Wednesday, December 21, 2011

Security Updates To Mozilla Products

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which several categorized as critical.

Affected products are: - Mozilla Thunderbird earlier than 9.0 - Mozilla SeaMonkey earlier than 2.6 - Mozilla Firefox earlier than 9.0

Links to the security advisories with details about addressed security issues:
MFSA 2011-59 .jar not treated as executable in Firefox 3.6 on Mac
MFSA 2011-58 Crash scaling video element to extreme sizes
MFSA 2011-57 Crash when plugin removes itself on Mac OS X
MFSA 2011-56 Key detection without JavaScript via SVG animation
MFSA 2011-55 nsSVGValue out-of-bounds access
MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library
MFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site: Firefox Thunderbird SeaMonkey

Saturday, December 17, 2011

Updates For Adobe Reader and Acrobat 9.x Windows Versions

Adobe has released updates for Adobe Reader and Acrobat 9.x series Windows versions. New version patches earlier informed vulnerability (CVE-2011-2462) and also other vulnerability (CVE-2011-4369). Both may allow an attacker to take control of the vulnerable system.

Above mentioned vulnerabilities exist also in Adobe Reader X and Adobe Acrobat X versions. However, protection modes built in those prevent exploit of the type currently targeting these two vulnerabilities from executing. Thus, Adobe is planning to address theses issues in their next quarterly security update for Adobe Reader and Acrobat (scheduled for January 10, 2012).

More information in the related security bulletin.

Wednesday, December 14, 2011

Microsoft Security Updates For December 2011

Microsoft has released security updates for December 2011. This month update contains 13 security bulletins of which three critical and ten important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Tuesday, December 13, 2011

Vulnerabilities In Winamp

There have been found three vulnerabilities in Nullsoft's Winamp media player. Two of these are in the in_avi.dll plugin and one in the in_mod.dll plugin. Successful exploiting may allow executing of arbitrary code in vulnerable system.

Affected versions: Winamp 5.622 but older versions may also be affected

Solution: Users of affected version can download latest version on Winamp download site.

Friday, December 9, 2011

Vulnerability In Foxit Reader

There has been found a vulnerability in Foxit Reader, software for pdf file handling. This issue was caused by the cross-border assignment of an array which may result in memory corruption vulnerabilities.

Affected are Foxit Reader 5.1.0.1021 and earlier versions. Foxit Reader users should update their version to the latest one available either by using "Check for Updates Now" in Reader help menu or by downloading fresh version here (Note: remember to unselect toolbar related options during the installation process unless you really want that installed too). More information here.

Symantec Intelligence Report: November 2011

Symantec has published their Intelligence report that sums up the latest threat trends for November 2011.

Report highlights:
- Spam – 70.5 percent (a decrease of 3.7 percentage points since October 2011)
- Phishing – One in 302.0 emails identified as phishing (an increase of 0.04 percentage points since October 2011)
- Malware – One in 255.8 emails contained malware (a decrease of 0.03 percentage points since October 2011)
- Malicious Web sites – 4,915 Web sites blocked per day (an increase of 47.8 percent since October 2011)
- A Review of Targeted Attacks in 2011
- Revolution of Russian Phone Number Spam
- Best Practices for Enterprises and Users


The report can be viewed here.

Wednesday, December 7, 2011

Vulnerability in Adobe PDF products

Adobe has released an advisory about a critical vulnerability in Adobe Reader & Adobe Acrobat products. This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Adobe Reader X (10.1.1) and earlier versions
- Adobe Reader 9.4.6 and earlier 9.x versions
- Adobe Acrobat X (10.1.1) and earlier versions

Fix availability:
"We are in the process of finalizing a fix for the issue and expect to make available an update for Adobe Reader and Acrobat 9.x for Windows no later than the week of December 12, 2011. Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for January 10, 2012."

Patch For Opera Released

Opera Software has released an update for their Opera web browser. Version 11.60 contains fixes to four security vulnerabilities (of one moderate of these Opera will reveal details later).

moderate:
* Pages can set cookies and communicate cross-site for some top level domains; advisory

low:
* A weakness in the SSL v3.0 and TLS 1.0 specifications can allow eavesdropping attacks against some applications; advisory
* JavaScript "in" operator allows leakage of cross-domain information; advisory


Opera users are strongly recommended to update to 11.60 version. New version can be downloaded here.

Monday, December 5, 2011

ESET Global Threat Report for November 2011

ESET has released a report discussing global threats of November 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Dorkbot (2.)
3. HTML/ScrInject.B (4.)
4. HTML/Iframe.B (6.)
5. Win32/Conficker (3.)
6. Win32/Autoit (7.)
7. Win32/Sality (5.)
8. Win32/Ramnit (8.)
9. JS/TrojanDownloader.Iframe.NKE (9.)
10. Win32/PSW.OnLineGames (10.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Monday, November 21, 2011

Security Patch For RealPlayer

RealNetworks has released updated version of their RealPlayer. New version contains fixes to 19 vulnerabilities.

Affected software: Windows RealPlayer prior 15.0.0 version

Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

ESET Global Threat Report for October 2011

ESET has released a report discussing global threats of October 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Dorkbot (3.)
3. Win32/Conficker (2.)
4. HTML/ScrInject.B (7.)
5. Win32/Sality (4.)
6. HTML/Iframe.B (5.)
7. Win32/Autoit (6.)
8. Win32/Ramnit (8.)
9. JS/TrojanDownloader.Iframe.NKE (10.)
10. Win32/PSW.OnLineGames (9.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Thursday, November 17, 2011

Patched iTunes Available

Apple has released version 10.5.1 of their iTunes media player. New version fixes a security issue that could allow a man-in-the-middle attack (CVE-2008-3434). Latest version can be downloaded here.

More information about the update can be read from related security bulletin.

Friday, November 11, 2011

Update For Adobe Flash Player

Adobe has released updated version of their Flash Player. The new version fixes some critical categorized vulnerabilities:
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2445)
- a heap corruption vulnerability that could lead to code execution (CVE-2011-2450)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2451)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2452)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2453)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2454)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2455)
- a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456)
- a stack overflow vulnerability that could lead to code execution (CVE-2011-2457)
- a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2459)
- a memory corruption vulnerability that could lead to code execution (CVE-2011-2460)

Users of Adobe Flash Player 11.0.1.152 and earlier should update to Adobe Flash Player 11.1.102.55. Also, users of Adobe AIR version 3.0 and earlier should update to Adobe AIR 3.1.0.4880.

More information can be read from Adobe's security bulletin.

Chrome Update Available

Update For Chrome Available
Google has released a new version of their Chrome web browser. Version 15.0.874.120 contains fixes to seven vulnerabilities of which five are high, one medium and one low categorized.

More information in Google Chrome Releases blog.

Thursday, November 10, 2011

Security Updates From Mozilla

Mozilla has released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which many are categorized as critical.

Affected products are:
- Mozilla Thunderbird earlier than 8.0 or 3.1.16
- Mozilla Firefox earlier than 8.0 or 3.6.24

Links to the security advisories with details about addressed security issues:
MFSA 2011-52 Code execution via NoWaiverWrapper
MFSA 2011-51 Cross-origin image theft on Mac with integrated Intel GPU
MFSA 2011-50 Cross-origin data theft using canvas and Windows D2D
MFSA 2011-49 Memory corruption while profiling using Firebug
MFSA 2011-48 Miscellaneous memory safety hazards (rv:8.0)
MFSA 2011-47 Potential XSS against sites using Shift-JIS
MFSA 2011-46 loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

Adobe Shockwave Player Updated

Adobe has released updated version of their Shockwave Player. The new version fixes several security vulnerabilities. The update is categorized as critical.

