Computerworld’s Gregg Keizer brings word that this week’s record-setting batch of patches from Microsoft actually closed the book on the vexing ATL code library issues that first surfaced in July 2009.
Keizer quotes Ryan Smith, one of the hackers credited with discovering the flaw, as saying that the latest Microsoft Office updates shut the door on the last big attack vector for the ATL vulnerability. Read the full story [computerworld.com]
The botnet masters behind the most efficient social engineering driven botnet, Koobface, launched a new campaign currently spreading across Facebook with a new template spoofing Adobe’s Flash updater embedded within a fake YouTube page. Read the full story [zdnet.com/Dancho Danchev]
Microsoft today released its largest ever batch of Patch Tuesday updates to fix a whopping 34 security holes in a wide range of widely deployed software products.
The latest patch batch covers critical vulnerabilities in software products that are bundled with Microsoft’s dominant Windows operating system (Internet Explorer and Windows Media Player) — and several known security problems (SMB v2 and FTP in IIS) for which functioning exploit code has already been publicly released.
CNet’s Elinor Mills has the scoop on a Comcast trial of a new automated service that will warn broadband customers of possible virus infections, if the computers are behaving as if they have been compromised by malware.
For instance, a significant overnight spike in traffic being sent from a particular Internet Protocol address could signal that a computer is infected with a virus taking control of the system and using it to send spam as part of a botnet. Read the full story [CNet] Also see this call by a Google executive for ISPs to take the lead on botnet cleanup.
Secureworks researcher Kevin Stevens has written a must-read article on the Pay-Per-Install business model (PPI) that is used primarily to spread spyware and malware.
The article discusses the way the affiliate system works, with layers of files and software programs that power the installation of malware on hijacked Windows computers.
Google has shipped a new version of the Android open-source mobile phone platform to fix a pair of security flaws that could lead to denial-of-service attacks.
According to an advisory from oCERT, a group that handles vulnerability disclosure for open-source projects, the flaws could allow hackers to render Android-powered devices useless. Here’s a link to the oCERT advisory [ocert.org].
Mozilla has packaged a suite of security-centric plugins to help Firefox users stay safe while surfing on the Internet.
The package, available here, includes NoScript, Better Privacy, AdBlock Plus and WOT (Web of Trust). Mozilla has also expanded its Plugin Check to help users identify and patch vulnerable Firefox add-ons.
Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers.
The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIX. Adobe described the in-the wild attacks as limited and targeted, suggesting PDF documents rigged with exploits are being attached to e-mails and sent to business targets.
A security research firm has issued a warning for a vulnerability in multiple VMware products that can be exploited by malicious people to cause a denial-of-service condition.
The vulnerability is caused due to an error in the VMware Authorization Service when processing login requests.
The massive phishing scam broken up by federal authorities this week is only a hint at what many say is an insidious and growing problem on the Internet. The bust, dubbed Operation Phish Phry, was described by the FBI as the largest ever cyber-crime investigation and they held it up as a shining example of international cooperation in the realm of cybersecurity.
But as important and impressive as it was, the arrests barely scratch the surface of the phishing problem, according to several who have been tracking the issue for years. Read the full story [IDG News Service/Jaikumar Vijayan]
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
