directory traversal in resource: protocol
MFSA 2011-15 Escalation of privilege through Java Embedding Plugin
MFSA 2011-14 Information stealing via form history
MFSA 2011-13 Multiple dangling pointer vulnerabilities
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)

Fixed in Firefox 4.0.1

MFSA 2011-18 XSLT generate-id() function heap address leak
MFSA 2011-17 WebGLES vulnerabilities
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, April 26, 2011

MSRT Update Includes Additional Coreflood (Afcore) Variants

Earlier this month, the FBI and the Justice Department disabled the Coreflood botnet.  The botnet was reportedly comprised of more than two million computers infected with malicious code.

The April 11 release of the Malicious Software Removal Tool  (MSRT) added Win32/Afcore (Coreflood) malware detection to support the take-down operation.  This addition was at the request of the FBI and the Department of Justice.

Although the regular schedule for releasing updates to the MSRT accompanies the monthly security updates, as explained in my article, Understanding Microsoft Anti-Malware Software, additional updates are added as needed to respond to security incidents. 

In continuing support for the take-down activities of the the Coreflood botnet, Microsoft released a second edition of MSRT.  In an MMPC Blog post, Jeff Williams, Principal Group Program Manager, MMPC explained that the updated version includes variants of Afcore released by the criminals behind it at approximately the same time as the previous edition of MSRT.

The updated MSRT also includes additional malware families, already included in the definitions for Microsoft Security Essentials and Forefront.  

The MSRT works on Windows 7, Windows Vista, Windows XP, Windows Server 2003, or Windows Server 2008 and is available from Microsoft Update, Windows Update and the Microsoft Download Center.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Sunday, April 24, 2011

Insecure Wi-Fi Results in Police Raid

Do you know what can happen to someone whose neighbor uses their insecure Wi-Fi connection to distribute pornography?  How about Homeland Security I-C-E  agents breaking down the door to the house at 6:20 AM, an agent throwing the home owner down the stairs...
"Lying on his family room floor with assault weapons trained on him, shouts of "pedophile!" and "pornographer!" stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents.

That new wireless router. He'd gotten fed up trying to set a password. Someone must have used his Internet connection, he thought."
It took several days for the agents to complete the examination of the home owner's computer as well as his and his wife's iPad and iPhone to determine that he was not downloading child pornography.  About a week later, authorities discovered that it was a neighbor using his insecure wireless signal.

Don't let something like that happen to your family.  Ensure that you have properly secured your wireless connection. Having a network security key or passphrase can help protect your wireless network from this type of unauthorized access.


If you have an older router that uses WEP (Wired Equivalent Privacy) and does not support WPA or WPA2 (Wi‑Fi Protected Access), I strongly suggest replacing it with a new router.  WEP security is relatively easy to crack and routers are not that expensive. 


Additional information is available in this Microsoft help document, Set up a security key for a wireless network.  Also see the below-linked instructions for configuring wireless security the some of the most popular routers.
Negear

If you still aren't convinced about the importance of securing your wireless connection, read the full story about the visit described above and the man who received a visit from the FBI after someone used a potato chip can as an antenna to boost his wireless signal and downloaded 10 million images of child porn:    NY case underscores Wi-Fi privacy dangers.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Happy Easter - "Khrystos Voskres!"



"Khrystos Voskres!"

(Christ is Risen!)






"Voistyno Voskres!"

(He is Truly Risen!)




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Friday, April 22, 2011

Non-Security Update for Oracle Java

java

Oracle Java released an  update to Java Runtime Environment (JRK).  The full internal version number for this update release is 1.6.0_25-b06 (where "b" means "build"). The external version number is 6u25.

This is not a security update, but the update does contain important enhancements for Java applications, particularly for for Internet Explorer 9, Firefox 4 and Chrome 10 browser support as well as improvements to performance, reliability and diagnostic information for the Java HotSpot Virtual Machine.

Additional information regarding the release is available in the Java SE 6 Update 25 Release Notes.

Although Java is not required (See Do You Need Java?), if you do have Java installed on your computer, it is advisable to install the latest update. 

Download Link: Java SE Runtime Environment 6u25.  Accept the License agreement and select the correct version for your operating system:

 Windows x86 Online0.85 MB   jre-6u25-windows-i586-iftw.exe
 Windows x86 Offline15.77 MB   jre-6u25-windows-i586.exe
 Windows Intel Itanium16.09 MB   jre-6u25-windows-ia64.exe
 Windows x6416.09 MB   jre-6u25-windows-x64.exe



Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

Please check add/remove programs to ensure that you have uninstalled all prior (and vulnerable) versions of SunJava.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Thursday, April 21, 2011

Adobe Releases Critical Update for Reader/Acrobat Products


While Adobe Flash Player was updated last week for the critical vulnerabilities in Security Advisory APSA11-02, it was not until today that the update for Adobe Reader and Acrobat was released.

This vulnerability is being exploited in the wild against Adobe Flash Player, Adobe Reader and Acrobat in targeted attacks via a malicious Web page, or a Flash file embedded in a Microsoft Word or Microsoft Excel  file delivered as an email attachment, targeting the Windows platform. 

Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing and, thus, is not being updated at this time.

Details:

Vulnerability identifier: APSB11-08
CVE number: CVE-2011-0611, CVE-2011-0610
Platform: All Platforms
Acrobat and Reader users can update to the latest version using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from http://www.adobe.com/products/reader/

Alternatively, you could switch to an alternate PDF reader.  There are a number of open source readers available from http://pdfreaders.org/.  I have been using Sumatra PDF for around two years.  Nitro Reader is also a viable substitute.



References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Monday, April 18, 2011

Understanding Microsoft Anti-Malware Software

Please see the updated document which includes changes made in Microsoft Anti-Malware products since 2011:
Understanding Microsoft Anti-Malware Software 2012


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

The release of the Microsoft Safety Scanner has resulted in confusion about the available anti-malware tools provided by Microsoft and questions about when they should be used. 

Before answering the questions, let's take a closer look at the products available from Microsoft.


Microsoft Security Essentials


Microsoft Security Essentials (MSE) is an antivirus, anti-malware, anti-spyware software providing real-time protection for your computer.  Microsoft Security Essentials is free for home users as well as small and medium businesses with up to ten (10) PC's.

MSE works on Windows 7, Windows Vista and Windows XP, however, your PC must run genuine Windows to install Microsoft Security Essentials.  Beware of rogue/scam offerings.  MSE can be downloaded from the Microsoft Safety & Security Center.

Definition updates for MSE are obtained automatically through the program or downloaded directly from the Microsoft Malware Protection Center (MMPC) Portal.  You may also be offered updates through Windows Update. 

Microsoft Safety Scanner


The Microsoft Safety Scanner is a no-frills scanner to help remove viruses, spyware, and other malicious software. The Microsoft Security Scanner will work with your existing antivirus software but it is not a replacement for a resident antivirus software program.

The Microsoft Safety Scanner works on Windows 7, Windows Vista and Windows XP.  There is no charge to use the Microsoft Safety Scanner and there is no requirement to prove Windows is genuine.

The Microsoft Safety Scanner expires ten (10) days after being downloaded. The reason for the expiration time is at the point of downloading the Microsoft Safety Scanner, it installs the most recent definitions from the MMPC Portal. Due to the frequency of definition updates, even after one day, the definitions are outdated.  The Microsoft Safety Scanner uses the same definitions that are used for Microsoft Security Essentials and Microsoft Forefront.

For instructions on the use of the Microsoft Safety Scanner, you may be interested in this brief tutorial:   How to Use the New Microsoft Safety Scanner


Malicious Software Removal Tool


The Malicious Software Removal Tool (MSRT) scans for select malware only. Microsoft releases an updated version of the MSRT on the second Tuesday of each month along with security updates.  Additional updates are added as needed to respond to security incidents.  The current list of targets for removal is available at Families Cleaned by the Malicious Software Removal Tool.  

The MSRT works on Windows 7, Windows Vista, Windows XP, Windows Server 2003, or Windows Server 2008 and is available from Microsoft Update, Windows Update and the Microsoft Download Center.

As explained in Microsoft KB Article 890830, the Microsoft Malicious Software Removal Tool is not a substitute for an antivirus software.  There is no real-time protection and, as shown in the above-referenced list of families cleaned, the MSRT is targeting specific prevalent malicious software that is actively running on the computer.

Microsoft Standalone System Sweeper Beta

Edit Note: *The Microsoft Standalone System Sweeper Beta has been renamed to "Windows Defender Offline Beta".

Microsoft Standalone System Sweeper Beta is a recovery tool currently available from Microsoft Connect.  The tool is not a general, all-purpose scanner.  Rather, it is to help help start an infected PC and perform an offline scan to help identify and remove rootkits and other advanced malware.