Users of Adobe Shockwave Player 11.6.1.629 and earlier should update to Adobe Shockwave Player 11.6.3.633.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Tuesday, November 8, 2011

Microsoft Security Updates For November 2011

Microsoft has released security updates for November 2011. This month update contains four security bulletins of which one critical, two important and one moderate.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Friday, November 4, 2011

Unpatched Vulnerability in TrueType Font Parsing

Microsoft is investigating a vulnerability in a Windows component, the Win32k TrueType font parsing engine. By exploiting the vulnerability an attacker may be able to run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Microsoft is aware of targeted attacks that try to exploit this vulnerability. Duqu malware is reported to be exploiting the vulnerability.

At the moment there is no patch against the vulnerability available. However, has listed some workarounds to mitigate the problem. More information about this can be read from the Microsoft Security Advisory (2639658).

Wednesday, November 2, 2011

Symantec Intelligence Report: October 2011

Symantec has published their Intelligence report that sums up the latest threat trends for October 2011.

Report highlights:
- Spam – 74.2 percent in October (a decrease of 0.6 percentage points since September 2011)
- Phishing – One in 343.1 emails identified as phishing (an increase of 0.07 percentage points since September 2011)
- Malware – One in 235.8 emails in October contained malware (a decrease of 0.11 percentage points since September 2011)
- Malicious Web sites – 3,325 Web sites blocked per day (a decrease of 4.3 percent since September 2011)
- 43.9 percent of all malicious domains blocked were new in October (a decrease of 0.7 percentage points since September 2011)
- 15.2 percent of all Web-based malware blocked was new in October (an increase of 0.7 percentage points since September 2011)
- Spammers setting up more URL shortening services
- Social engineering example from the East
- New Symantec Research: W32.Duqu - Precursor to the Next Stuxnet
- New Symantec Research: The Motivations of Recent Android Malware
- Best Practices for Enterprises and Users


The report can be viewed here.

Monday, October 31, 2011

ESET Global Threat Report for September 2011

ESET has released a report discussing global threats of September 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/Dorkbot (4.)
4. Win32/Sality (5.)
5. HTML/Iframe.B.Gen (3.)
6. Win32/Autoit (7.)
7. HTML/ScrInject.B (6.)
8. Win32/Ramnit (10.)
9. Win32/PSW.OnLineGames (8.)
10. JS/TrojanDownloader.Iframe.NKE (9.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Friday, October 28, 2011

QuickTime 7.7.1 Released

Apple has released new version of their QuickTime. Version 7.7.1 contains fixes for a bunch of vulnerabilities that could be exploited to run arbitrary code in target system.

QuickTime users with version older than 7.7.1 should update to the latest one available.

More information about security content of QuickTime 7.7.1 can be read here.

Wednesday, October 26, 2011

New Chrome Version Available

Google has released a new version of their Chrome web browser. Version 15.0.874.102 contains fixes to 18 vulnerabilities of which 11 are high, three are medium and four low categorized. Along with security fixes there's also some other tweaks, like a New Tab page, added.

More information in Google Chrome Releases blog.

Thursday, October 20, 2011

Java Updates From Oracle

Oracle has released update for Java JRE and JDK. The update fixes 20 vulnerabilities of which nine can be exploited to execute arbitrary code in affected system.

Affected versions are:
- Java 7 JRE and JDK earlier than update 1 (1.7.0_1)
- Java 6 JRE and JDK earlier than update 29 (1.6.0_29)
- Java 5.0 JRE and JDK earlier than update 32 (1.5.0_32)
- Java 1.4.2 JRE and JDK earlier than update 34 (1.4.2_34)

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available.

Oracle Critical Patch Update For Q4 of 2011

Oracle has released updates for their products that fix 57 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in January 2012.

Thursday, October 13, 2011

Safari Update Available

Apple has released new version of their Safari web browser. The new version contains fixes to 23 different vulnerabilities. Some of these vulnerabilities may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.1.1. Users of vulnerable Safari versions can get the latest version here.

More information of security content of 5.1.1 version can be read here.

Wednesday, October 12, 2011

iTunes 10.5 Released

Apple has released version 10.5 of their iTunes media player. New version fixes bunch of security vulnerabilities of which some allow an attacker to execute arbitrary code in target system. Latest version can be downloaded here.

More information about the update can be read from related security bulletin.

Microsoft Security Intelligence Report Volume 11 Released

Microsoft has released volume 11 of their Security Intelligence Report (SIR). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. It focuses on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches. The latest, volume 11 covers the first part of year 2011 (January-June).

The report can be downloaded here.

Tuesday, October 11, 2011

Microsoft Security Updates For October 2011

Microsoft has released security updates for October 2011. This month update contains eight security bulletins of which two critical and six important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Thursday, October 6, 2011

Update For Chrome Available

Google has released a new version of their Chrome web browser. Version 14.0.835.202 contains fixes to seven vulnerabilities of which one is critical and six are high categorized.

More information in Google Chrome Releases blog.

Tuesday, October 4, 2011

Facebook To Check Web Links

Malicious web links is one of the problems that have brought negative publicity for Facebook. To help reducing this problem Facebook has teamed up with security company Websense. In near future, all web links published in Facebook will be checked to filter out malicious ones.

When user clicks a link in Facebook it will be sent to Websense for security classification. If the link is found to be malicious user will be given options to either access the link at one's own risk or return back to the previous screen.

More information can be read from Websense blog.

Sunday, October 2, 2011

Symantec Intelligence Report: September 2011

Symantec has published their Intelligence report that sums up the latest threat trends for September 2011.

Report highlights:
- Spam – 74.8 percent in September (a decrease of 1.1 percentage points since August 2011)
- Phishing – One in 447.9 emails identified as phishing (a decrease of 0.26 percentage points since August 2011)
- Malware – One in 188.7 emails in September contained malware (an increase of 0.04 percentage points since August 2011)
- Malicious Web sites – 3,474 Web sites blocked per day (an increase of 1.0 percent since August 2011)
- 44.6 percent of all malicious domains blocked were new in September (an increase of 10.0 percentage points since August 2011)
- 14.5 percent of all Web-based malware blocked was new in September (a decrease of 2.9 percentage points since August 2011)
- Malicious emails masquerade as office printer messages
- Spammers exploit WordPress vulnerability to promote pharmaceutical spam Web sites
- Fake Offers with Fake Trust Seals
- Spammers and malware authors making increasing use of obfuscated JavaScript
- Best Practices for Enterprises and Users


The report can be viewed here.

Friday, September 30, 2011

Updates To Mozilla Products

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which several categorized as critical.

Affected products are:
- Mozilla Thunderbird earlier than 7.0
- Mozilla SeaMonkey earlier than 2.4
- Mozilla Firefox earlier than 7.0 or 3.6.23

Links to the security advisories with details about addressed security issues:
MFSA 2011-45 Inferring Keystrokes from motion data
MFSA 2011-44 Use after free reading OGG headers
MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter
MFSA 2011-42 Potentially exploitable crash in the YARR regular expression library
MFSA 2011-41 Potentially exploitable WebGL crashes
MFSA 2011-40 Code installation through holding down Enter
MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection
MFSA 2011-38 XSS via plugins and shadowed window.location object
MFSA 2011-37 Integer underflow when using JavaScript RegExp
MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Tuesday, September 27, 2011

Microsoft Security Advisory 2588513

Microsoft has released a security advisory (2588513) discussing a new vulnerability reported in SSL 3.0 and TLS 1.0. "This vulnerability affects the protocol itself and is not specific to the Windows operating system. This is an information disclosure vulnerability that allows the decryption of encrypted SSL/TLS traffic. This vulnerability primarily impacts HTTPS traffic, since the browser is the primary attack vector, and all web traffic served via HTTPS or mixed content HTTP/HTTPS is affected. We are not aware of a way to exploit this vulnerability in other protocols or components and we are not aware of attacks that try to use the reported vulnerability at this time. Considering the attack scenario, this vulnerability is not considered high risk to customers."


