There have been found buffer overflow vulnerabilities in IBM Lotus Notes for Windows. The vulnerabilities could allow an attacker to execute arbitrary code in target system. To exploit the vulnerabilities user can be lured to open specially crafted file attachment.
Affected software:
IBM Lotus Notes 8.5.2
IBM Lotus Notes 8.5.1
IBM Lotus Notes 8.0.x
IBM Lotus Notes 7.x
IBM Lotus Notes 6.x
IBM Lotus Notes 5.x
At the moment there's a patch available for version 8.5.2 only. Users of other affected versions are advised to turn vulnerable feature off until the fix is available. More information about workarounds here.
Saturday, May 28, 2011
Tuesday, May 24, 2011
MAX++ Malware Back With x64 Version
MAX++ (aka ZeroAccess) trojan is not totally new malware but its x64 version is. "Computers are infected using a drive-by attack on a browser and its components via the Bleeding Life exploit kit. In particular, Acrobat Reader (CVE 2010-0188, CVE 2010-1297, CVE 2010-2884, CVE 2008-2992) and Java (CVE 2010-0842, CVE 2010-3552) modules are prone to attack.", explains Kaspersky Lab Expert Vasily Berdnikov in company's blog.
Detailed description of MAX++ x86 and x64 version behaviour can be read from the related Kaspersky blog post.
Detailed description of MAX++ x86 and x64 version behaviour can be read from the related Kaspersky blog post.
Thursday, May 19, 2011
Security Update For Opera Released
Sunday, May 15, 2011
Microsoft Security Intelligence Report Volume 10 Released
Microsoft has released volume 10 of their Security Intelligence Report (SIR). "The Security Intelligence Report (SIR) is an investigation of the current threat landscape. It analyzes exploits, vulnerabilities, and malware based on data from over 600 million systems worldwide, as well as internet services, and three Microsoft Security Centers." The latest, volume 10 covers year 2010.
The report can be downloaded here.
The report can be downloaded here.
Friday, May 13, 2011
Updates For Adobe Products Available
Adobe has released updates for their Adobe Flash Player, Flash Media Server, Audition and Robohelp products. In total 16 vulnerabilities were fixed and 15 of these being critical.
Affected versions:
- Adobe Flash Player 10.2.159.1 and earlier versions (Windows, Macintosh,Linux, Solaris)
- Adobe Flash Player 10.2.154.28 and earlier versions (Chrome)
- Adobe Flash Player 10.2.157.51 and earlier versions (Android)
- Adobe Flash Media Server 4.0.1 and earlier versions (Windows, Linux)
- Adobe Flash Media Server 3.5.5 and earlier versions (Windows, Linux)
- Adobe Audition 3.0.1 and earlier versions (Windows)
- Adobe RoboHelp 7 and 8 (Windows)
- Adobe RoboHelp Server 7 and 8 (Windows)
Details about available updates and other information can be read from Adobe PSIRT blog.
Affected versions:
- Adobe Flash Player 10.2.159.1 and earlier versions (Windows, Macintosh,Linux, Solaris)
- Adobe Flash Player 10.2.154.28 and earlier versions (Chrome)
- Adobe Flash Player 10.2.157.51 and earlier versions (Android)
- Adobe Flash Media Server 4.0.1 and earlier versions (Windows, Linux)
- Adobe Flash Media Server 3.5.5 and earlier versions (Windows, Linux)
- Adobe Audition 3.0.1 and earlier versions (Windows)
- Adobe RoboHelp 7 and 8 (Windows)
- Adobe RoboHelp Server 7 and 8 (Windows)
Details about available updates and other information can be read from Adobe PSIRT blog.
Wednesday, May 11, 2011
Microsoft Security Updates For May 2011
Microsoft has released security updates for May 2011. This month update contains fixes to three vulnerabilities.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
For consumer the easist way to get the update is to use Microsoft Update service.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
For consumer the easist way to get the update is to use Microsoft Update service.
Sunday, May 8, 2011
ESET Global Threat Report for April 2011
ESET has released a report discussing global threats of April 2011.
TOP 10 threats list (previous ranking listed too):
1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/PSW.OnLineGames (3.)
4. Win32/Sality (4.)
5. Win32/Autoit (9.)
6. Win32/Autorun (7.)
7. HTML/Iframe.B.Gen (15.)
8. Win32/Bflient (6.)
9. Win32/Tifaut.C (8.)
10. Win32/Spy.Ursnif.A (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format)
TOP 10 threats list (previous ranking listed too):
1. INF/Autorun (1.)
2. Win32/Conficker (2.)
3. Win32/PSW.OnLineGames (3.)
4. Win32/Sality (4.)
5. Win32/Autoit (9.)
6. Win32/Autorun (7.)
7. HTML/Iframe.B.Gen (15.)
8. Win32/Bflient (6.)
9. Win32/Tifaut.C (8.)
10. Win32/Spy.Ursnif.A (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format)
TDL4 Rootkit And 64-bit Windows
Last month, Microsoft released KB2506014 patch to fix a hole TDL4 rootkit had used to successfully bypass security implementions in the 64-bit version of Windows. Authors of TDL4 have now made some modifications to their evil creation to bypass Microsoft's patch. Below are links to two recent blog posts discussing the latest turn of this highly advanced rootkit.
TDL4 rootkit is coming back stronger than before by Marco Giuliani, Prevx
Backdoor.Tidserv and x64 by Mircea Ciubotariu, Symantec
TDL4 rootkit is coming back stronger than before by Marco Giuliani, Prevx
Backdoor.Tidserv and x64 by Mircea Ciubotariu, Symantec
Wednesday, May 4, 2011
MessageLabs Intelligence Report: April 2011
MessageLabs has published their Intelligence report that sums up the latest threat trends for April 2011.
Report highlights:
- Spam – 72.9% in April (a decrease of 6.4 percentage points since March 2011)
- Viruses – One in 168.6 emails in April contained malware (an increase of 0.11 percentage points since March 2011)
- Phishing – One in 242.2 emails comprised a phishing attack (an increase of 0.02 percentage points since March 2011)
- Malicious web sites – 2,431 web sites blocked per day (a decrease of 18.2% since March 2011)
- 33.0% of all malicious domains blocked were new in April (a decrease of 4.0 percentage points since March 2011)
- 22.5% of all web-based malware blocked was new in April (a decrease of 1.9 percentage points since March 2011)
- Targeted attacks increase in intensity: What does a recent targeted attack look like?
- Shortened URLs: Do you know what you’re clicking on?
The report can be viewed here.
Report highlights:
- Spam – 72.9% in April (a decrease of 6.4 percentage points since March 2011)
- Viruses – One in 168.6 emails in April contained malware (an increase of 0.11 percentage points since March 2011)
- Phishing – One in 242.2 emails comprised a phishing attack (an increase of 0.02 percentage points since March 2011)
- Malicious web sites – 2,431 web sites blocked per day (a decrease of 18.2% since March 2011)
- 33.0% of all malicious domains blocked were new in April (a decrease of 4.0 percentage points since March 2011)
- 22.5% of all web-based malware blocked was new in April (a decrease of 1.9 percentage points since March 2011)
- Targeted attacks increase in intensity: What does a recent targeted attack look like?
- Shortened URLs: Do you know what you’re clicking on?
The report can be viewed here.
Subscribe to:
Posts (Atom)
