Security and the Net

News and opinions about security, the internet and more

Entries Tagged ‘microsoft’

Zero-day exploit for IE7

Just in time for the holidays, a new bug has been found in Internet Explorer that enables hackers to execute arbitrary code. This was first reported by McAfee: The root cause was found to be the incorrect handling of certain XML tags in Internet Explorer 7.x that references already freed memory in the mshtml.dll. We […]

Comments (1)

Microsoft gets 5th place in Spamhaus worst networks list

Microsoft has risen to the top 5 of Spamhaus’s worst networks list; even though Microsoft has been notified of some issues months ago, several spam gangs are still using Microsoft’s servers to host spamvertised websites and to redirect unsuspecting users to malicious URL’s.¬† Richard Cox, CIO of Spamhaus, explains the listing: We have been notifying […]

Comments (1)

Patch Tuesday: MS08-68 and MS08-69

No big surprises from Microsoft this tuesday; there were no changes in the list of patches that were announced earlier. There are just two: MS08-068 is a patch for the¬†Server Message Block (SMB) Protocol on all currently supported versions of Windows; the bug can lead to remote code execution with the rights of the logged-on […]

Leave a Comment

Patch Tuesday november 2008

Microsoft has two updates planned for next tuesday: a critical update for the Core XML services (versions 3, 4, 5 and 6) and an important update for all currently supported versions of Windows. The Core XML services are not installed by default on most versions of Windows, but are included in other software such as […]

Comments (1)

MS08-67 updates: NT4 support, FAQ, reverse engineering

A quick update for those looking for more information about Microsoft’s latest RPC vulnerability (MS08-067): over the weekend, more information has become available. First, there is good news for those of you that are still running NT4. Patches for Windows NT are said to be available: Microsoft has created patches for NT4 Workstation, NT4 Server, […]

Leave a Comment

Gimmiv.A worm first to exploit MS08-67 vulnerability

Just hours after the release of the MS08-067 security bulletin, the Gimmiv.A worm is the first real malware taking advantage of the RPC vulnerability. There’s a good writeup of what the worm does here, so I won’t repeat it. The dropsite used by the worm to post logins and passwords it captured has been closed, […]

Leave a Comment

About Microsoft’s MS08-67 security bulletin

As you might have noticed, Microsoft released this security bulletin, MS08-067, about an hour ago. It’s rated as Critical on all Windows-versions except Vista and 2008, and you should install this ASAP, at the very least on any machine that isn’t protected by a firewall. While the vulnerability itself isn’t particularly interesting (it’s in the […]

Leave a Comment