More information:
Microsoft Security Advisory 2588513
Is SSL broken? – More about Security Advisory 2588513

Thursday, September 22, 2011

Security Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe states that there are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in targeted attacks via malicious web pages.

Affected versions:
-Users of Adobe Flash Player 10.3.183.7 and earlier are recommended to get update 10.3.183.10
-Users of Flash Player 10.3.186.6 and earlier for Android are recommended to get update 10.3.186.7
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Tuesday, September 20, 2011

New Chrome Version Released

Google has released a new version of their Chrome web browser. Version 14.0.835.163 contains fixes to 32 vulnerabilities of which some may allow an attacker to execute arbitrary code in target system.

More information in Google Chrome Releases blog.

Wednesday, September 14, 2011

Adobe Reader And Acrobat Security Updates

Adobe has released security updates for its PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:

*of series X (10.x)
Adobe Reader 10.1 and earlier
Adobe Acrobat 10.1 and earlier

*of series 9.x
Adobe Reader 9.4.5 and earlier
Adobe Acrobat 9.4.5 and earlier

*of series 8.x
Adobe Reader 8.3 and earlier
Adobe Acrobat 8.3 and earlier


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
Acrobat 3D


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Tuesday, September 13, 2011

Microsoft Security Updates For September 2011

Microsoft has released security updates for September 2011. This month update contains five important catagorized security bulletins.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Saturday, September 10, 2011

ESET Global Threat Report for August 2011

ESET has released a report discussing global threats of August 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. HTML/Iframe.B.Gen (5.)
4. Win32/Dorkbot (7.)
5. Win32/Sality (3.)
6. HTML/ScrInject.B (6.)
7. Win32/Autoit (8.)
8. Win32/PSW.OnLineGames (4.)
9. JS/TrojanDownloader.Iframe.NKE (-)
10. Win32/Ramnit (41.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, September 7, 2011

Ransomware Posing As Microsoft

Security company Panda warns in their blog about a ransomware that tries to trick users to believe their Windows authenticity has failed. To get it fixed users are asked to pay 100€ by following given instructions. Naturally, nothing should be paid. Panda have published a code that can be used to deactivate the malware.

More information in PandaLabs blog.

Thursday, September 1, 2011

Symantec Intelligence Report: August 2011

Symantec has published their Intelligence report that sums up the latest threat trends for August 2011.

Report highlights:
- Spam – 75.9 percent in August (a decrease of 1.9 percentage points since July 2011)
- Phishing – One in 207.7 emails identified as phishing (an increase of 0.48 percentage points since July 2011)
- Malware – One in 203.3 emails in August contained malware (an increase of 0.14 percentage points since July 2011)
- Malicious Web sites – 3,441 Web sites blocked per day (a decrease of 49.4 percent since July 2011)
- 34.1 percent of all malicious domains blocked were new in August (a decrease of 1.32 percentage points since July 2011)
- 17.3 percent of all Web-based malware blocked was new in August (a decrease of 3.82 percentage points since July 2011)
- Global Debt Crises News Drives Pump-and-Dump Stock Scams
- Are MBR Infections Back in Fashion?
- Phishing Apple’s iDisk
- Phishing Brazilian Brands
- The Truth Behind the Shady RAT
- Spammers take advantage of Unicode normalisation to hide URLs
- Best Practices for Enterprises and Users


The report can be viewed here.

Monday, August 29, 2011

Morto Worm Takes Advantage of Remote Desktop Protocol

F-Secure warns in their blog about a network worm that takes advantage of Remote Desktop Protocol (RDP) as a way to spread itself. Once this Morto worm has infected the system it starts scanning the local network for machines having Remote Desktop Connection enabled. This thing creates much traffic for RDP port, port number 3389/TCP.

More information about Morto in F-Secure blog and there is also a discussion going on at Microsoft's Technet forums.

Sunday, August 21, 2011

PHP 5.3.7 Released

PHP development team has released 5.3.7 version of PHP scripting language. New version fixes big amount of bugs of which some are security related. All PHP users are recommended to upgrade their versions to this latest release.

More details about 5.3.7 release can be read from the official release announcement.

Friday, August 19, 2011

NSS Labs Browser Security Test Report

NSS Labs has published a report of a test they made to compare how different browsers managed against socially-engineered malware.

Tested browsers were:
-Apple Safari 5
-Google Chrome 12
-Windows Internet Explorer 9
-Mozilla Firefox 4
-Opera 11

Internet Explorer 9 became the winner. It was able to stop 96 percent of malicious links via its SmartScreen URL Reputation feature and in addition 3.2 percent when its Application Reputation feature was turned on. The second place was taken by Chrome 12 (13.2%). Apple Safari 5 and Firefox 4 shared third place with percent of 7.6. Opera 11 caught 6.1 percent of samples.

The full report (in PDF format) can be viewed here.

Thursday, August 18, 2011

Security Updates From RealNetworks

RealNetworks have released updated versions of their RealPlayer. New versions contain fixes to several vulnerabilities.

Affected are:
- Windows RealPlayer earlier than 14.0.6
- RealPlayer Enterprise earlier than 2.1.6
- Mac RealPlayer earlier than 12.0.0.1701


Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Mozilla Security Updates Available

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which several categorized as critical.

Affected products are:
-Mozilla Thunderbird 2.x- and 3.x series
- Mozilla SeaMonkey 1.x- and 2.x series
- Mozilla Firefox 3.x- and 4.x series

Links to the security advisories with details about addressed security issues:
MFSA 2011-33 Security issues addressed in SeaMonkey 2.3
MFSA 2011-32 Thunderbird 3.1.12
MFSA 2011-31 Thunderbird 6
MFSA 2011-30 Firefox 3.6.20
MFSA 2011-29 Firefox 6

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Friday, August 12, 2011

Security Updates From Adobe

Adobe has released updated versions of some of their software. Major part of fixed issues are categorized as critical. Many of the fixed vulnerabilities may allow an attacker to execute arbitrary code in target system.

Affected Adobe products are:
- Shockwave Player 11.6.0.626 and earlier (Windows & Macintosh)
- Flash Media Server 4.0.2 and earlier (Windows & Linux)
- Flash Media Server 3.5.6 and earlier (Windows & Linux)
- Adobe Flash Player 10.3.181.36 and earlier (Windows, Macintosh, Linux & Solaris)
- Adobe Flash Player 10.3.185.25 and earlier (Android)
- Adobe AIR 2.7 and earlier (Windows, Macintosh & Android)
- Adobe Photoshop CS5, CS5.1 and earlier (Windows & Macintosh)
- RoboHelp 9.0.1.232 and earlier (Windows)
- RoboHelp Server 9 (Windows)
- RoboHelp 8 (Windows)
- RoboHelp Server 8 (Windows)

More information behind the following links:
Shockwave Player
Flash Media Server
Flash Player and AIR
Photoshop
RoboHelp

ESET Global Threat Report for July 2011

ESET has released a report discussing global threats of July 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/Sality (3.)
4. Win32/PSW.OnLineGames (4.)
5. HTML/Iframe.B.Gen (6.)
6. HTML/ScrInject.B (9.)
7. Win32/Dorkbot (11.)
8. Win32/Autoit (5.)
9. HTML/StartPage.NAE (8.)
10. VBS/StartPage.NDS (48.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, August 10, 2011

Microsoft Security Updates For August 2011

Microsoft has released security updates for August 2011. This month update contains 13 security bulletins (two critical, nine important and two moderate).

