Microsoft to Release One Crictical update for Tuesday

Microsoft has release the information for May’s Patch Tuesday and it looks like there is one major update for Power point:

ms09patchtuesday1

The Affected software is MS Office 2000, MS office Xp, MS Office 2003, Ms Office 2007, Power point viewer, and MS compatibility pack for Word, Excel, and Power point 2007.

[ad]What will be coming out for Tuesday is as Followers for Non-security Releated:

  • Windows PowerShell 1.0 for Windows Vista (KB928439)
  • Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)
  • Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
  • Windows Malicious Software Removal Tool – May 2009 (KB890830)/Windows Malicious Software Removal Tool – May 2009 (KB890830) – Internet Explorer Version
  • Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)

Although some of this is usual like the Malicious software removal tool, and Windows Junke e-mail filter, we won’t know what else will be released until Tuesday.  Some of the updates will be minor like the Powershell, I am guessing tis will help get ready for SP2, and the SP1 for the .NET framwork also looks to be getting ready for SP2.  So I will keep you updated if i find out what else is released on Tuesday!

Adobe PDF Zero Day Warnings : Experts agree

All the Security experts online are talking about The 2 Zero Day Adobe Vulnerabilities:

[ad#cricket-right-ez]As you can see this seems to be one of those Adobe problems we had in the past with [intlink id=”2963″ type=”post”]Javascript[/intlink].   They seem to be having a major problem with Javascript vulnerability and the old saying is to just to disable Javascript in PDF’S again.   Adobe is calling this a Potential Adobe Reader issue and is suggesting that the users disable Javascript until this is fixed with a security update.

This is mostly affect the corporate world more than the private sector because of the fact corporate world will use PDF by sending them through emails.   I suggest installing another reader and these are all free.

Be advised the vulnerabilities affects Linux, Windows, and Macintosh systems.  This will most likely mean that even Macintoshes could be used to [intlink id=”2173″ type=”post”]create even more botnets[/intlink] and will need to disable there Javascript until this issue is fixed or maybe they would like to find another reader themselves.  This also goes for Linux users but I have not heard of anything in the wild yet.

Don’t forget to install some [intlink id=”2205″ type=”page”]free Anti-virus and Free Firewalls[/intlink] to help protect your system from becoming a botnet.

Mebroot becomes More Stealthier!!

Well Here is something we should all be on the look out for:
[ad#cricket-right-ez]

Thousands of Web sites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.

Mebroot inserts program hooks into various functions of the kernel, or the operating system’s core code. Once Mebroot has taken hold, the malware then makes it appear that the MBR hasn’t been tampered with.

[Via Pcworld Magazine]

I will be updating my [intlink id=”2205″ type=”page”]Malware Resource[/intlink] for the Prevx Software, but this looks to be a very bad root kit.  From my understanding most of the security related software.   It seems this little program will become even harder to detect and remove.   It also looks like this is ready to start infecting people with this root kit.   You should update every part of your system from [intlink id=”3327″ type=”post”]Windows Patches[/intlink] to Browser. [intlink id=”2229″ type=”post”] Securnia once said[/intlink] that most people are not patched fully!!  Just like the [intlink id=”3301″ type=”post”]Conficker Worm[/intlink], if your not fully patched and keeping anti-virus and Firewalls on your system then you might as well be walking on nails.

Dear Friend Spam Emails from Yahoo

The email from our[intlink id=”3233″ type=”post”] old friend has come back[/intlink] into now compromising Yahoo accounts by sending out this email:

Dear friend:
What are u doing these days?I am going to recommend a Eshop to you.Yesterday I found a web of a large trading company from China,which is an agent of all the well-known digital product factories,and facing to both wholesalers, retailsalers,and personal customer all over the world. They export all kinds of digital products and offer really competitive and reasonable price and high quality goods for their clients,so i think you will make a big profit if you did business with them.And they promise they will provide the best after-sales-service.If you are interested to do business with them,in my opinion, you can make a trial order to test that.
Their Web address: www.nekcn.com

In what seems to be the way of this advertisment company, it seems they have been doing what they did with Hotmail.  Deleting your contact list and emailing your friends with this message.  Now I am thinking it is being done by them [intlink id=”2660″ type=”post”]Phishing for the password and Account name[/intlink], they probably set up an web page to look like Hotmail or Yahoo.  One thing to remember to do is check to see that you address bar looks like this:

yahoomailloginYou should make sure you see the “https”, meaning that is a encrypted login and also make sure you see either Mail.yahoo.com or Login.yahoo.com.  If you see anything else included in your the screen like maybe a .ru or .pl then you aren’t logining into the true yahoo account.  Obviously the website shouldn’t be trusted until they advertise the right way, and find ways to advertise online other than spam.  If you get an email saying you need to do something with your Hotmail account or yahoo mail account you should not click any links and go to the site manually to investigate the problem.  You should never click links in email that you don’t know where they are going.  Thanks to Jazzcorner for Alerting me that they have started to do this with yahoo.  I am betting the next one will be for Google Mail, or Gmail as some will call it. It wouldn’t hurt to have a [intlink id=”2205″ type=”page”]firewall and Anti-virus[/intlink] and also check your system out just to be sure.