Monday, March 24, 2014

Security Advisory 2953095 for Microsoft Word 2010

Security Advisory
Microsoft released Security Advisory 2953095 which relates to a vulnerability in Microsoft Word. At this time, Microsoft is aware of limited, targeted attacks directed at Microsoft Word 2010.

With the vulnerability, an attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.

Recommendations 

Users of Microsoft Word 2010 are encouraged to apply the Microsoft Fix it solution.  If you use Outlook, follow the Office help instructions to Read email messages in plain text.

 
Enable Fix itDisable Fix it


Another option is to install the Enhanced Mitigation Experience Toolkit (EMET), with instructions provided in the Security Research and Defense Blog article referenced below.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

MBAM - Malwarebytes Anti-Malware Version 2.0


The long-awaited Malwarebytes Anti-Malware Version 2.0 has been released!

Malwarebytes Anti-Malware Version 2.0

Changes to MBAM Version 2.0

Highlights of the changes to MBAM Version 2.0 include the following:

  • Redesigned Interface
  • Improved Anti-Rootkit and Chameleon Self-protection Technologies
  • Rewritten Malicious Website Blocking
  • Improved 64-bit Support
  • Detection and Removal Engine Improved
  • Renamed Malwarebytes Anti-Malware Pro to Malwarebytes Anti-Malware Premium
  • The scan types have had a name change.  Generally, all that is needed is a Threat Scan.
     -- Flash Scan is now called Hyper Scan
     -- Quick Scan is now called Threat Scan
     -- Full scan is now called Custom Scan

Subscription Licensing Model

The free version of MBAM continues to be available.  However, with the launch of Version 2.0, comes a move to a subscription licensing model, $24.95 per year for three (3) computers.  

This change is due to the high popularity of MBAM resulting in the need to cover costs in bandwidth, hosting fees, infrastructure, salaries of researchers, QA department and more, which have grown immensely.

Existing Lifetime Licenses Honored

It is important for those who already have a lifetime license purchased for version 1.x to know that those licenses will continue to have a lifetime license for 2.0.

It has also been announced that a few thousand more lifetime licenses will be available soon as a special offer. See Marcin's announcement at Malwarebytes Unpacked, Malwarebytes Anti-Malware 2.0!.

Malwarebytes Anti-Malware Version 2 supports Windows XP, Windows Vista, Windows 7 and Windows 8/8.1, 32- and 64-bit.

References




Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Saturday, March 22, 2014

WinPatrol 2014 Updates


WinPatrol Scotty

WinPatrol developer, Bill Pytlovany, has been busy updating WinPatrol this past week.

On March 16, WinPatrol was updated to version 30.5.2014.0.  Today, WinPatrol was updated to version 30.5.2014.1 to fix errors with Delayed Start programs on x64 version of Windows. Affected programs originally set to run from HKey Local Machine registry.

As outlined at WinPatrol/upgrade, the fixes and changes included in version 30.5.2014.0 are as follows:

Check for Safe Updates

This feature was added to the PLUS tab/page.  In addition to checking for new versions of WinPatrol, it has been expanded to include version checks for a number of popular software packages. 

Clicking the button your version of popular software packages will be compared against the newest safe version available. If updating is recommended you'll see a safe link to the official download page for the software. 

The WinPatrol PLUS Safe Update Engine will also warn you about these threats and show you sample screen shots of what you might expect.
WinPatrol Check for Safe Updates 
 
This is the report I received when I clicked the Check for Safe Updates button:
Verify WinPatrol Version
    You have WinPatrol version: 30.5.2014.1:30.5.2014.1
    Newest version is :30.5.2014.1:30.5.2014.1
    You have the latest version of WinPatrol.

    Thank you for your support by upgrading to WinPatrol PLUS.
WinPatrol PLUS Version Safe Update Engine





   WinPatrol reports you are using Windows 7
   This is based on its internal version of 6.1.7601.


You have a 64 bit version of Windows.
When downloading software choose the x64 or 64 bit version.
You appear to have the latest version of Internet Explorer: 11.00.9600.16428
No security updates are required for this version.

Internet Explorer provides a No Tracking feature that we recommend. If you'd like more information on tracking Click Here
 Nice confirmation that I haven't missed something!

Restore Deleted Files

This feature was added following feedback by radio host Kim Komando.  As Bill explained, "In a recent article Kim recommended WinPatrol but strongly warned her audience about the dangers of using WinPatrol to delete files that may be required."

Now, in addition to the long-time feature provided in History that provides the ability to restore Start Up programs, Hidden Files can be restored:
"Hidden files will now be stored in a WinPatrol vault. We will also include a command line script that can be used to restore any files that were hidden. The command-line scripts are created in a worse-case scenario when a file is deleted which is required for Windows to run by Windows. The script or .bat file can be run in safe mode or a command-line mode."

