Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2861229 times)

0 Members and 2 Guests are viewing this topic.

Avastfan1

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #540 on: July 01, 2010, 03:04:05 PM »
You 'installed' a work around? Or did you simply execute it?

YoKenny

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #541 on: July 01, 2010, 03:08:58 PM »
You 'installed' a work around? Or did you simply execute it?
I excuted the Fix it

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #542 on: July 01, 2010, 10:02:58 PM »
Hi malware fighters,

Adobe should do something for security = disable javascript by default: http://www.sophos.com/blogs/gc/g/2010/06/30/adobe-disable-javascript-default/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #543 on: July 01, 2010, 10:17:55 PM »
Hi malware fighters,

How the MS help-and-support-hole is now actively being exploited: http://blogs.technet.com/b/mmpc/archive/2010/06/30/attacks-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspx

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #544 on: July 03, 2010, 02:49:07 PM »
Most dangerous sites for trojan, watch here regularly: http://blog.urlvoid.com/dangerous-websites-used-to-spread-trojans/
Also visit this site for this week's top threats online: http://wam.dasient.com/wam/infection_library_index

polonus
« Last Edit: July 03, 2010, 03:33:28 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #545 on: July 03, 2010, 03:59:46 PM »
Hi malware fighters,

How the MS help-and-support-hole is now actively being exploited: http://blogs.technet.com/b/mmpc/archive/2010/06/30/attacks-on-the-windows-help-and-support-center-vulnerability-cve-2010-1885.aspx

polonus

I'm not convinced Microsoft Help and Support is altogether secure in any regard at the moment. For XP anyway.

I posted a while ago - 'And partly because for the first time  I am having update problems with IE (the kb979909 issue, which is .NET downloads), if I don't solve soon and with easy method (no uninstall) then I will probably post the problem to the forum'.

Well still having a few problems on one of my systems. I have opened a new topic to outline the isuue.

http://forum.avast.com/index.php?topic=61431.0
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Alan Baxter

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #546 on: July 03, 2010, 05:27:20 PM »
I'm not convinced Microsoft Help and Support is altogether secure in any regard at the moment. For XP anyway.

Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885) convinces me the protocol isn't secure.  The protocol can be exploited by any malicious or hacked website.

If you're using XP or Server 2003, enable the FixIt, NOW.
« Last Edit: July 03, 2010, 05:28:57 PM by Alan Baxter »

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #547 on: July 04, 2010, 09:15:30 AM »

Has anybody used the workaround? http://support.microsoft.com/kb/2219475
Installed ages ago on my XP Pro system when it was released June 14, 2010

I am making some progress -

Quote
Technical Information (Analysis)
Trojan:Win32/Orsam!rts is a name used for trojan detections that have been added to our signatures after advanced automated analysis.
 
The generic nature of this detection means that the malicious behaviors exhibited by files detected as Trojan:Win32/Orsam!rts are highly variable and may vary from once instance of this detection to the next.
 
No further information is currently available on this threat. However, should we receive a significant number of reports, then a specific detection will be added to our signatures and a detailed analysis will be added to the encyclopedia.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Avastfan1

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #548 on: July 04, 2010, 11:13:39 AM »
Thanks for all the replies.

I decided to install the FixIt!

Best wishes,

Avastfan1

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #549 on: July 04, 2010, 11:24:23 PM »
Hi malware fighters,

Watch out for the most aggressive malware attackers: http://mtc.sri.com/live_data/attackers/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #550 on: July 05, 2010, 05:31:19 AM »
I seem to have solved my issue concerning updates to .NET Framework.

I'm sorry but I cannot inform whether had anything to do with 'Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885)', despite my suspicion that something had gone amiss in Microsoft Update routine. Ultimately, I reinstall / upgrade Windows Installer using the following link -

http://www.microsoft.com/downloads/details.aspx?familyid=5A58B56F-60B6-4412-95B9-54D056D6F9F4&displaylang=en

Then I installed the remaining .NET downloads. The install process seemed labored but did complete with KB974417 being the final install. I was informed by Microsoft Update that I had hidden this install for the time being, something which I cannot recall doing, or in fact do not know how to do. (but in the heat of a moment I may have been presented with an option and followed the recommendation).

Now for Trojan:Win32/Orsam!rts -
figuring I had an MS issue and so could be solved by MS itself, I downloaded and ran Microsoft Security Essentials, which generated the orsam detection when I chose to run the Internet Explorer browser at one stage. As far as I can tell - but almost certainly - the orsam detection was a False Positive generated by having both MSE and avast!antivirus running as resident on the same system.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

CharleyO

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #551 on: July 05, 2010, 02:11:10 PM »
***

Mis-placed notice :

http://forum.avast.com/index.php?topic=50356.msg426510#msg426510

It had to happen sooner or later ... and it has been later than I thought it would be.
These have always been insecure applications.


***

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #553 on: July 10, 2010, 05:48:20 PM »
Hi malware fighters,

Microsoft to end security support for Windows XP Service Pack 2 · Hackers' nirvana on horizon as Microsoft ends security fixes for XP SP2: http://lastwatchdog.com/hackers-nirvana-horizon-microsofts-ends-patching/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

YoKenny

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #554 on: July 10, 2010, 06:36:52 PM »
Hi malware fighters,

Microsoft to end security support for Windows XP Service Pack 2 · Hackers' nirvana on horizon as Microsoft ends security fixes for XP SP2: http://lastwatchdog.com/hackers-nirvana-horizon-microsofts-ends-patching

See this
Quote
Hundreds of millions of vulnerable PCs

A service pack is a collection of updates, feature enhancements and security fixes delivered in a single download. Microsoft released SP2 in August 2004 mainly to beef up security. Then in April 2008, the company released SP3 with less fanfare, recommending that all XP units  be updated. Yet more than two years later, thousands of companies worldwide have not yet done so.
http://lastwatchdog.com/hackers-nirvana-horizon-microsofts-ends-patching

The USA is quite high on the most vulnerable list of infected systems.  :o