SECURITY WARNINGS & Notices - Please post them here

[Hermite15]

yeah, sounds like it's the pdf (native structure) itself responsible for this possible threat >>> embedded virus contained in the document, not even using a security flaw. There's nothing Adobe can do against that. It's normally up to the user to be careful and avoid clicking, as long as a dialog box is displayed... but this can be controlled too according to the author of that article... I guess many other types of documents could be infected in a similar way. That's life, that's where you browse and how you browse. Legit sites don't spread such stuff, unless a site has been hacked...and I guess this sort of malware is absolutely undetectable by any AV...(may be if full file scan is selected, not sure...)

[polonus]

Hi Logos,

It won't work in FoxitReader when you will patch it, by taking support for url, launch, movie en sound out of the Reader,

polonus

[polonus]

Hi forum members,

Did you install the emergency patch for IE?; re: http://www.dshield.org/diary.html?storyid=8533
I did,

polonus

[bob3160]

Hi forum members,

Did you install the emergency patch for IE?; re: http://www.dshield.org/diary.html?storyid=8533
I did,

polonus

Isn't this covered in the various updates that have already been installed with auto update by MS

[Hermite15]

Hi forum members,

Did you install the emergency patch for IE?; re: http://www.dshield.org/diary.html?storyid=8533
I did,

polonus

Isn't this covered in the various updates that have already been installed with auto update by MS

yep, it's just that
http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx

[bob3160]

Hi forum members,

Did you install the emergency patch for IE?; re: http://www.dshield.org/diary.html?storyid=8533
I did,

polonus

Isn't this covered in the various updates that have already been installed with auto update by MS

yep, it's just that
http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx

Mine updated this morning with a greeting to reboot now or in 15 min.
More info here

[mkis]

Here's mine - come through yesterday when I powered on the computer

http://www.microsoft.com/security/updates/bulletins/201003_oob.aspx


The other entry for 31 /3 /10 is an optional Compatibility View tweak with market by market functionality
I ran a check through the optional updates after the auto updates had downloaded and before I restarted.
I install a lot of the optional updates - this time I also loaded the .NET optionals, since I have .NET on my system  

[YoKenny]

Mine updated this morning with a greeting to reboot now or in 15 min.  

My XP Pro system installed Cumulative Security Update for Internet Explorer 8 for Windows XP (KB980182) when I powered it off about midnight and my Windows 7 system updated just now when I went to Windows Update and it indicated an Important update was available.

[polonus]

Hi YoKenny,

Because they had experienced the exploit being abused in the wild and they could not wait any longer with a patch. There was a Fix-It for it already, but that now has been turned into a general patch for the various IE versions,

polonus

[polonus]

Hi malware fighters,

Foxit Reader will patch the unpatchable hole next week: http://forums.foxitsoftware.com/showthread.php?p=41323
Good news,

pol

[polonus]

Hi malware fighters,

The Torpig aka Sinowal, malware will put obfuscated malicious JavaScript into a website's pages and/or JavaScript files. The malcode on the website's pages and JavaScript files is being changed from time to time and might be removed completely as well. The malware gets onto the website through FTP compromised credentials through malware located on a nachine that has accessed the site throughFTP. To prevent the website from being reinfected change the FTP password ^remove the malware  from the infected machines before it will be use over and over again to access the website through FTP

FTP. Re: http://www.sophos.com/security/analyses/viruses-and-spyware/trojtorpigbl.html

The most recent script format is attached as a screendump (source: WhiteFirDesign)
Click to make more visable - pol

[llariel]

Firefox 3.6.3 fixes a critical security issue that could potentially allow remote code execution... More info here:

http://www.mozilla.org/security/announce/2010/mfsa2010-25.html

[Chris Thomas]

Exploits not needed to attack via PDF files


http://news.cnet.com/8301-27080_3-20001792-245.html

[Pondus]

DHS studying global response to Conficker botnet

The Conficker Working Group report could provide a template for future cyber attack responses, security experts say
http://www.infoworld.com/d/security-central/dhs-studying-global-response-conficker-botnet-127

[polonus]

Hi malware fighters,

PONDUS can you give this in English?
New JAVA malware misleads av scanners: http://www.idg.no/computerworld/tema/sikkerhet/article163040.ece

Also: http://www.woodmann.com/forum/archive/index.php/t-13454.html

pol