The Microsoft Standalone System Sweeper Beta can also be used in situations where an antivirus software fails to install or the program that is installed is unable to detect or remove malware from the computer. The Microsoft Standalone System Sweeper Beta uses the same definitions that are used for Microsoft Security Essentials and Microsoft Forefront.

For additional information on the Standalone System Sweeper see Setting Up the Microsoft Standalone System Sweeper Beta.

*See Windows Defender Offline Beta, formerly Standalone System Sweeper.

Windows Defender


Windows Defender is not an anti-malware software.  It is a free active system monitor that provides real-time protection against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. Windows Defender can be installed on Windows XP and Windows Server 2003.  It was pre-installed on Windows Vista, Windows 7 and Windows Server 2008 (enabled if the Desktop Experience feature is installed).

Windows Defender can be downloaded from the Windows Download CenterNote:  Microsoft Security Essentials includes the anti-spyware engine of Windows Defender.  Thus, when installing MSE, Windows Defender is deactivated.

Microsoft Forefront


Microsoft Forefront comprises a product line of security products for business customers.  It is designed to be centrally managed and integrated into IT infrastructure products, such as Active Directory.  If your business has more than 10 PCs and, therefore, against the license terms to use MSE, consider Forefront.  Microsoft Forefront is intended to scale to many thousands of users.  It uses the same definitions as Microsoft Security Essentials and the Microsoft Safety Scanner.

Windows Intune


Windows Intune is an Enterprise Solution that provides PC Management and Security in the Cloud.  It is an end-to-end Microsoft solution that brings together Windows cloud services for PC management and endpoint protection with a Windows 7 Enterprise upgrade subscription.  Through the web-based console, IT Staff can centrally manage and secure all the company PCs.

Included in the numerous features of Windows Intune is malware protection, using the same definitions Microsoft Forefront and Microsoft Security Essentials.

Questions and Answers


Q.  Does the Microsoft Safety Scanner include all of the definitions included in the Malicious Software Removal Tool?
A.  Yes, at the time of download, the Microsoft Safety Scanner will include the same target families as the Malicious Software Removal Tool.  However, the Microsoft Safety Scanner includes more than specifically targeted prevalent malicious software.

Q.  Does the Malicious Software Removal Tool include definitions that are not included in the Microsoft Safety Scanner?
A.  No, although if the timing is such that additional targeted families or variants were added to the Malicious Software Removal Tool after the download of the Microsoft Safety Scanner, those families or variants would obviously not be in the already downloaded Microsoft Safety Scanner.

Q.  In terms of detection and removal, does the Microsoft Safety Scanner offer what the Malicious Software Removal Tool offers?
A.  The Malicious Software Removal Tool has specific malicious targets whereas the Microsoft Safety Scanner targets not only the same specifically targeted malicious programs as the Malicious Software Removal Tool, but also targets the same viruses, spyware, and other malicious software included in Microsoft Security Essentials and Microsoft Forefront.

Q.  Do users need both the Microsoft Safety Scanner and Malicious Software Removal Tool?
A.  The simple answer is No.  In point of fact, if you are using Microsoft Security Essentials as your antivirus product, you theoretically do not need either the Microsoft Safety Scanner or the Malicious Software Removal Tool.  However, there are instances where, for one reason or another, there is a problem updating MSE or the need to clean a computer that does not have Internet access.  Another valuable use of these tools is if your computer has a virus that your current antivirus software missed or is unable to remove.

Q.  Is their any point in running both the Microsoft Safety Scanner and Microsoft Security Essentials?
A.  No.  The Microsoft Safety Scanner uses the same definitions as Microsoft Security Essentials.  

Q.  How do I know if I have the latest definitions installed in Microsoft Security Essentials?
A.  The change log for the latest definitions for not only Microsoft Security Essentials but also Microsoft Forefront and Windows Defender is available from the Microsoft Malware Protection Center (MMPC) Portal.

Q.  Can I download both the 32 bit and the 64 bit versions of the Microsoft Safety Scanner to a USB stick and take to another computer to run the correct version for the destination machine?
A.  I suggest that you create a separate folder for each version of the download as both the 32-bit and 64-bit versions are named the same, as msert.exe.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Sunday, April 17, 2011

How to Use the New Microsoft Safety Scanner

The newly released Microsoft Safety Scanner is a replacement for the Windows Live OneCare Scanner.  The Windows Live OneCare Scanner was eliminated when support ended for Windows Live OneCare. 