PLUS Upgrade Discount for Windows XP

The new Safe Update engine will also detect which version of Windows you're running. If WinPatrol detects you are still running Windows XP, you'll see a link to a special Windows XP sale page. The name of this page will routinely change but it will have a PayPal button that allows you to upgrade to WinPatrol PLUS for only $2.00 USD.

Dialog Format and Positioning

Improvements are continuing on positioning of components within a WinPatrol dialog screen.

WinPatrol runs on Windows XP, Vista, Windows 7 and Windows 8/8.1, including x64 versions. Download WinPatrol 30.1.2014 now!



Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, March 18, 2014

Oracle Java SE 8 Released

java


Oracle released Java SE Runtime Environment 8 for 32- and 64-bit Windows 8x, Windows 7 and Windows Vista as well as Windows Server 2012, Windows Server 2012 R2 and Windows Server 2008 R2.

The minimum memory requirements is 128 MB and require at minimum a Pentium 2 266 MHz processor. For Linux and Mac OS X, see Oracle JDK 8 and JRE 8 Certified System Configurations.
 
Java Version 8 is not compatible with Windows XP. 

In the event you have software installed that requires Java, based on past history with Oracle Java version updates, it is recommended that you uninstall JRE 7 prior to updating.

Download Information


Notes:
  • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
  • Starting with Java SE 7 Update 21 in April 2013, all Java Applets and Web Start Applications should be signed with a trusted certificate.  It is not recommended to run untrusted/unsigned Certificates.  See How to protect your computer against dangerous Java Applets

The next scheduled critical security updates for Java SE 7 are as follows:
  • 15 April 2014
  • 15 July 2014
  • 14 October 2014



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Mozilla Firefox 28.0 Released with Critical Updates



Firefox

Mozilla sent Firefox Version 28.0 to the release channel.  The update includes five (5) Critical, three (3) High, seven (7) Moderate and two (2) Low security updates.

Edit Note:  These updates address the four holes in the PWN2OWN Competition. 

Fixed in Firefox 28

  • MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
  • MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
  • MFSA 2014-30 Use-after-free in TypeObject
  • MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
  • MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
  • MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
  • MFSA 2014-26 Information disclosure through polygon rendering in MathML
  • MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
  • MFSA 2014-24 Android Crash Reporter open to manipulation
  • MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
  • MFSA 2014-22 WebGL content injection from one domain to rendering in another
  • MFSA 2014-21 Local file access via Open Link in new tab
  • MFSA 2014-20 onbeforeunload and Javascript navigation DOS
  • MFSA 2014-19 Spoofing attack on WebRTC permission prompt
  • MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
  • MFSA 2014-17 Out of bounds read during WAV file decoding
  • MFSA 2014-16 Files extracted during updates are not always read only
  • MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)

What’s New

  • NEW -- VP9 video decoding implemented
  • NEW -- Mac OS X: Notification Center support for web notifications
  • NEW -- Volume control for HTML5 audio/video
  • NEW -- Support for Opus in WebM
  • CHANGED -- Now that spdy/3 is implemented support for spdy/2 has been removed and servers without spdy/3 will negotiate to http/1 without any penalty
  • DEVELOPER -- Support for MathML 2.0 'mathvariant' attribute
  • DEVELOPER -- Background thread hang reporting
  • DEVELOPER -- Support for multi-line flexbox in layout
  • FIXED -- Various security fixes


Known Issues

  • Unresolved -- Echo cancellation on apprtc.appspot.com fails (see 974537), Unresolved on v28 Resolved in v29
  • Unresolved -- Text Rendering Issues on Windows 7 with Platform Update KB2670838 (MSIE 10 Prerequisite) or on Windows 8.1 has a workaround (see 812695)

Update

To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...



Friday, March 14, 2014

Adobe Shockwave Player Critical Security Update

Shockwave Player Adobe has released a critical security update for Adobe Shockwave Player 12.0.9.149 and earlier versions on the Windows and Macintosh operating systems.

This update addresses vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.

Although I have yet to need Shockwave Player on this computer, there are still many people who use it.  If you have Shockwave Player installed, please update to the latest version.


Release date: March 13, 2014
Vulnerability identifier: APSB14-10
CVE number: CVE-2014-0505
Platform: Windows and Macintosh

The newest version 12.1.0.150 is available here: http://get.adobe.com/shockwave/.  As usual, watch for any pre-checked add-ons not needed for the update.

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, March 11, 2014

Pale Moon Browser


Pale Moon

More and more people, unhappy with the Firefox Rapid Release process as well as changes that appear on the surface to be merely for the sake of change have switched to alternate browsers.  A popular choice is Pale Moon.

Pale Moon is not Firefox under another name, it is different.  The developer of Pale Moon does not incorporate changes merely for the sake of change.  In addition, not every feature included in Firefox applies to Pale Moon and is not included.  There are also Pale Moon specific tweaks.

