Tuesday, March 29, 2011

Spotify Attack Under Glass

Spotify is a popular streaming music service. Last week, many Spotify Free user met an unpleasant surprise when malware found its way into vulnerable systems via malicious ad shown in Spotify. Avast! Virus Lab has made some interesting remarks. "According to the avast! Virus Lab, the majority of Spotify users reporting the malware were in Sweden (59%), followed by a large group (40%) in the UK. The remaining 1% came from other countries. There were no reports from France – an interesting twist due to the large avast! user base there.", Lyle Frink writes in Avast blog.

Detailed report about Spotify malicious ad problem can be read at Websense.com.

Saturday, March 26, 2011

Another Return of GpCode

Kaspersky warns about a new version of nasty Gpcode ransomware type pest that encrypts files on infected system with a strong encryption and tries to make victim pay for getting those decrypted.

The program spreads via malicious websites as a drive by download. Kaspersky detect the pest as Trojan-Ransom.Win32.Gpcode.bn.

Due to heavy cryptography used, the encrypted files cannot be recovered making existing backups only possible solution (one good reason to have all important stuff always backed up on separate location).

More information can be read from Kaspersky blog.

Tuesday, March 22, 2011

Update For Adobe Reader And Acrobat

Adobe has released updated version of their Adobe Reader and Acrobat products. The new version fixes a vulnerability (CVE-2011-0609), as referenced in Adobe Security Advisory APSA11-01, that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Patched versions were released for Adobe Reader 9.x and Acrobat 9.x & X (10.x) series. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.

Details about available updates and other information can be read from Adobe Security Advisory APSB11-06.

Patch For Adobe Flash Player

Adobe has released updated version of their Flash Player. The new version fixes a vulnerability (CVE-2011-0609), as referenced in Adobe Security Advisory APSA11-01, could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild against Flash Player in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment.

Affected software:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- Adobe AIR 2.5.1 and earlier for Windows, Macintosh and Linux


Users of affected software should update their versions to the latest ones. More information can be read from Adobe's security bulletin.

Friday, March 18, 2011

PHP 5.3.6 Released

PHP development team has released 5.3.6 version of PHP scripting language. New version fixes big amount of bugs of which some are security related. All PHP users are recommended to upgrade their versions to this latest release.

More details about 5.3.6 release can be read from the official release announcement.

Tuesday, March 15, 2011

Internet Explorer 9 Released

Microsoft has released version 9 of their Internet Explorer (IE) web browser. IE9 brings new features like faster browsing experience and different security and privacy related features like ActiveX Filtering and Tracking Protection.

More information about Internet Explorer can be read from IEBlog at MSDN.

Internet Explorer 9 can be downloaded here.

Security Vulnerability Affecting Adobe Products

There has been found a critical vulnerability (CVE-2011-0609) in Adobe Flash Player which also impacts the authplay.dll component shipping with Adobe Reader and Acrobat. The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. Adobe states that there are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat.

Affected versions are:
- Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.2.154.18 and earlier for Chrome users
- Adobe Flash Player 10.1.106.16 and earlier for Android
- The Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

Adobe plans to have patched versions ready during the week of March 21, 2011. Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, Adobe is currently planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011.


More information:
Security Advisory
Adobe Secure Software Engineering Team (ASSET) Blog

Thursday, March 10, 2011

Safari 5.0.4 Available

Apple has released a new versions of their Safari web browser. Version 5.0.4 contains fixes to several vulnerabilities. These may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.0.4. Users of vulnerable Safari versions can get the latest version here.

More information of security content of 5.0.4 version can be read here.

Wednesday, March 9, 2011

Google Chrome 10 Available

Google has released a new version of their Chrome web browser. Among some new features version 10.0.648.127 fixes also a bunch of security vulnerabilities.

More information in Google Chrome Releases blog.

Microsoft Security Updates For March 2011

Microsoft has released security updates for March 2011. This month update contains fixes to four vulnerabilities.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Tuesday, March 8, 2011

MessageLabs Intelligence Report: February 2011

MessageLabs has published their Intelligence report that sums up the latest threat trends for February 2011.

Report highlights:
- Spam – 81.3% in February (an increase of 2.7 percentage points since January 2011)
- Viruses – One in 290.1 emails in February contained malware (an increase of 0.07 percentage points since January 2010)
- Phishing – One in 216.7 emails comprised a phishing attack (an increase of 0.22 percentage points since January 2010)
- Malicious websites – 4,098 web sites blocked per day (a decrease of 13.7% since January 2011)
- 38.9% of all malicious domains blocked were new in February (a decrease of 2.2 percentage points since January 2010)
- 20.3% of all web-based malware blocked was new in February (a decrease of 1.5 percentage points since January 2010)
- Synchronized, Integrated Attacks in February: Bredolab, Zeus and SpyEye
- Diversification in Targeted Malware: PDF files become attack vector of choice
- Blog: New pharmacy spam campaign uses Google brand-hijacking
- Blog: Tenth Anniversary of the Anna Kournikova virus
- Blog: 419 Scammers Plan Ahead with 2022 World Cup Scams


The report can be viewed here.

Thursday, March 3, 2011

iTunes 10.2 Released

Apple has released version 10.2 of their iTunes media player. New version fixes bunch of security vulnerabilities of which some allow an attacker to execute arbitrary code in target system. Latest version can be downloaded here.

More information about the update can be read from related security bulletin.

Wednesday, March 2, 2011

Chrome Update Released

Google has released a new version of their Chrome web browser. Version 9.0.597.107 fixes 19 vulnerabilities (one affecting 64-bit Linux only) of which 16 are high and three medium categorized.

More information in Google Chrome Releases blog.

Security Updates To Mozilla Products

Mozilla has released security bulletins related to found issues in some of their products. Eight of the fixed vulnerabilities are categorized as critical, one as high and one as moderate.

Critical:
MFSA 2011-09 Crash caused by corrupted JPEG image
MFSA 2011-07 Memory corruption during text run construction (Windows)
MFSA 2011-06 Use-after-free error using Web Workers
MFSA 2011-05 Buffer overflow in JavaScript atom map
MFSA 2011-04 Buffer overflow in JavaScript upvarMap
MFSA 2011-03 Use-after-free error in JSON.stringify
MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)

High:
MFSA 2011-10 CSRF risk with plugins and 307 redirects

Moderate:
MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey