Monthly Archive for June, 2009
Last week, I received a tremendous reader response to a post I wrote about a security update from Microsoft that silently installed a "Microsoft .NET Framework Assistant" add-on for Firefox that was difficult and risky for users to uninstall. Given the emotional buttons this subject pushed among a large number of readers, I've put together a brief update along with some information provided in the comments to the previous post. Since that posting, someone pointed out that Microsoft has issued a patch in an apparent bid to appease those who have cried foul about this silently installed add-on. The patch is available and detailed at this link here. The update patches Windows systems so that the add-on installed by Microsoft can be successfully uninstalled without the user having to manually edit the Windows registry. (While editing the registry isn't all that difficult, a misstep can cause serious problems and it
Apple has issued updates to fix security issues in its QuickTime media player and iTunes software. Updates are available for both Mac and Windows versions of both programs. The QuickTime patch brings the program to version 7.6.2, and plugs at least 10 security holes, including two that are specific to the Windows version of QuickTime. The iTunes update, version 8.2, fixes a single yet critical flaw in iTunes that could let a malicious Web site use the program to install software on the user's system. Apple users can grab the updates from Software Update. Windows users will need to use the bundled Apple Software Update program to fetch these.
At least 40,000 Web sites recently were hacked and retrofitted with instructions that silently attempt to infest visitor PCs with malicious software, security experts warn. Internet security firm Websense has dubbed this series of attacks "Beladen," because the infected sites divert visitors to a site called beladen.net -- one of at least two exploit domains implicated in this attack (this domain actively serves malicious software, so please do not visit it). Stephan Chenette, a senior security researcher at Websense, said the company is not sure how the attackers are breaking into the hacked sites, and that it is still in the process of determining what the malware installed on victim's PCs actually does. However, each hacked Web page shares the same blob of obfuscated Javascript code, which is appended to the bottom of the hacked page's HTML. Each hacked site redirects to Web sites that bombard the visitor's PC with
Microsoft is warning that hackers are using booby-trapped QuickTime media files to exploit a newly discovered security hole in Windows 2000, Windows XP, and Windows Server 2003 systems. Microsoft said it is aware of "limited attacks" against an unpatched vulnerability in a Windows DirectShow component designed to process QuickTime files. The vulnerability is present in those operating systems and can be exploited whether or not users have QuickTime installed. From a post on the Microsoft's Security Research & Defense blog: The vulnerability is in the DirectShow platform (quartz.dll). While the vulnerability is NOT in IE or other browsers, a browse-and-get-owned attack vector does exist here via the media playback plug-ins of browsers. The attacker could construct a malicious webpage which uses the media playback plug-ins to playback a malicious QuickTime file to reach the vulnerability in Quartz.dll. Please note this type of attack could happen for any browsers, not IE
