Donna's SecurityFlash

China Testing Mac Version of Green Dam Web Filter

donna — Fri, 03 Jul 2009 20:31:34 GMT

China's Ministry of Industry and Information Technology says the Green Dam mandate has only been delayed. Publisher Jinhui Computer System Engineering is reportedly testing a version of Green Dam for Apple's Mac computers, which have been exempt. Tests found Green Dam to be vulnerable to malware and ineffective, even blocking images of Garfield.

http://www.newsfactor.com/news/Mac-Version-of-Green-Dam-Expected/story.xhtml?story_id=0030006966ZO&full_skip=1

SMS Remote Code Execution Vulnerability in iPhone

donna — Fri, 03 Jul 2009 20:29:33 GMT

Charlie Miller, a well-known security researcher who specializes in Mac and iPhone security, yesterday revealed information about a new vulnerability in iPhone that allows remote code execution via SMS. Not a lot is known about the vulnerability, which was announced at the SyScan conference in Singapore, except that Charlie is working with Apple to get it fixed as soon as possible.

This is about as bad as it gets as the vulnerability seems to allow unsigned code to run which circumvents a core part of iPhone's security model. It's usually only able to run signed code, i.e. Apps that have been approved by Apple. No user-interaction is required which is unlike current mobile malware.

http://www.f-secure.com/weblog/archives/00001714.html

Comodo removed Ask/IAC SafeSurf Toolbar by replacing it with HopSurf/IAC/Ask Toolbar

donna — Fri, 03 Jul 2009 14:45:46 GMT

So Comodo’s promise to remove SafeSurf Toolbar happened but not to finish their agreement with A$k/IAC. Instead, the new version of Comodo is now bundled with HopSurf Toolbar which is IAC/Ask.com too. The installer become worst because there’s no EULA presented in addition to known method of misleading people by offering unnecessary third party service/component in a SECURITY software. Note that it is a security software that should offer clean installer no?

Screenshots at http://www.calendarofupdates.com/updates/index.php?s=&showtopic=19279&view=findpost&p=83848

Their announcement says:

What's New In 3.10.101801.529?
==============================
NEW! COMODO Secure DNS is introduced as a new free service
NEW! COMODO HopSurf Toolbar - COMODO SafeSurf Toolbar has been discontinued and superseded by COMODO HopSurf Toolbar
NEW! CIS now allows the users to change the URL for the program and virus updates
IMPROVED! CIS now has a better support for Windows Security Center integration in Windows Vista SP1 and later
IMPROVED! AV engine now supports more archives and has better detection capabilities
IMPROVED! Direct disk access false alerts have been reduced
FIXED! Some applications do not run when CIS is installed in Vista 64 bit
FIXED! Antivirus scans excluded folders
FIXED! Firewall does not show some connections under high load
FIXED! Firewall sometimes causes the PC to freeze in windows XP 32
FIXED! cfp.exe crashes when HIPS alerts timeout

http://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comodo_internet_security_310101801529_released-t41954.0.html

That NEW! COMODO Secure DNS is introduced as a new free service is from DNSadvantage.com/Neustar, Inc. and again, this NEW! COMODO HopSurf Toolbar - COMODO SafeSurf Toolbar has been discontinued and superseded by COMODO HopSurf Toolbar means you need to agree with (not included EULA in the installer) the EULA in using Ask Toolbar/IAC/Ask.com service. See HopSurf EULA online: https://accounts.comodo.com/hp/management/eula or http://www.hopsurf.com/license.jsp

Sunbelt partners with StopBadware.org

donna — Wed, 01 Jul 2009 18:35:39 GMT

New partner, new site reports
We’re very pleased to announce that, as of today, Sunbelt Software has joined Google as a data partner, providing updated data about badware websites to our Clearinghouse. (See the press release.) Sunbelt’s research director, Eric Howes, has helped us out for a long time as part of our working group, and it’s great to have the company on board in a more formal way. The new data allow us to extend and deepen our analysis of, and insight into, the badware website landscape.

http://blog.stopbadware.org/2009/06/30/new-partner-new-site-reports
http://www.stopbadware.org/home/pr_06302009
http://www.sunbeltsoftware.com/Press/Releases/?id=291

Kaspersky vs Zango

donna — Wed, 01 Jul 2009 18:31:56 GMT

Kaspersky Lab court ruling sets precedent for the anti-malware industry

Kaspersky Lab, a leading developer of secure content management systems, informs that the 9th U.S. Circuit Court of Appeals has ruled in Kaspersky Lab's favor in claims brought by Zango.

In a precedent-setting case for the Internet security industry, the 9th U.S. Circuit Court of Appeals ruled last week that Kaspersky Lab is entitled to immunity under the safe harbor provision of the Communications Decency Act from a suit claiming that its software interfered with the use of downloadable programs by customers of Zango.

The court ruled that Kaspersky Lab, which classified online media company Zango's software as malware and "protected" users from it accordingly, could not be held liable for any actions it took to manufacture and distribute the technical means to restrict Zango software’s access to others, as Kaspersky Lab deemed it “objectionable material.”

Zango sued Kaspersky Lab to force the company to reclassify Zango's programs as nonthreatening and to prevent Kaspersky Lab's security software from blocking Zango's potentially undesirable programs. In a landmark ruling for the anti-malware industry, the 9th U.S. Circuit Court of Appeals affirmed a lower court ruling that Kaspersky Lab is a provider of an “interactive computer service” as defined in the Communications Decency Act of 1996.

The court decision stated: “Kaspersky contends that Zango's software is adware, and possibly spyware. Spyware, which is often installed on a computer without the user's knowledge or consent, covertly monitors the user's activities and exposes the user to the risk that his or her passwords and confidential information may be stolen… As its software qualifies, Kaspersky is entitled to Good Samaritan immunity.”

