- Security Center
- English ▾
- Contact Us
As the malware landscape evolves, it's helpful to understand how malware gets onto your machine. Knowing the bad guys' strategies gives you the edge while on-line and puts you in a stronger position to defend your data and PC against compromising threats.
We all know that we should install anti-malware software, keep it up to date and run regular scans, apply Windows and application security patches when they become available, use a firewall... well, I won't bore you - you know what to do. But what kind of attacks can we expect and where are they coming from?
Developing malware from scratch is a highly complex task that requires considerable skill and effort. In recent years, crimeware toolkits have taken the heavy lifting out of creating malware. Toolkits, such as MPack, Neospoit and Zeus, can be found for sale on underground hacking forums, lowering the skills barrier for would-be criminals. For a fee and with little effort, hackers can generate their own malware that can be used for stealing credit card details, passwords and other sensitive information.
Microsoft have published a Security Bulletin Summary for October 2011. Eight updates have been released including two "critical" and six "important" severity updates.
The patches address remote code execution, elevation of privilege and denial of service vulnerabilities within Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Silverlight, Microsoft Forefront United Access Gateway and Microsoft Host Integration Server.
Lavasoft attended the 21st Virus Bulletin conference in Barcelona from 5-7 October.
Virus Bulletin is a leading security industry publication who's annual conference presents the latest research, defensive procedures and the chance to discuss future developments and countermeasures. It also provides an opportunity for experts in the anti-malware arena to share their research interests, discuss technologies, as well as meet with - and learn from - those who put their technologies into practice in the real world.
Apple have released iTunes 10.2 which resolves multiple vulnerabilities, the most serious of which may lead to unexpected application termination and arbitrary code execution.
iTunes users are advised to read Apple's security summary HT4554 and update to the latest version.
Firefox 3.6.13 and Thunderbird 3.1.7 have been released. The latest versions include fixes to improve performance, stability and security.
11 Firefox updates, 9 of which are rated critical are included in this fix. More information here.
All 3 of the Thunderbird updates fix critical vulnerabilities. More info here.
Microsoft have published a Security Bulletin Advance Notification for December 2010. 17 updates are planned for 14th December including two "critical" and 14 "important" severity updates.
The patches address remote code execution, elevation of privilege and denial of service vulnerabilities within Windows, Internet Explorer, Microsoft Office, Microsoft Sharepoint and Microsoft Exchange.
Full details here.
In response to the volume of malware exploiting Adobe products, Adobe Reader X was released last week with its much anticipated new security feature, Protected Mode.
Protected Mode is based on Microsoft’s "Practical Windows Sandboxing" technique which you can read about here.
What does Protected Mode do? It displays PDF files in a highly restricted and confined environment. The restricted environment will help prevent a booby trapped PDF file from doing anything to your system.
Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Full Adobe advisory info here.
Affected software includes:
Microsoft has released a security advisory concerning a vulnerability affecting Internet Explorer versions 6, 7 and 8. This vulnerability may allow an attacker to execute arbitrary code. Full details here.
Visit Microsoft's page here to get full instructions. You can find the workarounds under the "Suggested Actions" twisty.