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Thursday, August 4, 2011

New Chrome Version Available

Google has released a new version of their Chrome web browser. Version 13.0.782.107 contains fixes to 30 vulnerabilities of which 14 are high, nine medium and seven low categorized.

More information in Google Chrome Releases blog.

Monday, August 1, 2011

Symantec Intelligence Report: July 2011

Symantec has published their Intelligence report that sums up the latest threat trends for July 2011.

Report highlights:
- Spam – 77.8 percent in July (an increase of 4.9 percentage points since June 2011)
- Phishing – One in 319.3 emails identified as phishing (an increase of 0.01 percentage points since June 2011)
- Malware – One in 280.9 emails in July contained malware (an increase of 0.02 percentage points since June 2011)
- Malicious Web sites – 6,797 Web sites blocked per day (an increase of 25.5 percent since June 2011)
- 35.9 percent of all malicious domains blocked were new in July (an increase of 0.8 percentage points since June 2011)
- 21.1 percent of all Web-based malware blocked was new in July (an increase of 0.8 percentage points since June 2011)
- Aggressively unstable malware leads to a rise in sophisticated socially engineered attacks
- Phishers’ World in Your Cell Phone
- Large scale malware attack using URL shortening services
- Best Practices for Enterprises and Users


The report can be viewed here.

Saturday, July 23, 2011

New Version Of Foxit Reader Available

Foxit Software has released a new version of their PDF viewer, Foxit Reader. In addition to a bunch of minor bugs there're fixes for two security vulnerabilities that if exploited may allow an attacker to execute arbitrary code in target system. The first vulnerability is caused by Insecure Library Loading and the second one is related to opening certain PDF files in a web browser.

Affected are Foxit Reader versions earlier than 5.0.2. Foxit Reader users should update their version to the latest one available either by using "Check for Updates Now" in Reader help menu or by downloading a fresh version here (Note: remember to unselect Ask related options during the installation process unless you really want that installed too).

Friday, July 22, 2011

New Versions Of Safari Released

Apple has released new versions of their Safari web browsers. The new versions contain fixes to 58 different vulnerabilities. These vulnerabilities may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.1 or 5.0.6. Users of vulnerable Safari versions can get the latest version here.

Adobe warns that Safari 5.1 will break part of Adobe Acrobat and Adobe Reader Safari plugin functionality. More about this in Adobe blog post.

More information of security content of 5.1 and 5.0.6 versions can be read here.

Wednesday, July 20, 2011

Oracle Critical Patch Update For Q3 of 2011

Oracle has released updates for their products that fix 78 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in October 2011.

Monday, July 18, 2011

New Version Of VLC Player Available

VideoLAN project has released a new version of their VLC media player. Version 1.1.11 contains fixes to two stack overflow vulnerabilities of RealMedia and AVI handling (security advisories 1105 and 1106).

Affected are VLC Player versions prior 1.1.11. Owners of those versions should update to the latest version.

Sunday, July 17, 2011

ESET Global Threat Report for June 2011

ESET has released a report discussing global threats of June 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/Sality (4.)
4. Win32/PSW.OnLineGames (3.)
5. Win32/Autoit (8.)
6. HTML/Iframe.B.Gen (7.)
7. Win32/Bflient (9.)
8. HTML/StartPage.NAE (5.)
9. HTML/ScrInject.B (11.)
10. Win32/Autorun (6.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

NSS Labs Browser Security Test Europe Q2 2011 Report

NSS Labs has published a report of a test they made to compare how different browsers managed against socially-engineered malware targeting European users.

Tested browsers were:
-Apple Safari 5
-Google Chrome 10
-Windows Internet Explorer 8
-Windows Internet Explorer 9
-Mozilla Firefox 4
-Opera 11

The test winner was Internet Explorer 9. It was able to catch 92% of malware with its URL-based filtering and 100% with Application-based filtering enabled. The second came Internet Explorer 8 with 90% success of blocking. The third place was shared by Safari 5, Chrome 10 and Firefox 4, each able to stop 13%. Opera 11 was left the last with 5%.

The full report can be read here.

Friday, July 15, 2011

Hotmail Introduces New Features To Prevent Email Account Hijacking

Email account hijacking has been one of the top problems I've faced while helping users on security forums. Big part of affected accounts is from Hotmail. Hotmail team knows about the problem and have developed two new features in order to help prevent account hijacking.

One of these is to let Hotmail user report if they suspect some of their friend's account as compromised. In situation like this user can take advantage of "My friend's been hacked!" feature on the "Mark as" menu. Alternatively, account can be reported as compromised while moving message to the Junk folder. Reporting isn't limited to Hotmail accounts only but accounts from other email providers like Yahoo and Gmail can be reported too. The second new feature prevents user from using common passwords as their account password.

More about these features can be read from related blog post in Windows Live blog.

Tuesday, July 12, 2011

Microsoft Security Updates For July 2011

Microsoft has released security updates for July 2011. This month update contains four security bulletins, one critical and three important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Monday, July 4, 2011

New WordPress Version Available

There has been fixed a vulnerability in WordPress. The vulnerability could allow a malicious Editor-level user to gain further access to the site. Affected are:
-WordPress 3.1 prior version 3.1.4
-WordPress 3.2 prior version Release Candidate 3

More information (including instructions for updating) can be read from WordPress blog.

Saturday, July 2, 2011

MessageLabs Intelligence Report: June 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for June 2011.

Report highlights:
- Spam – 72.9% in June (a decrease of 2.9 percentage points since May 2011)
- Phishing – One in 330.6 emails identified as phishing (a decrease of 0.05 percentage points since May 2011)
- Malware – One in 300.7 emails in June contained malware (a decrease of 0.12 percentage points since May 2011)
- Malicious Web sites – 5,415 Web sites blocked per day (an increase of 70.8% since May 2011)
- 35.1% of all malicious domains blocked were new in June (a decrease of 1.7 percentage points since May 2011)
- 20.3% of all Web-based malware blocked was new in June (a decrease of 4.3 percentage points since May 2011)
- Review of Spam-sending botnets in June 2011
- Clicking to Watch Videos Leads to Pharmacy Spam
- Wiki for Everything, Even for Spam
- Phishers Return for Tax Returns
- Fake Donations Continue to Haunt Japan
- Spam Subject Line Analysis
- Best Practices for Enterprises and Users


The report can be viewed here.

Wednesday, June 29, 2011

New Chrome Version Available

Google has released a new version of their Chrome web browser. Version 12.0.742.112 contains fresh version of Adobe Flash and fixes seven vulnerabilities of which six are high and one medium categorized.

More information in Google Chrome Releases blog.

Friday, June 24, 2011

Patches To Mozilla Products

Mozilla has released security bulletins related to found issues in some of their products. Six of them are categorized as critical, three as moderate and one as low.

Critical:
MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled
MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images
MFSA 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight()
MFSA 2011-23 Multiple dangling pointer vulnerabilities
MFSA 2011-26 Multiple WebGL crashes

Moderate:
MFSA 2011-24 Cookie isolation error
MFSA 2011-25 Stealing of cross-domain images using WebGL textures
MFSA 2011-27 XSS encoding hazard with inline SVG

Low:
MFSA 2011-28 Non-whitelisted site can trigger xpinstall

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird

Thursday, June 16, 2011

Adobe Shockwave Player Update Available

Adobe has released updated version of their Shockwave Player. The new version fixes several security vulnerabilities. The update is categorized as critical.