If you think your computer has a virus that your current antivirus software missed or is unable to remove, the Security Scanner helps remove viruses, spyware, and other malicious software. The Microsoft Security Scanner will work with your existing antivirus software but it is not a replacement for a resident antivirus software program. There is no charge to use the Microsoft Safety Scanner.


Note

The Microsoft Safety Scanner expires ten (10) days after being downloaded. In order to scan after that time, download the Microsoft Safety Scanner again in order to get the latest anti-malware definitions.

As illustrated by the following images, the scanner is easy to use.  You can download the Microsoft Safety Scanner for running on your own computer or to removable media (i.e., a thumb drive) and transport it to another computer that is infected.

Download


Clicking the "Download" button, provides a prompt to select the 32-bit or 64-bit version. 

If you are downloading the scanner for use on a different computer, be sure you know the correct operating system (32- or 64-bit)



Save the file to a convenient location.  When launching, Windows 7 and Windows Vista users will be asked to approve a UAC prompt.




After launching, you are presented with an end user license agreement.  The terms must be accepted in order to run the scan.

Scanning

One more Next click to get to the point of selecting the type of scan you want the scanner run.







Knowing my computer is not infected, I selected a Quick scan. 

To provide "breathing space" on an infected computer, run a Quick Scan first and then follow with a Full scan.  If you have a lot of files, the scan may take up to several hours to complete.  Allow plenty of time for the scan to run to completion. 





The Quick Scan was indeed fast and only took a few minutes to complete.












After the scan has completed click Finish to close the program.



Remember, the Microsoft Safety Scanner is not a substitute for a resident antivirus software program.  It expires ten (10) days after being downloaded. In order to scan after that time, download the Microsoft Safety Scanner again in order to get the latest anti-malware definitions.

Should you need to re-examine the log, it is located at C:\Windows\Debug\msert.log.  If errors were found during the scan see Microsoft Safety Scanner Troubleshooting.

DownloadMicrosoft Safety Scanner

If you are confused about the difference between the Microsoft Security Scanner and the other anti-malware tools provided by Microsoft, my follow-up article, Understanding Microsoft Anti-Malware Software, should  help clear up the confusion.

Updated Information at Understanding Microsoft Anti-Malware Software 2012.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Saturday, April 16, 2011

Support Ended for Windows Live OneCare and Safety Scanner

It is hard to believe that it has been two and one-half years since sales of Windows Live OneCare were discontinued and Microsoft announced it was discontinuing Windows Live OneCare.  When the announcement was made, Microsoft indicated that support was continuing for existing subscribers.

The end of support has now arrived.  Updates ended for Windows Live OneCare on April 11, 2011.  Active subscribers were sent several in-product and email communications advising them of the ending subscription and support dates. In addition, depending on your subscription end date, billing support ends on or before June 30, 2011.

Accompanying the demise of Windows Live OneCare is the Windows Live OneCare Safety Scanner.  Much like Windows Live OneCare, which included non-security features such as printer sharing and automated PC tune-up, in addition to scanning for viruses, spyware and potentially unwanted software, the Safety Scanner included "Tune Up" and "Clean Up" scans.

If you still have Windows Live OneCare installed on your computer, prior to replacing it with a new antivirus software, consider using the Windows Live OneCare Backup Restore Tool to recover backed up files.

The replacement for the Windows Live OneCare Safety Scanner is the Microsoft Safety Scanner, a no-frills scanner to help remove viruses, spyware, and other malicious software. 

Additional information you may find helpful:






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Friday, April 15, 2011

Another Critical Update for Adobe Flash Player


Once again it is necessary to update Adobe Flash Player due to a critical vulnerability in the program.  This vulnerability is being exploited in the wild in targeted attacks via a malicious Web page, or a Flash file embedded in a Microsoft Word or Microsoft Excel  file delivered as an email attachment, targeting the Windows platform.

In addition to the necessity of updating Adobe Flash Player, it is also recommended that Adobe AIR be updated.  Download link:  Adobe AIR Version 2.6.  To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote.

The Flash Player update was included in Google Chrome Version 10.0.648.205.  An update for Android is expected during the week of April 25, 2011.


Release date: April 15, 2011
Vulnerability identifier: APSB11-07
CVE number: CVE-2011-0611
Platform: All Platforms




Standing Instructions:

Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, the direct download links are as follows:
If you use the Adobe Flash Player Download Center, be careful to UNCHECK the box shown below. It is not needed for the Flash Player update.  In addition, any toolbar offered with Adobe products can be unchecked if not wanted.


