Vulnebilities – Page 5 – Paul's Tech Talk

Patch Release information Feb 10, 2009

PaulFebruary 10, 2009

I just got the patches that were sent down from Microsoft., Here’s what I do know:

Cumulative Update for Media Center for Windows Vista (KB960544)

Download size: 12.0 MB
You may need to restart your computer for this update to take effect.
Update type: Recommended

[ad#ad2-right]Install this update to resolve issues with Media Center for Windows Vista. For complete list of the issues that are included in this cumulative update, see Microsoft Knowledge Base article 960544. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=137169

Help and Support:
http://support.microsoft.com

Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)

(CVE-2009-075, and CVE-2009-076)Download size: 7.9 MB

You may need to restart your computer for this update to take effect.

Update type: Important

[ad#ad2-right]Security issues have been identified that could allow an attacker to compromise a computer running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=139814

Help and Support:
http://support.microsoft.com

Update Rollup for ActiveX Killbits for Windows Vista (KB960715)

Download size: 44 KB

You may need to restart your computer for this update to take effect.

Update type: Important

[ad#robo-right-120×90]Security issues have been identified in ActiveX controls that could allow an attacker to compromise a system running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=139076

Help and Support:
http://support.microsoft.com
MS09-004: Vulnerabilities in Microsoft SQL Server could allow remote code execution
(KB959420) (MS09-004)
(CVE-2008-5416)(Exploit code publicly available since December 2008)

This security update resolves a privately reported vulnerability in Microsoft SQL Server. The vulnerability could allow remote code execution if untrusted users access an affected system or if a SQL injection attack occurs to an affected system. Systems with SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008 are not affected by this issue.

MS09-003: Vulnerability in Microsoft Exchange could allow remote code execution
(KB959239)(MS09-003)

(CVE-2009-0098 CVE-2009-0099)

This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding.

Each One of these Updates is either important or recommended. As you can see on all of them it is time to load up Clone of Autopatcher and start downloading these patches. If you start now you should be able to keep the bad guys away this weekend. I just loaded it up and it downloaded all the new patches rather quickly.

Now on to the good stuff, As you can see each of these are important to patch your system and each of these patches need to be installed before someone makes a worm or virus to compromise systems. I can just see people sending out fake emails that would compromise the Media Center trying to install some Malware. I can also see people trying to use the IE Vulnerability also, and the Active X. These should be taken serious and installed before the week is over. Some other things to consider is having a good Anti-virus and Firewall setup to prevent infection in the first place. It’s up to us IT guys to keep the employees from doing something they shouldn’t. Only you can prevent a Virus infection. (I’ll update when more information is available for a week)

Brace for Impact, Brace for Botnet! (Conflicker Worm)

PaulJanuary 24, 2009

The Worm that has infected 6% of Personal Computers is starting to build into something totally different. According to some Researchers, they are saying this has to happen soon. And I’ll quote:

In any case, today seems better than the day before and we think that growth of Downadup has been curbed. Disinfection of the worm remains a challenge.

[Via F-secure]

[ad#ad2-right]Although this sounds like it has stopped, I don’t think so I am sure the worm will get even bigger. I don’t think it has been curbed we might have a rest period before the Worms tries again.

“Why is it taking so long?” asked Huger. “That’s what we’re all asking.” He couldn’t recall an attack of this size with such a long lag time between the initial attacks and follow-on downloads of more malware to the hijacked systems.

[Via PcWorld]

Now We know this exploit is being patched as quickly as possible in some areas of the industry but that leaves the question? What isn’t being patched, I am guess the next stage of this worm is mutant into a new worm much like the way it tries to communicate to download new software or instruction. I believe it will be using a newer exploit so that it can infect even more computers. I also think it will be a botnet and so does others.

But he also pointed out that the clock is ticking. “If they don’t hurry up and do it, someone else will,” he said, explaining that hackers must fend off not only security researchers, but also other criminals, who would like nothing better than to pinch a ready-to-use botnet.

[Via PcWorld]

So they are going to use this Downadup Worm soon, I am counting on it. Somethings for IT professionals to prevent more infections are to make sure you have patched the latest security holes before they exploit that. Like my favorite program, the Clone of Autopatcher, which you can create a month by month patch DVD to install on all important systems. IT professionals must not start getting relax, because of people saying it is on the downfall. In nature there are always going to be periods of rest before growth. So I am sure something will happen rather quickly, and probably in the next week or two.

Inside Generic Pup.Z

PaulDecember 19, 2008

[ad#ad2-left]

Infection Methods:

Potentially unwanted programs do not self-replicate. They spread manually, often under the premise that they are beneficial or wanted. They can either be stand alone applications, or come bundled along with other PUPs, Trojans or Rootkits.

Installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs.

Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

Ways to prevent Infection:

In order to prevent these types of infections you need to understand that most of the time it is something you thought was useful but yet has a virus hidden inside of it. Some of the things you can do to remove the virus is:

Get an Anti-virus

Update the Database

Try uninstalling any programs that you might of installed that might of installed this virus.

Removal Instruction from McAfee that might help.

You need to remember about security and how to counter any virus installation by having a firewall and Anti-virus. I have also put an e-store to better make use of anything I see on Amazon that might help you out. If you want to visit it, click here.

Got a Virus? Got Spyware? This gadget will fix it!!

PaulDecember 18, 2008

PC Clean Machine Personal PC Concierge Service

Everything you need, including software, is on the thumb drive to get your own personal PC Concierge, a real person working for you. Click on the video to see how it works.

Use our anti-virus/anti-spyware and other tools, or we will work with any anti-virus or anti-spyware you already have.

PC Concierge will check your computer regularly to keep your data protected and your computer running at optimal levels. Protects both MAC and PC

Receive a detailed report explaining what was done to protect your PC and improve its performance

Your PC concierge will perform computer maintenance at a time that’s convenient for you

Includes ID Theft coverage whether computer related or not

Includes computer breakage coverage

Includes all security software: anti-virus, anti-spyware, firewall, anti-phishing, IM encryption, family network, protection, gamer mode, laptop mode, anti-spam, parental control, backup, tuneup, file vault, anti-adware.

This was found online and I thought about how much this could be for people in the field. This is also good for people who have a system offline and don’t want to go online to get the software that is need to fix this. I saw this and couldn’t wait to blog about this. If you need to have security for when you have a virus this will help protect your for one Year. I will say this is a very good deal get several programs for a real low price. All the reviews for this product are good, check out the product for the reviews. It cost 119.99 but I think it is worth it for people who don’t have enough security programs and need to protect yourself.

Microsoft to Release KB961051 on the Dec 17, 2008

PaulDecember 17, 2008

According to McAfee and I will quote:

December 16, 2008: Microsoft has announced an out-of-cycle patch release for a critical, remote-code-execution, vulnerability in Microsoft Internet Explorer (CVE-2008-4844). The patch, to be released on December 17, will address the vulnerability across multiple versions on Internet Explorer running on supported Windows platforms.

[via McAfee Threat Center]

[ad#ad2-right]From what I am understanding it will be KB961051 and will be a critical update on all Windows platforms. Microsoft issued a security advisory for this on there Technet support website. This will probably be put online sometime tomorrow and will be available to download after 10am PST although this is just a rumor because when I go to that article they talk about the work around and how to fix it temporary until they release the patch. This is releated to the IE Vulnerability that is in the wild and has been causing havok on the internet.