Users of Adobe Shockwave Player 11.5.9.620 and earlier should update to Adobe Shockwave Player 11.6.0.626.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes a critical memory corruption vulnerability (CVE-2011-2110) that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe states that there are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious web pages.

Affected versions:
-Users of Flash Player 10.3.181.23 and earlier are recommended to get update 10.3.181.26
-Users of Flash Player 10.3.185.23 and earlier for Android are recommended to get update 10.3.185.24
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Security Updates For Adobe Reader And Acrobat

Adobe has released security updates for its PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:

*of series X (10.x)
Adobe Reader 10.0.1 and earlier
Adobe Acrobat 10.0.3 and earlier

*of series 9.x
Adobe Reader 9.4.4 and earlier
Adobe Acrobat 9.4.4 and earlier

*of series 8.x
Adobe Reader 8.2.6 and earlier
Adobe Acrobat 8.2.6 and earlier


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
Acrobat 3D


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Microsoft Security Updates For June 2011

Microsoft has released security updates for June 2011. This month update contains 16 updates.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Thursday, June 9, 2011

Fresh Chrome Version Available

Google has released a new version of their Chrome web browser. Version 12.0.742.91 contains some new features like for example:
- Hardware accelerated 3D CSS
- New Safe Browsing protection against downloading malicious files
- Ability to delete Flash cookies from inside Chrome

New version patches also 14 security vulnerabilities in Chrome itself.

More information in Google Chrome Releases blog.

Wednesday, June 8, 2011

Critical Java Updates From Oracle

Oracle has released update for Java SE. The update fixes 17 security vulnerabilities of which 12 can be exploited to execute arbitrary code in affected system.

Affected versions are:
• JDK and JRE 6 Update 25 and earlier
• JDK 5.0 Update 29 and earlier
• SDK 1.4.2_31 and earlier

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available.

Tuesday, June 7, 2011

Some VMware Security Issues Fixed

VMware has released security updates to patch some security vulnerabilities in their virtualization applications.

Affected versions:
- VMware Workstation prior 7.1.4
- VMware Player prior 3.1.4
- VMware Fusion prior 3.1.3
- ESXi 4.1 without patch ESXi410-201104402-BG
- ESXi 4.0 without patch ESXi400-201104402-BG
- ESXi 3.5 without patches ESXe350-201105401-I-SG and ESXe350-201105402-T-SG
- ESX 4.1 without patch ESX410-201104401-SG
- ESX 4.0 without patch ESX400-201104401-SG
- ESX 3.5 without patches ESX350-201105401-SG, ESX350-201105404-SG and ESX350-201105406-SG


Further information including updating instructions can be read from VMware's security advisory.

New Version Of VLC Player Available

VideoLAN project has released a new version of their VLC media player. Among other things version 1.1.10 contains a fix to a bug regarding an integer overflow in xspf demuxer. It also contains an update of libmodplug for security reasons in Windows and Mac versions.

Affected are VLC Player versions prior 1.1.10. Owners of those versions should update to the latest version.

Monday, June 6, 2011

Critical Security Update Available For Adobe Flash

Adobe has released patched version of their popular Flash Player. Version 10.3.181.22 (10.3.181.23 for ActiveX) fixes a universal cross-site scripting vulnerability (CVE-2011-2107) that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.

Affected software:
- Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.3.185.22 and earlier versions for Android

Patched version for Windows, Macintosh, Linux and Solaris operating systems is available at Adobe Flash Player Download Center. Windows users and users of Adobe Flash Player 10.3.181.16 for Macintosh can install the update via the auto-update mechanism within the product when prompted. Adobe says that they expect to make available an update for Flash Player 10.3.185.22 for Android during the week of June 6, 2011.

More information in Adobe's security bulletin.

Thursday, June 2, 2011

ESET Global Threat Report for May 2011

ESET has released a report discussing global threats of May 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/PSW.OnLineGames (3.)
4. Win32/Sality (4.)
5. HTML/StartPage.NAE (17.)
6. JS/Redirector (11.)
7. HTML/Iframe.B.Gen (7.)
8. Win32/Autoit (5.)
9. Win32/Bflient (8.)
10. Win32/Autorun (6.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format)

MessageLabs Intelligence Report: May 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for May 2011.

Report highlights:
- Spam – 75.8% in May (an increase of 2.9 percentage points since April 2011)
- Viruses – One in 222.3 emails in May contained malware (a decrease of 0.14 percentage points since April 2011)
- Phishing – One in 286.7 emails comprised a phishing attack (a decrease of 0.06 percentage points since April 2011)
- Malicious web sites – 3,170 web sites blocked per day (an increase of 30.4% since April 2011)
- 36.8% of all malicious domains blocked were new in May (an increase of 3.8 percentage points since April 2011)
- 24.6% of all web-based malware blocked was new in May (an increase of 2.1 percentage points since April 2011)
- For the First Time, Spammers establish their own fake URL-shortening services


The report can be viewed here.

Saturday, May 28, 2011

Vulnerabilities Affecting IBM Lotus Notes

There have been found buffer overflow vulnerabilities in IBM Lotus Notes for Windows. The vulnerabilities could allow an attacker to execute arbitrary code in target system. To exploit the vulnerabilities user can be lured to open specially crafted file attachment.

Affected software:
IBM Lotus Notes 8.5.2
IBM Lotus Notes 8.5.1
IBM Lotus Notes 8.0.x
IBM Lotus Notes 7.x
IBM Lotus Notes 6.x
IBM Lotus Notes 5.x

At the moment there's a patch available for version 8.5.2 only. Users of other affected versions are advised to turn vulnerable feature off until the fix is available. More information about workarounds here.

Tuesday, May 24, 2011

MAX++ Malware Back With x64 Version

MAX++ (aka ZeroAccess) trojan is not totally new malware but its x64 version is. "Computers are infected using a drive-by attack on a browser and its components via the Bleeding Life exploit kit. In particular, Acrobat Reader (CVE 2010-0188, CVE 2010-1297, CVE 2010-2884, CVE 2008-2992) and Java (CVE 2010-0842, CVE 2010-3552) modules are prone to attack.", explains Kaspersky Lab Expert Vasily Berdnikov in company's blog.

Detailed description of MAX++ x86 and x64 version behaviour can be read from the related Kaspersky blog post.

Thursday, May 19, 2011

Security Update For Opera Released

Opera Software has released an update for their Opera web browser. Version 11.11 contains fix to one security vulnerability.

critical:
* Frameset issue allows execution of arbitrary code; advisory.


Opera users are strongly recommended to update to 11.11 version. New version can be downloaded here.

Sunday, May 15, 2011

Microsoft Security Intelligence Report Volume 10 Released

Microsoft has released volume 10 of their Security Intelligence Report (SIR). "The Security Intelligence Report (SIR) is an investigation of the current threat landscape. It analyzes exploits, vulnerabilities, and malware based on data from over 600 million systems worldwide, as well as internet services, and three Microsoft Security Centers." The latest, volume 10 covers year 2010.

The report can be downloaded here.

Friday, May 13, 2011

Updates For Adobe Products Available

Adobe has released updates for their Adobe Flash Player, Flash Media Server, Audition and Robohelp products. In total 16 vulnerabilities were fixed and 15 of these being critical.

