Tag Archive | Microsoft Windows

New Java vulnerabilities found just after release of recent update

Only hours after the latest Java update, yet another set of vulnerabilities were discovered by security researchers. Now, plagues the question: “Is the Java team doing a good job patching security holes and generally producing secure software code?” What the problem is, is that Java is being actively exploited in the wild. That means hackers and malware writers are naturally targeting Java because of its open holes.

Because Oracle went quite a while before fixing a vulnerability, hackers and malware writers are having a ball game with Java Runtime Environment. Most of these exploits are targeting the Windows OS. Researchers find only a matter of time before it affects the Mac OS platform.

According to CNET, “Oracle broke its quarterly update schedule for Java and released update 7 for the runtime; however, even after this update, yet more vulnerabilities have been found.”

If that’s not problematic enough, many antivirus companies are failing to block the latest exploits for the Java vulnerabilities. Some of the newer avenues of infection and exploits, including ZeroAccess/Sirefef, Java vulnerabilities continue repeatedly. It’s been going on, seems like for ages.

Many question how much Oracle cares about this situation, or not taking it seriously enough. All that can be done is to keep a watch, check for updates every few days, and actually apply the updates to be protected.

 

Kaspersky Anti-Virus 2013 brings you the essential antivirus technologies that your PC needs – in a product that’s easy to download, install and run. Kaspersky Anti-Virus 2013 works behind-the-scenes – defending you and your PC against viruses, spyware, Trojans, rootkits and other threats… all without significant impact on your PC’s performance. Click Here

Adobe Releases Subsequent Updates for 6 Flaws

New releases of update from Adobe come a week after their recent release, which was critical. Having subsequent updates for critical flaws begs the question of whether or not Flash Player is safe. Looks as if AIR was affected, as well. This patching closes six vulnerabilities, helping to safeguard against hackers.

These platforms are affected, and now have a patch available for download:

  • Windows (New update: 11.4.402.265)
  • Mac (New update: 11.4.402.265)
  • Linux (New Update)
  • Android (New Update)

The customized Google Chrome version (Pepper) should be automatically update to version 11.3.31.230 for PC and 11.4.402.265 for Mac.

For Windows and Mac users, bear in mind the new Adobe AIR 3.4.0.2540, which you should include with your updates for Flash Player.

Last week’s update included a critical flaw (CVE-2012-1535) in Adobe Flash Player.

For this week’s update, it fixes the following, according to Adobe:

  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2012-4163, CVE-2012-4164, CVE-2012-4165, CVE-2012-4166).
  • These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2012-4167).
  • These updates resolve a cross-domain information leak vulnerability (CVE-2012-4168).

 

Rakshasa Case Study: Really Undetectable?

By Jay Pfoutz
Editor

Apparently, the new showy security threat is Rakshasa… At Black Hat Las Vegas, this new security technique was unveiled.

This new malware by researcher Jonathan Brossard is apparently ‘impossible to disinfect’.

Now, FIRST OF ALL!! – Anything created with man’s hands can be destroyed. I’d like to see this opinion last: undetectable, can’t be disinfected, etc.

The paper on Rakshasa can be found here. It describes a hardware backdoor. Unbeknownst to this artist researcher, companies like Kaspersky or ESET have already begun to craft hardware antivirus drivers. So, this backdoor hardware malware scheme is a bit late, but maybe just in time, too.

Will it be used? Who knows. That’s the scary part!

It is realistically a BIOSkit, a rootkit that infects the BIOS of the computer. What’s wrong with this…? It can be easily disinfected by flashing all of the devices of the computer, which apparently would be infected.

However, this malware has not been tested in an enterprise-based beta, which means just because it worked on a couple of machines does not mean it would work on any other computer. Impressive? Yes! But, not at all scary, yet.

What makes me more shocked, is that people will actually believe that this malware will not be able to be disinfected. But, this is the turnaround: it can be! This is nothing more than a BIOSkit, and we have seen BIOSkits removed in our leagues many times.

But, then again, people commonly believe rootkits are impossible to be removed too. Look…we proved them wrong!

By inflicting code signing for BIOS, just like all other hardware driver signing, can easily keep it blocked. Also, if BitLocker evolves in Windows 8 and further technologies, it could easily secure the OS. Also, things like device encryption, could be taken to a new level.

This is not a new vulnerability, and Brossard agrees.

I’m sure we’ll have more on this story as it develops in the future. Stay tuned to seCURE Connexion!

Blackhole Malware on Twitter: “It’s you on photo?”

Common Twitter scams have been highlighted over time by many security organizations. Please take note of the intro below, and then see the full investigation by Sophos:

If you are a Twitter user please be very cautious of clicking on links that claim you are pictured in an online photo.

Thousands of malicious links are being spammed out, targeting innocent users of the micro-blogging network.

The links point to Russian webpages that ultimately attempt to infect your Windows PC using the notorious Blackhole exploit kit.

Read more on Sophos Blog
Kaspersky Lab E-Store

Secunia Personal Software Inspector Updates – V. 3

Searching to simplify the process of vulnerability management for your Windows PC? Get Secunia PSI!

Secunia has released an upgrade to Personal Software Inspector (PSI). PSI is an automatic patch management system that keeps plugins, programs, and other components up-to-date for you!

The more configurable interface, automatic patching is enabled by default of course, it makes the software more comfortable to use. Some have complained that it gets stuck on scanning for updates, but I’m sure this will be fixed soon!

Feel free to learn more about Secunia PSI: http://secunia.com/vulnerability_scanning/personal/

See a video about PSI: http://www.youtube.com/watch?v=iUmaLmO0gx0

 

AD:

Manage vulnerabilities with Secunia PSI, and manage the performance of your PC with TuneUp!

With TuneUp Utilities 2012 improved performance, less energy consumption, a more streamlined Windows setup and PC in top shape – Try now for free!

%d bloggers like this: