Powerpoint vulnerability to be fixed on Tuesday

Microsoft will release a fix for Powerpoint vulnerability on Tuesday. Classification of that vulnerability depends on Powerpoint version, for PowerPoint 2000 it is critical and for later versions it is important.

Microsoft Windows Malicious Software Removal Tool will also get updated.

Read more about May updates here

Unpatched vulnerability in older PowerPoint versions

Microsoft released recently a security advisory about remote code execution vulnerability in older Microsoft Office PowerPoint programs.

Vulnerability is in these versions of Powerpoint:

Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
Microsoft Office 2004 for Mac

Attack is able to perform using bad PowerPoint file but needs action from users side. One example where to get it could be email attachment.

If PowerPoint version is 2003, Microsoft recommends to use Microsoft Office Isolated Conversion Environment (MOICE) for opening PowerPoint documents as stated in earlier advisory

Microsoft is not sure if fix would be in April updates.

Microsoft January updates released yesterday

Microsoft January updates were released yesterday. This time there was one update which
is fix against Critical or Moderate vulnerability in remote code execution (depends on operating system).

Read more here

Microsoft December updates to be released tomorrow

Microsoft will released tomorrow in total 8 security updates in monthly update package. Six of them are classified as critical and two as important. Fixes are for Remote Code Execution Elevation of Privilege. Affected operating systems are Microsoft Windows 2000, Windows XP, Windows Vista and also server editions 2003 and 2008.

Microsoft Windows Malicious Software Removal Tool will also get updated.

Read more about those updates here

“Morro” replaces Windows Live OneCare

Microsoft announced that new anti-malware solution, which goes now under code named “Morro", will replace Windows Live OneCare in the second half of 2009.

Microsoft says that some non-security related things will get removed but core anti-malware features will stay and get better and program will be more lightweight. Windows Live OneCare subscription service will be discontinued due to "Morro" on June 30, 2009. "Morro" will work in Windows XP, Vista and in forecoming Windows 7.

November Microsoft updates out Tuesday

November Microsoft updates will be released on next tuesday.

This time there will be two updates, one classified as critical and another as important. They are against Remote Code Execution. Affected softwares are Windows and Office.

Microsoft Windows Malicious Software Removal Tool will also get updated.

Read more info here

Fake Microsoft update comes via email

Trend Micro blogged a couple of days ago about mail which has a fake Microsoft update included as an attachment.

Message itself looks pretty authentic with even included PGP signature and tells that Microsoft sends this update privately to prevent making more malware because of update.

If users runs attachments it adds itself to start automatically while Windows starts and attempts to download more malware.

After that it opens several ports which allows attackers to execute files, steal information from computer, or upload and download files.

October Microsoft updates to be released

Microsoft will release 11 updates on next Tuesday.

Six of them are classified as critical, 4 as important and 1 as moderate.

Microsoft Windows Malicious Software Removal Tool will also get updated.

Updates are for Excel and Windows itself and are against Remote Code Execution, Elevation of Privilege and Information Disclosure.

Read here for more information.

Microsoft is after scareware makers

I think that everyone of us has seen popup "warnings" while surfing that can for example say "you have 350 errors in your registry. click here to fix them".

Most of those programs advertised in those popups are either useless or rogues.

Washington Post writes that Microsoft will sue Branch Software because of their Registry Cleaner XP.

Other scareware programs that Microsoft is interested about are Antivirus 2009, Malwarecore, WinDefender, WinSpywareProtect and XPDefender.

September Microsoft updates to be released on Tuesday

Monthly Microsoft updates will be released on next Tuesday.

There will be four updates in total, all classified as critical.

All updates will be for Remote Code Execution and affected software are Windows (2000, XP, Vista and Server 2008), Internet Explorer, .NET Framework, Microsoft Office, SQL Server and Visual Studio.

Microsoft Malicious Software removal tool will also get updated.

Read more here

IE8 brings more privacy

Program Manager Andy Zeigler writes in blog about new privacy features in IE8.

Major improvements are:

* InPrivate™ Browsing lets you control whether or not IE saves your browsing history, cookies, and other data
* Delete Browsing History helps you control your browsing history after you’ve visited websites.
* InPrivate™ Blocking informs you about content that is in a position to observe your browsing history, and allows you to block it

* InPrivate Subscriptions allow you to augment the capability of InPrivate Blocking by subscribing to lists of websites to block or allow.

August monthly Microsoft updates to be released on Tuesday

Microsoft will release on next Tuesday in total 12 fixes for Windows.

Seven of them are classified as critical and five as important. Most of them will be fixes against remote code execution.

Microsoft Windows Malicious Software Removal Tool will be also updated.

For more information, read here

Microsoft monthly updates to be released on next Tuesday

Microsoft will release four updates next Tuesday, classified as important.

They are mainly fixes for elevation of privilege and remote code execution. Operating systems are Microsoft SQL Server 2000, Vista, XP and both Server 2003 and 2008.

Malicious Software Removal Tool will also be updated.

Read more here

Blade81 got MVP award!

A friend of mine and another Finn, Blade81, got MVP award yesterday due to helping victims getting clean in forums. He also teaches future malware fighters in Malware Removal forum.

Read more here

June Microsoft Updates to be released tomorrow

June Microsoft Updates will be released tomorrow. There will be 5 fixes in total, 3 of them are classified as critical, one as important and one as moderate.

There are fixes for eg. Bluetooth, Internet Explorer and DirectX.

Concerned operating systems are Windows XP, Windows Vista, Windows 2000 and Windows Server 2003 and 2008.

Read more here

Microsoft patented Proactive Virus Protection

Microsoft left that patent on year 2004 but it got accepted on Tuesday. Similar technique has been used in virus protection for a long time.

This is based on comparison about similarities between a possible malware and information already in database.

For example McAfee and Norton have used similar technique for years before Microsoft's patent.

We'll see if Microsoft contacts McAfee, Norton, Kaspersky etc. soon for some fees.

Source

May Windows Updates to be released on next Tuesday

Monthly Windows Updates will be released on next Tuesday.

There will be four updates, three of them classified as critical and one as moderate.

All critical updates are fixes for code execution vulnerabilities. Two of them are for Microsoft Office (Word and Publisher) and one for Jet Bulletin.

Microsoft Windows Malicious Software Removal Tool will be also updated.

See more here

April Microsoft Updates released

April Microsoft Updates have been released. There are in total 8 new updates. Five of them are classified as Critical and three as Important.

Microsoft Windows Malicious Software Removal Tool has also been updated.

Updates are for mainly Internet Explorer, Vista SP1 and Server 2008 (two updates are for other OSes as well) and MS Office.

Read more here

Microsoft February updates released

February updates have 11 updates which fix 17 vulnerabilities in Windows, Office and Works products.

Six of them are classified as critical, 3 of them is for Windows and 3 for Office. One of the critical Windows updates fixes 4 vulnerabilities in Internet Explorer considering handling of html pages, pictures, ActiveX components and memory. These vulnerabilities enable to execute malicious code
using user rights.

Other updates are for Windows Vista tcp/ip protocol stack, IIS server software and Active Directory directory service.

Office updates are for handling of objects in Office documents and .doc, .wps and .pub file formats. Attacker can execute malicious code using system rights if user opens a document created by certain way.

Excel vulnerability discussed in January was not fixed yet.

Read more here

Microsoft apologizes from Office users

I blogged earlier that Microsoft blocks some old format format in Office 2003 SP3 because of insecurity.

Now David LeBlanc from Microsoft Office team has replied to that in his blog

"In the KB article we stated that it was the file formats that were insecure, but this is actually not correct. A file format (with some exceptions, like .hlp files) isn't insecure – it's the code that reads the format that's more or less secure. The parsers we use for these older formats aren't as robust as the code we've written more recently, which is part of our decision to disable them by default"

"Some of the formats blocked are from products built by companies other than Microsoft, and we apologize for implying that there were any problems in those companies file formats."

Microsoft offers now .reg files for easier changing of security settings, links can be found from that blog.

LeBlanc states also that:

"we're not removing support – we're making the default safer. If you're among the users who do need to be opening these formats, we will continue to support you."