Affected versions:
- Adobe Flash Player 10.2.159.1 and earlier versions (Windows, Macintosh,Linux, Solaris)
- Adobe Flash Player 10.2.154.28 and earlier versions (Chrome)
- Adobe Flash Player 10.2.157.51 and earlier versions (Android)
- Adobe Flash Media Server 4.0.1 and earlier versions (Windows, Linux)
- Adobe Flash Media Server 3.5.5 and earlier versions (Windows, Linux)
- Adobe Audition 3.0.1 and earlier versions (Windows)
- Adobe RoboHelp 7 and 8 (Windows)
- Adobe RoboHelp Server 7 and 8 (Windows)

Details about available updates and other information can be read from Adobe PSIRT blog.

Wednesday, May 11, 2011

Microsoft Security Updates For May 2011

Microsoft has released security updates for May 2011. This month update contains fixes to three vulnerabilities.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Sunday, May 8, 2011

ESET Global Threat Report for April 2011

ESET has released a report discussing global threats of April 2011.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/PSW.OnLineGames (3.)
4. Win32/Sality (4.)
5. Win32/Autoit (9.)
6. Win32/Autorun (7.)
7. HTML/Iframe.B.Gen (15.)
8. Win32/Bflient (6.)
9. Win32/Tifaut.C (8.)
10. Win32/Spy.Ursnif.A (10.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format)

TDL4 Rootkit And 64-bit Windows

Last month, Microsoft released KB2506014 patch to fix a hole TDL4 rootkit had used to successfully bypass security implementions in the 64-bit version of Windows. Authors of TDL4 have now made some modifications to their evil creation to bypass Microsoft's patch. Below are links to two recent blog posts discussing the latest turn of this highly advanced rootkit.

TDL4 rootkit is coming back stronger than before by Marco Giuliani, Prevx
Backdoor.Tidserv and x64 by Mircea Ciubotariu, Symantec

Wednesday, May 4, 2011

MessageLabs Intelligence Report: April 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for April 2011.

Report highlights:
- Spam – 72.9% in April (a decrease of 6.4 percentage points since March 2011)
- Viruses – One in 168.6 emails in April contained malware (an increase of 0.11 percentage points since March 2011)
- Phishing – One in 242.2 emails comprised a phishing attack (an increase of 0.02 percentage points since March 2011)
- Malicious web sites – 2,431 web sites blocked per day (a decrease of 18.2% since March 2011)
- 33.0% of all malicious domains blocked were new in April (a decrease of 4.0 percentage points since March 2011)
- 22.5% of all web-based malware blocked was new in April (a decrease of 1.9 percentage points since March 2011)
- Targeted attacks increase in intensity: What does a recent targeted attack look like?
- Shortened URLs: Do you know what you’re clicking on?


The report can be viewed here.

Saturday, April 30, 2011

Mozilla Updates Available

Mozilla has released security bulletins related to found issues in some of their products. Four of these are categorized as critical, two as moderate and one as low.

Critical:
MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
MFSA 2011-13 Multiple dangling pointer vulnerabilities
MFSA 2011-15 Escalation of privilege through Java Embedding Plugin
MFSA 2011-17 WebGLES vulnerabilities

Moderate:
MFSA 2011-14 Information stealing via form history
MFSA 2011-16 Directory traversal in resource: protocol

Low:
MFSA 2011-18 XSLT generate-id() function heap address leak

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Tuesday, April 26, 2011

The Upcoming Royal Wedding And Malware

Malware spreaders are once again taking advantage of attracting event to get some dirty work done. This time it's a theme under the Royal Wedding ceremony that will take place on April 29. GFI LABS have a few entries about this in their blog:
http://sunbeltblog.blogspot.com/2011/04/fake-av-we-are-not-amused.html
http://sunbeltblog.blogspot.com/2011/04/collection-of-royal-wedding-fakeouts.html
http://sunbeltblog.blogspot.com/2011/04/kate-middleton-has-blog-and-some-fake.html

Time to be careful when looking for information about the Royal Wedding (or any hot topic at the moment) and clicking hits returned by web search engines or links seen on Facebook and other social media. More hints offers for example this post on F-Secure's Safe and Savvy blog.

Friday, April 22, 2011

Security Updates Available For Adobe Reader And Acrobat

Adobe has released updated version of their Adobe Reader and Acrobat products. The new version fixes a couple of critical vulnerabilities.

Patched versions were released for Adobe Reader 9.x and Acrobat 9.x series (and Adobe Reader X for Macintosh). Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

Details about available updates and other information can be read from Adobe Security Advisory APSB11-08.

Thursday, April 21, 2011

Oracle Critical Patch Update For Q2 of 2011

Oracle has released updates for their products that fix 73 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in July 2011.

Saturday, April 16, 2011

Security Update Available For Adobe Flash

Adobe has released patched version of their popular Flash Player. Version 10.2.159.1 fixes vulnerability that was announced earlier in Adobe's Security Advisory APSA11-02.

More information in Adobe's security bulletin.

Friday, April 15, 2011

New Chrome Version Released

Google has released a new version of their Chrome web browser. Version 10.0.648.205 contains a new version of Adobe Flash fixing a security vulnerability (CVE-2011-0611). New version patches also three security vulnerabilities in Chrome itself.

More information in Google Chrome Releases blog.

Patched Version of Safari Released

Apple has released a new versions of their Safari web browser. Version 5.0.5 contains fixes to two WebKit (=browser engine in Safari) vulnerabilities. These may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.0.5. Users of vulnerable Safari versions can get the latest version here.

More information of security content of 5.0.5 version can be read here.

Wednesday, April 13, 2011

Unpatched Vulnerability Affecting Adobe Products

There has been found a critical vulnerability (CVE-2011-0611) in Adobe Flash Player which also impacts the authplay.dll component shipping with Adobe Reader and Acrobat. The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. Adobe states that there are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat.

Affected versions are:
- Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.25 and earlier for Chrome users
- Adobe Flash Player 10.2.156.12 and earlier for Android
- The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems


Adobe states that it's finalizing a schedule for delivering updates to affected versions. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.


More information:
Security Advisory

Microsoft Security Updates For April 2011

Microsoft has released security updates for April 2011. This month update contains fixes to over 60 vulnerabilities.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Sunday, April 10, 2011

Vulnerability In VLC Player

There has been found a vulnerability in popular VLC media player. When parsing some MP4 (MPEG-4 Part 14) files, insufficient buffer size might lead to corruption of the heap (advisory). At the moment it's unknown whether malicious 3rd party could exploit the vulnerability to trigger arbitrary code execution.

The vulnerability affects VLC Player version 1.1.8 and earlier. Upcoming version 1.1.9 will patch this vulnerability. As a temporary workaround user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (or disable the VLC browser plugins), until the patch is applied. Another option is to remove the MP4 decoder plugin (libmp4_plugin.*) manually from the VLC plugin installation directory.

Thursday, April 7, 2011

Chrome To Protect From Malicious Downloads

Google plans to add a new feature to Chrome web browser to protect users from consequences of malicious download link clicking.

"Safe Browsing has done a lot of good for the web, yet the Internet remains rife with deceptive and harmful content. It’s easy to find sites hosting free downloads that promise one thing but actually behave quite differently. These downloads may even perform actions without the user’s consent, such as displaying spam ads, performing click fraud, or stealing other users’ passwords. Such sites usually don’t attempt to exploit vulnerabilities on the user’s computer system. Instead, they use social engineering to entice users to download and run the malicious content."

Upcoming feature in Chrome will make a warning appear if user attempts to download a suspected malicious executable file. This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API. Feature will be made available for Chrome development release first and target is to have it included in the next stable release of Chrome.