One simple example of a change made to Firefox that was not incorporated in Pale Moon is the change to the search function so that the "find bar" is no longer shared between tabs (Firefox Version 25.0).  As a result of that change, when searching for text on multiple tabs, it became necessary to open the find bar (Ctrl+F) on each tab.  The Pale Moon developer recognized that change for the sake of change is unnecessary and did not incorporate it in Pale Moon.

Although all changes made to Firefox are not included in Pale Moon, security updates are always incorporated.  Pale Moon is currently based on the ESR 24 (Extended Service Release, "corporate" version).

As a long-time user of Firefox, I was happy to see the Profile Migration Tool.  All of my customizations were carried over and the add-ons I use all continued to work seamlessly.

The current version of Pale Moon is 24.4.0, updated March 10, 2014.

References



Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Microsoft Security Bulletin Release for March 2014


Microsoft released five (5) bulletins.  Two of the bulletins are identified as Critical with the remaining three as Important.

The security updates address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight.  Information about non-Security updates is available in KB864199.

Critical:

  • MS14-012 -- Cumulative Security Update for Internet Explorer (2925418)
  • MS14-013 -- Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2929961)

Important: 

  • MS14-015 -- Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2930275)
  • MS14-016 -- Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
  • MS14-014 -- Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)

MSRT

Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.  The MSRT was updated to include detections for the Wysotot and Spacekito malware families.

Windows XP End of Support

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.

Also note that after April 8, 2014, technical assistance for Windows XP will no longer be available.  This includes automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download.  Note, however, that definitions will be available until July 15, 2015.  See Microsoft antimalware support for Windows XP.


The following additional information is provided in the Security Bulletin:

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...



Adobe Flash Player Security Update

Adobe Flashplayer

Adobe has released security updates for Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.341 and earlier versions for Linux.

These updates are rated as "Important" and resolve a vulnerability that could be used to bypass the same origin policy (CVE-2014-0503) as well as a vulnerability that could be used to read the contents of the clipboard (CVE-2014-0504).
With today's Windows Update, Internet Explorer 10 and 11 in Windows 8 and Windows 8.1 will be updated.  Windows RT must obtain the update from Windows Update.  Google Chrome will be automatically updated.


Update Information

The newest versions are as follows*:
Windows and Macintosh:  12.0.0.77
Linux: 11.2.202.346

Release date: March 11, 2014
Vulnerability identifier: APSB14-08

CVE number: CVE-2014-0503, CVE-2013-0504
Platform: All Platforms

Flash Player Update Instructions

Warning:  Although Adobe suggests downloading the update from the Adobe Flash Player Download Center, that link includes a pre-checked option to install unnecessary extras, such as McAfee Scan Plus or Google Drive.  If you use the download center, uncheck any unnecessary extras.

It is recommended that you either use the auto-update mechanism within the product when prompted, or my preference, the direct download links.

    Notes:
    • If you use the Adobe Flash Player Download Center, be careful to uncheck any optional downloads that you do not want.  Any pre-checked option is not needed for the Flash Player update.
    • Uncheck any toolbar offered with Adobe products if not wanted.
    • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
    • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
    • *As requested by a Security Garden reader, the update information for the "Extended Release of Flash Player 11.7" can be found here.
    Adobe Flash Player for Android

    The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.   

    Verify Installation

    To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

    Do this for each browser installed on your computer.

    To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

    References







    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    Saturday, March 08, 2014

    WinPatrol "March Madness"!


    WinPatrol Scotty

    Basketball fans are familiar with March Madness.  Bill Pytlovany is providing a March Madness of a different kind.

    This weekend only, a one system lifetime upgrade license to WinPatrol PLUS is available for $2.00. The full family pack lifetime license which is normally $49.95 can also be purchased for $10.00.  The sale ends Monday night (March 10) at midnight EDT*.

    Additional information from Bill is available in his article, March Madness for Windows XP, or go directly to http://www.winpatrol.com/ and follow the "PayPal March Madness" link.


    WinPatrol runs on Windows XP, Vista, Windows 7 and Windows 8 including x64 versions.


    ______________

    *Daylight saving time begins in the U.S. at 2:00AM Sunday, March 9, 2014. 

    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    Thursday, March 06, 2014

    Security Bulletin Advanced Notice for March 2014

    Security Bulletin
    On Tuesday, March 11, 2014, Microsoft is planning to release five (5) bulletins.  Two of the bulletins are identified as Critical with the other three as Important.

    The updates address vulnerabilities in Microsoft Windows, Internet Explorer and Silverlight.  Several of the updates require a restart.

    The issues described in Security Advisory 2934088 will be addressed by MS14-012.  Note that the limited attacks addressed that Security Advisory have only targeted Internet Explorer 10.

    Reminder

    Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014. Note also that Microsoft Security Essentials will no longer be available for download for Windows XP.

    As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...