http://www.digwin.com/cat/Windows Security/hot Microsoft Top news, Buzz & Breaking Stories by communities en http://www.digwin.com/update-on-security-advisory-981374 I’m writing to let you know that we have updated with new workaround information. We are aware that exploit code has been made public for this issue. As with our last update, Internet Explorer 8 remains unaffected by the vulnerability addressed in the advisory and we continue to encourage all customers to upgrade to this version. On Wednesday we ad http://www.digwin.com/60-sites-recently-compromised-by-seo-poisoning Researchers recently discovered more than 60 new web sites that host Search Engine Optimization (SEO) poisoning activity, which takes advantage of the popularity of search engines such as Google to lure Web users to sites that are infected with malicious code. Not only are the instances of SEO poisoning attacks growing; they’re also growing more so http://www.digwin.com/twitter-takes-steps-to-stop-malware-links Here’s some good news for Twitter users, and for organizations that have incorporated Twitter into their business models. The microblogging service has recognized the dangers presented by links sent via its direct messages (and email notifications about direct messages), and has announced that they will start routing links that are submitted to th http://www.digwin.com/microsoft-security-advisory-981374-vulnerability-in-internet-explorer-could-allow-remot Revision Note: V1.1 (March 10, 2010): Restated the mitigation concerning the e-mail vector. Added a new workaround for disabling the peer factory class in iepeers.dll.Summary: Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the http://www.digwin.com/ms10017-important-vulnerabilities-in-microsoft-office-excel-could-allow-remote-code-ex Severity Rating: Important - Revision Note: V1.1 (March 10, 2010): Corrected the severity table to list Microsoft Office Excel 2003 as affected by CVE-2010-0262. Corrected the package file name for Excel 2007. Also corrected the list of affected software in the Executive Summary. These are informational changes only. Customers who have successfully http://www.digwin.com/who-gets-it-and-who-doesnt-windows-genuine-advantage-and-security-updates One of the things I get to do in the Microsoft Security Response Center (MSRC) is talk to our customers and tell them about the process by which Microsoft identifies potential security vulnerabilities in its products, eliminates those vulnerabilities, and provides remediation and information to customers. In other words, I get to explain what I do http://www.digwin.com/microsoft-security-bulletin-summary-for-march-2010 Revision Note: V1.0 (March 9, 2010): Bulletin Summary published.Summary: This bulletin summary lists security bulletins released for March 2010. http://www.digwin.com/march-2010-security-bulletin-release Today we are releasing two Important security bulletins addressing eight vulnerabilities in Windows and Microsoft Office. Both bulletins have an aggregate Exploitability Index rating of “1” so we recommend that customers deploy these updates as soon as possible. The Microsoft provides additional information to help customers prioritize depl http://www.digwin.com/security-advisory-981374-released . This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. Please review the Security Advisory for additional workarounds which include modifying the Access Control List (ACL) on iepeers.dll (the affected component), setting the Internet and local Intranet security zones to "high", configuring http://www.digwin.com/cve20100188-patched-adobe-reader-vulnerability-is-actively-exploited-in-the-wild While recently analyzing a malicious PDF file, I noticed a vulnerability exploited by the sample which I've never encountered before. After a bit of research I came to the conclusion that this specific sample exploited . This is a fresh vulnerability, information about which was just published this February. It is described as possibly leading to http://www.digwin.com/battery-charger-can-infect-computers-with-a-trojan It seems as if just about every electronic product we buy these days comes with a software CD/DVD. Sometimes it’s no more than a digital version of the product manual – paper manuals are quickly disappearing from the packages, although prices don’t seem to be coming down to reflect the savings of not printing and binding them – and other times, t http://www.digwin.com/nss-labs-ie-8-beats-other-browsers-at-stopping-social-attacks We’re always hearing that Internet Explorer is insecure, that you should switch to Firefox or Chrome or “anything else” if you want to be safe. Some folks have been parroting that line for years, and don’t even bother to keep up with the security advances that Microsoft has made in recent iterations of the web browser. more... http://www.digwin.com/should-software-vendors-be-held-liable-for-vulnerabilities-that-lead-to-security-breaches A coalition of security experts, led by the SANS Institute, wants to do just that. No, they aren’t trying to do it through government legislation (at least, not yet), but rather by including that responsibility in contract terms. The premise is that most attacks use programming mistakes (vulnerabilities) and that the software companies should be le http://www.digwin.com/march-2010-bulletin-release-advance-notification to customers that we will be releasing two bulletins this month affecting Windows and Microsoft Office products. Both bulletins are rated Important and address a total of 8 vulnerabilities. We recommend that customers review the Advance Notification webpage and prepare to deploy these bulletins as soon as possible. To provide additional guidance http://www.digwin.com/in-focus-mariposa-botnet In January this year, the MMPC added As previously discussed by Marian , this worm propagates mainly via removable devices, IM, and P2P channels; and utilizes backdoor functionality to communicate with a C&C server. It differs from other bots in that it does not use a standard IRC protocol for its command and control functions. Between January and http://www.digwin.com/fake-amazon-order-confirmations-contain-link-to-malware There have been recent reports about fake Amazon.com order confirmations. Those who use Amazon are used to receiving email confirmation, so if a user hasn’t ordered anything, the user would probably be concerned that a fraudulent charge had been made to the account and would logically click the link that purports to provide order information de http://www.digwin.com/vbs-vulnerability-in-internet-explorer-on-windows-2000xpserver-2003 If your organization is running Internet Explorer on Windows 2000, Windows XP and/or Windows Server 2003, be aware that Microsoft recently issued a security advisory regarding a reported vulnerability in VBScript that can be exploited for the purpose of remote code execution via a malicious web site. It takes advantage of the way VBScript interacts http://www.digwin.com/creating-a-safer-more-trusted-internet The RSA Security Conference is underway this week in San Francisco and Microsoft's own Scott Charney, Corporate Vice President Trustworthy Computing, delivered one of yesterday's keynote addresses: Creating a Safer, More Trusted Internet . The keynote centered on Microsoft's Trustworthy Computing initiative, our End to End Trust vision, and how we http://www.digwin.com/announcing-elevation-of-privilege-the-threat-modeling-game Adam Shostack here. I’m pleased to announce that at RSA this week, Microsoft is releasing , the Threat Modeling Game. Elevation of Privilege is the easiest way to get started threat modeling . EoP is a card game for 3-6 players. Card decks are available at Microsoft’s RSA booth, or for download 74 playing cards in 6 suits : one suit for each of the http://www.digwin.com/update-ms10015-security-update-rereleased-with-new-detection-logic I am writing to let you know that we have revised the installation packages for with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the . If these conditions are detected, the update will not be