Source:
Google Online Security Blog

Friday, April 1, 2011

MessageLabs Intelligence Report: March 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for March 2011.

Report highlights:
- Spam – 79.3% in March (a decrease of 2.0 percentage points since February 2011)
- Viruses – One in 208.9 emails in March contained malware (an increase of 0.13 percentage points since February 2011)
- Phishing – One in 252.5 emails comprised a phishing attack (a decrease of 0.07 percentage points since February 2011)
- Malicious websites – 2,973 web sites blocked per day (a decrease of 27.5% since February 2011)
- 37.0% of all malicious domains blocked were new in March (a decrease of 1.9 percentage points since February 2011)
- 24.5% of all web-based malware blocked was new in March (an increase of 4.2 percentage points since February 2011)
- Global spam volumes drop by one third, as Rustock botnet is dismantled
- First review of spam-sending botnets in 2011 identified Bagle as most active botnet as Rustock fell silent


The report can be viewed here.

Tuesday, March 29, 2011

Spotify Attack Under Glass

Spotify is a popular streaming music service. Last week, many Spotify Free user met an unpleasant surprise when malware found its way into vulnerable systems via malicious ad shown in Spotify. Avast! Virus Lab has made some interesting remarks. "According to the avast! Virus Lab, the majority of Spotify users reporting the malware were in Sweden (59%), followed by a large group (40%) in the UK. The remaining 1% came from other countries. There were no reports from France – an interesting twist due to the large avast! user base there.", Lyle Frink writes in Avast blog.

Detailed report about Spotify malicious ad problem can be read at Websense.com.

Saturday, March 26, 2011

Another Return of GpCode

Kaspersky warns about a new version of nasty Gpcode ransomware type pest that encrypts files on infected system with a strong encryption and tries to make victim pay for getting those decrypted.

The program spreads via malicious websites as a drive by download. Kaspersky detect the pest as Trojan-Ransom.Win32.Gpcode.bn.

Due to heavy cryptography used, the encrypted files cannot be recovered making existing backups only possible solution (one good reason to have all important stuff always backed up on separate location).

More information can be read from Kaspersky blog.

Tuesday, March 22, 2011

Update For Adobe Reader And Acrobat

Adobe has released updated version of their Adobe Reader and Acrobat products. The new version fixes a vulnerability (CVE-2011-0609), as referenced in Adobe Security Advisory APSA11-01, that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Patched versions were released for Adobe Reader 9.x and Acrobat 9.x & X (10.x) series. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

Details about available updates and other information can be read from Adobe Security Advisory APSB11-06.

Patch For Adobe Flash Player

Adobe has released updated version of their Flash Player. The new version fixes a vulnerability (CVE-2011-0609), as referenced in Adobe Security Advisory APSA11-01, could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild against Flash Player in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.

Affected software:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- Adobe AIR 2.5.1 and earlier for Windows, Macintosh and Linux


Users of affected software should update their versions to the latest ones. More information can be read from Adobe's security bulletin.

Friday, March 18, 2011

PHP 5.3.6 Released

PHP development team has released 5.3.6 version of PHP scripting language. New version fixes big amount of bugs of which some are security related. All PHP users are recommended to upgrade their versions to this latest release.

More details about 5.3.6 release can be read from the official release announcement.

Tuesday, March 15, 2011

Internet Explorer 9 Released

Microsoft has released version 9 of their Internet Explorer (IE) web browser. IE9 brings new features like faster browsing experience and different security and privacy related features like ActiveX Filtering and Tracking Protection.

More information about Internet Explorer can be read from IEBlog at MSDN.

Internet Explorer 9 can be downloaded here.

Security Vulnerability Affecting Adobe Products

There has been found a critical vulnerability (CVE-2011-0609) in Adobe Flash Player which also impacts the authplay.dll component shipping with Adobe Reader and Acrobat. The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. Adobe states that there are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat.

Affected versions are:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

Adobe plans to have patched versions ready during the week of March 21, 2011. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.


More information:
Security Advisory
Adobe Secure Software Engineering Team (ASSET) Blog

Thursday, March 10, 2011

Safari 5.0.4 Available

Apple has released a new versions of their Safari web browser. Version 5.0.4 contains fixes to several vulnerabilities. These may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.0.4. Users of vulnerable Safari versions can get the latest version here.

More information of security content of 5.0.4 version can be read here.

Wednesday, March 9, 2011

Google Chrome 10 Available

Google has released a new version of their Chrome web browser. Among some new features version 10.0.648.127 fixes also a bunch of security vulnerabilities.

More information in Google Chrome Releases blog.

Microsoft Security Updates For March 2011

Microsoft has released security updates for March 2011. This month update contains fixes to four vulnerabilities.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Tuesday, March 8, 2011

MessageLabs Intelligence Report: February 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for February 2011.

Report highlights:
- Spam – 81.3% in February (an increase of 2.7 percentage points since January 2011)
- Viruses – One in 290.1 emails in February contained malware (an increase of 0.07 percentage points since January 2010)
- Phishing – One in 216.7 emails comprised a phishing attack (an increase of 0.22 percentage points since January 2010)
- Malicious websites – 4,098 web sites blocked per day (a decrease of 13.7% since January 2011)
- 38.9% of all malicious domains blocked were new in February (a decrease of 2.2 percentage points since January 2010)
- 20.3% of all web-based malware blocked was new in February (a decrease of 1.5 percentage points since January 2010)
- Synchronized, Integrated Attacks in February: Bredolab, Zeus and SpyEye
- Diversification in Targeted Malware: PDF files become attack vector of choice
- Blog: New pharmacy spam campaign uses Google brand-hijacking
- Blog: Tenth Anniversary of the Anna Kournikova virus
- Blog: 419 Scammers Plan Ahead with 2022 World Cup Scams


The report can be viewed here.

Thursday, March 3, 2011

iTunes 10.2 Released

Apple has released version 10.2 of their iTunes media player. New version fixes bunch of security vulnerabilities of which some allow an attacker to execute arbitrary code in target system. Latest version can be downloaded here.

More information about the update can be read from related security bulletin.

Wednesday, March 2, 2011

Chrome Update Released

Google has released a new version of their Chrome web browser. Version 9.0.597.107 fixes 19 vulnerabilities (one affecting 64-bit Linux only) of which 16 are high and three medium categorized.

More information in Google Chrome Releases blog.

Security Updates To Mozilla Products

Mozilla has released security bulletins related to found issues in some of their products. Eight of the fixed vulnerabilities are categorized as critical, one as high and one as moderate.

Critical:
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)

High:
MFSA 2011-10 CSRF risk with plugins and 307 redirects

Moderate:
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Sunday, February 27, 2011

TDL Rootkit Under Glass

Security Researcher Curt W from Perpetual Horizon Security Research Labs has written about his findings related to widely spread TDL rootkit. Parts 1 & 2 are available for reading at Perpetual Horizon blog:
Peeling Apart TDL4 and Other Seeds of Evil Part I
Peeling Apart TDL4 and Other Seeds of Evil Part II

Wednesday, February 16, 2011

New Java Updates Available

Oracle has released update for Java SE and Java for Business. The update fixes 21 security vulnerabilities of which 19 can be exploited to execute arbitrary code in affected system.

Affected versions are:
- Java SE:
• JDK and JRE 6 Update 23 and earlier for Windows, Solaris, and Linux
• JDK 5.0 Update 27 and earlier for Solaris 9
• SDK 1.4.2_29 and earlier for Solaris 8

- Java for Business:
• JDK and JRE 6 Update 23 and earlier for Windows, Solaris and Linux
• JDK and JRE 5.0 Update 27 and earlier for Windows, Solaris and Linux
• SDK and JRE 1.4.2_29 and earlier for Windows, Solaris and Linux

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available.

