Virus, spam, spyware news and Tips. Keep up on the latest developments and preventive measures with these 'best practice' methods.

Monday, June 14, 2004

Internet Explorer Users Beware

Internet/Network Security



Microsoft Security Bulletins for June 2004
Your Guide to Internet / Network Security.



June 10, 2004
Internet Explorer Users Beware
On the same day that Microsoft released their Security Bulletins for the month of June, security firm Secunia released an Advisory for two 'extremely critical' vulnerabilities in Internet Explorer that aren't addressed by Microsoft yet. One vulnerability can be used to open files on the local computer and the other allows the attacker to cross over Internet Explorer security zones and execute software in the context of the Local Zone which typically has far fewer restrictions than the Internet Zone. With no acknowledgement yet from Microsoft regarding these flaws and active exploits in the wild being used to spread adware to vulnerable systems it is important that users protect themselves through other means. Secunia suggests disabling Active Scripting in Internet Explorer in all but the Trusted Sites zone or simply using a different web browser. For more information about configuring IE security or disabling Active Scripting see How To Configure Internet Explorer Security or Disable Active Scripting In Internet Explorer. [more]..

posted by Mike at 9:56 AM

Friday, June 04, 2004

New Worm "Plexus" Targets Old Windows Flaws

Yahoo! News - New Worm Targets Old Windows Flaws
Antivirus software companies are warning customers about a new e-mail worm that targets unpatched Microsoft Windows machines with either of two recently disclosed software vulnerabilities.


The new worm, known as both "Plexus" and "Explet.A," was first detected on Wednesday and spreads by exploiting Windows machines with vulnerabilities used by two recent worms, Sasser and Blaster, according to alerts. Network Associates' McAfee Antivirus Emergency Response Team and Symantec both say the new worm does not pose a serious threat, but issued software updates to detect it.


Like Sasser, Plexus can exploit the recently disclosed hole in the Windows component called Local Security Authority Subsystem Service, or LSASS, which Microsoft patched in April.


And, like the Blaster worm that appeared in August 2003, Plexus can also crawl through a hole in a Windows component called the DCOM (Distributed Component Object Model) interface, which handles messages sent using the RPC (remote procedure call) protocol.

posted by Mike at 10:14 PM