1 MB






Verify Installation:

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu.

Do this for each browser installed on your computer.

References:






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, April 12, 2011

Security Bulletin Release for April, 2011


Microsoft released seventeen (17) security bulletins, nine (9) rated Critical and eight (8) rated Important. The bulletins address 64 vulnerabilities across Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework and GDI+.  Note that 30 of the vulnerabilities are addressed by a single Important bulletin, MS11-034, and they all share the same couple of root causes.

Microsoft has rated the following Critical bulletins as top priority bulletins, recommending that MS11-018 for Internet Explorer be installed first.  (IE9 is not affected.) Based on that note, please note the following recommendations. 

Recommendations:

  • First install the cumulative update for Internet Explorer versions IE6, IE7 and IE8, MS11-018, and restart the computer.
  • For reasons unknown, there are many people who have issues installing .NET updates.  Thus, it is advised that MS11-028 be installed separately.
  • Although it should be unchecked, when querying the server for Microsoft Updates, Windows Vista and Windows 7 users may find Internet Explorer 9 offered as an Important update.  If you are ready to update to IE9, please first install the other updates, restart the computer and then select IE9 for installation.
 
From the MSRC Blog:

"MS11-018 (Internet Explorer). This security bulletin resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. This bulletin is rated Critical for IE 6, IE 7 and IE 8 on Windows clients; and Moderate for IE6, IE7, and IE8 on Windows servers. Internet Explorer 9 is not affected by the vulnerabilities. Microsoft is aware of limited attacks leveraging vulnerabilities addressed by this bulletin, including the vulnerability used at the CanSecWest 2011 Conference, which we tweeted about yesterday.

We encourage all customers apply this bulletin first of all our April bulletins.

MS11-019 (SMB Client). This bulletin resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. The vulnerabilities could allow remote code executions if an attacker sent a specially crafted SMB response to a client-initiated SMB request. The publicly disclosed vulnerability was posted to full disclosure on February 15. Microsoft investigated the issue and found that remote-code execution was extremely unlikely. As Microsoft has not seen any active attacks, we opted not to disrupt customers with an out-of-band bulletin.
MS11-020 (SMB Server). This bulletin resolves an internally discovered vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker created a specially crafted SMB packet and sent the packet to an affected system."
Microsoft also released an updated version of the Microsoft Windows Malicious Software Removal Tool.  Additional information regarding the updates is available in the  Microsoft Security Bulletin Summary for April 2011.


Support:

The following information is provided in the Security Bulletin:
  • The affected software listed have been tested to determine which versions are affected. Other versions are past their support life cycle. To determine the support life cycle for your software version, visit Microsoft Support Lifecycle.
  • Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
  • International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.

References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Monday, April 11, 2011

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

Adobe issued a critical security advisory affecting Adobe Flash Player, Adobe Reader and Acrobat.

UpdateAdobe is in the process of finalizing a fix for the reported issue and expects to make available an update for Flash Player 10.2.x for Windows, Macintosh, Linux and Solaris on Friday, April 15, 2011.  (PSIRT Blog)

Release date: April 11, 2011
Vulnerability identifier:APSA11-02
CVE number: CVE-2011-0611

Affected software versions

  • Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 10.2.154.25 and earlier for Chrome users
  • Adobe Flash Player 10.2.156.12 and earlier for Android
  • The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by this issue.

There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash file embedded in a Microsoft Word file that is delivered as an email attachment.  These attacks are targeting the Windows platform.  The results of such an attack would be a crash and potentially allowing an attacker to take control of the affected system.

At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. According to Adobe, Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Adobe is in the process of finalizing a schedule for delivering updates for affected versions of Adobe products.  However, because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, this issue will not be addressed in Adobe Reader X for Windows until the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Thursday, April 07, 2011

Security Bulletin Advance Notification for April, 2011


On Tuesday, April 12, 2011, Microsoft is planning to release seventeen (17) security bulletins, nine (9) rated Critical and eight (8) rated Important. The bulletins will address 64 vulnerabilities across Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework and GDI+. 


Although it is advised to restart your computer after installing updates, whether required or not, a number of the scheduled bulletins will require a restart in order to install the updates.  I recommend installing the update to .NET Framework separately as well as other updates requiring a restart.

Microsoft is also planning a fix for the MHTML vulnerability in Windows, rated Important, based on Security Advisory 2501696.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...