Thursday, February 10, 2011

RealPlayer Update Available

RealNetworks has released updated version of their RealPlayer. New version contains a fix to following vulnerability:

CVE-2011-0694
RealPlayer Predictable Temporary File Remote Code Execution Cross Domain Scripting Vulnerability
Affected software: Windows RealPlayer 14.0.1 and prior; RealPlayer Enterprise 2.1.4 and prior.


Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Shockwave Player Update

Adobe has released updated version of their Shockwave Player. The new version fixes a bunch of vulnerabilities:
- a memory corruption vulnerability in the dirapi.dll module that could lead to code execution (CVE-2010-2587).
- a memory corruption vulnerability in the dirapi.dll module that could lead to code execution (CVE-2010-2588).
- an integer overflow vulnerability in the dirapi.dll module that could lead to code execution (CVE-2010-2589).
- a use-after-free vulnerability that could lead to code execution (CVE-2010-4092).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4093).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4187).
- a memory corruption vulnerability in the dirapi.dll module that could lead to code execution (CVE-2010-4188).
- a memory corruption vulnerability in the IML32 module that could lead to code execution (CVE-2010-4189).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4190).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4191).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4192).
- an input validation vulnerability that could lead to code execution (CVE-2010-4193).
- an input validation vulnerability in the dirapi.dll module that could lead to code execution (CVE-2010-4194).
- an input validation vulnerability in the TextXtra module that could lead to code execution (CVE-2010-4195).
- an input validation vulnerability in the Shockwave 3d Asset module that could lead to code execution (CVE-2010-4196).
- a memory corruption vulnerability that could lead to code execution (CVE-2010-4306).
- a buffer overflow vulnerability that could lead to code execution (CVE-2010-4307).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0555).
- a memory corruption vulnerability in the Font Xtra.x32 module that could lead to code execution (CVE-2011-0556).
- an integer overflow vulnerability that could lead to code execution (CVE-2011-0557).
- a memory corruption vulnerability in the Font Xtra.x32 module that could lead to code execution (CVE-2011-0569).



Users of Adobe Shockwave Player 11.5.9.615 and earlier should update to Adobe Shockwave Player 11.5.9.620. More information can be read from Adobe's security bulletin.

Wednesday, February 9, 2011

Security Update For Flash Player

Adobe has released updated version of their Flash Player. The new version fixes a bunch of vulnerabilities:
- an integer overflow vulnerability that could lead to code execution (CVE-2011-0558).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0559).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0560, CVE-2011-0561).
- multiple memory corruption vulnerabilities that could lead to code execution (CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574).
- a library-loading vulnerability that could lead to code execution (CVE-2011-0575).
- a font-parsing vulnerability that could lead to code execution (CVE-2011-0577).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0578).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0607).
- a memory corruption vulnerability that could lead to code execution (CVE-2011-0608).


Users of Adobe Flash Player 10.1.102.64 and earlier should update to Adobe Flash Player 10.2.152.26. More information can be read from Adobe's security bulletin.

Adobe Reader And Acrobat Updates

Adobe has released a security update for Adobe Reader and Adobe Acrobat.

Affected versions:

*of series X (10.x)
Adobe Reader older than 10.0.1
Adobe Acrobat older than 10.0.1

*of series 9.x
Adobe Reader older than 9.4.2
Adobe Acrobat older than 9.4.2

*of series 8.x
Adobe Reader older than 8.2.6
Adobe Acrobat older than 8.2.6


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
Acrobat 3D


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Tuesday, February 8, 2011

Microsoft Security Updates For February 2011

Microsoft has released security updates for February 2011. This month update contains fixes to 22 vulnerabilities.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Thursday, February 3, 2011

MessageLabs Intelligence Report: January 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for January 2011.

Report highlights:
- Spam – 78.6% in January (a decrease of 3.1 percentage points since December 2010)

- Viruses – One in 364.8 emails in January contained malware (a decrease of 0.03 percentage points since December 2010)

- Phishing – One in 409.7 emails comprised a phishing attack (an increase of 0.004 percentage points since December 2010)

- Malicious websites – 2,751 websites blocked per day (a decrease of 21.5% since December 2010)

- 41.1% of all malicious domains blocked were new in January (an increase of 7.9 percentage points since December 2010). An increase in malicious domains may be related to the high proportion of email malware that also contained malicious hyperlinks; 65.1% of email malware in January contained malicious links.

- 21.8% of all web-based malware blocked was new in January (a decrease of 3.1 percentage points since December 2010)

- Spam volumes fall to lowest level in two years

- Why did global spam volumes decline in December 2010?

- The balance of power shifts between pharmaceutical spam gangs

- Blog: Targeted attack reveals new social engineering twist


The report can be viewed here.

Tuesday, February 1, 2011

Vulnerabilities In VLC Player

VideoLAN project has released a new version of their VLC media player. Version 1.1.7 fixes two vulnerabilities:
-When parsing an invalid CDG file, insufficient boundary checks might lead to corruption of the heap. (advisory)
-When parsing an invalid MKV (Matroska or WebM) file, input validation are insufficient. (advisory)

The first vulnerability affects VLC Player version 1.1.5 and the second one version 1.1.6.1 and earlier.

At the moment of writing this, version 1.1.7 is not available on the download page, yet. However, it can be manually downloaded from VLC FTP archive.

Monday, January 31, 2011

Security Patch For RealPlayer

RealNetworks has released updated version of their RealPlayer. New version contains a fix to following vulnerability:

CVE-2010-4393
RealPlayer vidplin AVI Header Heap Corruption Vulnerability
Affected software: Windows RealPlayer 14.0.1 and prior


Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Windows MHTML Vulnerability

There has been found a MHTML handling related vulnerability in all supported versions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various web sites, resulting in information disclosure.

At the moment, there is not a security update against the problem yet. Workaround for the issue is introduced in related security advisory.

More information:
http://blogs.technet.com/b/srd/archive/2011/01/28/more-information-about-the-mhtml-script-injection-vulnerability.aspx
http://www.microsoft.com/technet/security/advisory/2501696.mspx

Thursday, January 27, 2011

OpenOffice 3.3 Released

OpenOffice.org has released a new version of OpenOffice. The fresh version contains fixes for nine vulnerabilities:
- CVE-2010-2935 / CVE-2010-2936: Security Vulnerability in OpenOffice.org related to PowerPoint document processing
- CVE-2010-3450: Security Vulnerability in OpenOffice.org related to Extensions and filter package files
- CVE-2010-3451 / CVE-2010-3452: Security Vulnerability in OpenOffice.org related to RTF document processing
- CVE-2010-3453 / CVE-2010-3454: Security Vulnerability in OpenOffice.org related to Word document processing
- CVE-2010-3689: Insecure LD_LIBRARY_PATH usage in OpenOffice.org shell scripts
- CVE-2010-3702 / CVE-2010-3704: Security Vulnerability in OpenOffice.org's PDF Import extension resulting from 3rd party library XPDF
- CVE-2010-4008 / CVE-2010-4494: Possible Security Vulnerability in OpenOffice.org resulting from 3rd party library LIBXML2
- CVE-2010-4253: Security Vulnerability in OpenOffice.org related to PNG file processing
- CVE-2010-4643: Security Vulnerability in OpenOffice.org related to TGA file processing



More information about OpenOffice security fixes can be found here and about other changes can be read from Release Notes. OpenOffice 3.3 can be downloaded here.