The ruling protects a consumer’s choice to determine what information and software is allowed on their computing systems, and protects the ability of anti-malware vendors to identify and label software programs that may be potentially unwanted and harmful to computer users. Kaspersky Lab's software is designed to do just that. Users can adjust the settings to allow certain programs of their choice to come through at all times.

http://www.kaspersky.com/news?id=207575851

Congratulations for your MVP Award, Steven Burn

donna — Wed, 01 Jul 2009 16:03:52 GMT

Our friend Steven Burn is now a Microsoft MVP. He received the award today for Consumer Security category in Microsoft MVP Program.

My Congrats to you Steven!

http://www.calendarofupdates.com/updates/index.php?showtopic=21050

Dell published the Windows 7 upgrade program today

donna — Thu, 25 Jun 2009 23:24:52 GMT

http://en.community.dell.com/blogs/direct2dell/archive/2009/06/25/dell-and-the-windows-7-upgrade-program.aspx

Windows Live Messenger 10th Anniversary—next month

donna — Thu, 25 Jun 2009 23:16:03 GMT

Windows Live Messenger Team blogs the 10th anniversary of Windows Live Messenger –> July 22, 2009

The Countdown to the Windows Live Messenger 10th Anniversary begins

Windows Live Messenger blog

My wish: Happy Advanced Anniversary!

My wishlist: Please release a standalone installer of Windows Live Messenger without the need for people to get it one by one: http://messengergeek.spaces.live.com/blog/cns!E3785B1281BBDA1!1723.entry (Thanks to Microsoft MVP Jonathan Kay for the nice work!)

Pre-order Windows 7: 50% discount

donna — Thu, 25 Jun 2009 23:03:20 GMT

Finally, as a way of saying thank you to our loyal Windows customers, we are excited to introduce a special time limited offer! We will offer people in select markets the opportunity to pre-order Windows 7 at a more than 50% discount. In the US, this will mean you can pre-order Windows 7 Home Premium for USD $49.99 or Windows 7 Professional for USD $99.99. You can take advantage of this special offer online via select retail partners such as Best Buy or Amazon, or the online Microsoft Store (in participating markets).

This program begins tomorrow in the U.S., Canada and Japan. The offer ends July 11th in the U.S. and Canada and on July 5th for Japan or while supplies last. Customers in the UK, France and Germany, can pre-order their copy of Windows 7 starting July 15th and will run until August 14th (or supplies last) to ensure folks don’t miss out on this. Act fast if you want to be the first in line to get Windows 7 at this screaming deal! Note: The special low pre-order price will vary per country.

I missed the above message. Thanks to CoU member, Weasel for noting it!

Software add-in with add-on

donna — Thu, 25 Jun 2009 20:10:38 GMT

Many people are not happy to receive a new PC with many crapplications. What they do is they reformat the new hard-drive to fresh install the system or they will use PC Decrapifier to remove the crapplications.

Many of us are not happy to see installers of software that have add-ons. Those add-ons are either third party or from the same vendor that is not always needed to run or operate the program that you want to install. See the growing number of software with add-ons at Calendar of Updates.

Today, I decided to check for updates for Windows (I have it turn off as I check for updates all the time anyway). What WU offered to me is an optional Office Live add-in with add-on!

People have to deal or watch for some much add-ons and add-ins already :(

Microsoft Security Beta 'Sells Out' Within 24 Hours

donna — Thu, 25 Jun 2009 19:33:46 GMT

The beta version of Microsoft 's security software is a hit. The software giant announced Wednesday on its Web site that it had reached the U.S. limit on downloads for Microsoft Security Essentials -- which was only made available Tuesday.

The general release of the free software is expected this fall.

"Alert!" said a posting on the Web page for the security software. "Thank you for your interest in joining the Microsoft Security Essentials Beta. We are not accepting additional participants at this time. Please check back at a later date for possible additional availability."

Limit Reached Within 24 Hours

The beta became available Tuesday morning and reached the limit for the U.S. and Israel within twenty-four hours. Microsoft had said it would allow 75,000 downloads for users in the U.S., Israel and Brazil.

According to news reports , the limit for the U.S. and Israel was reached at about 5 a.m. PDT Wednesday. The limit of 20,000 downloads for Brazilian users hadn't been reached, meaning 55,000 downloads were reserved for U.S. and Israel.

http://www.data-storage-today.com/news/PC-Security-Beta--Sells-Out--Quickly/story.xhtml?story_id=12100BSDE5OU

A dangerous mix: Twitter auto feeds combined with 140,000 followers

donna — Thu, 25 Jun 2009 19:28:39 GMT

It's a dangerous combination: 140,000 followers and a Twitter account that generates its Tweets from other pages via auto feeds. Unknown attackers have exploited the Twitter account of venture capitalist and former Apple evangelist Guy Kawasaki to spread links to malware. The link in a Tweet allegedly lead to sex videos involving American actress and singer-songwriter Leighton Meester: "Leighton Meester sex tape video free download!"

http://www.h-online.com/security/A-dangerous-mix-Twitter-auto-feeds-combined-with-140-000-followers--/news/113617

Leighton Meester sex tape lure spreads Mac and Windows malware to Twitter users
http://www.sophos.com/blogs/gc/g/2009/06/24/leighton

Microsoft Outlines Revenue Recognition for the Windows 7 Upgrade Option Program

donna — Thu, 25 Jun 2009 18:11:32 GMT

Microsoft Corp. today announced the start of the Windows 7 Upgrade Option program enabling consumers and small businesses to receive Windows 7 when they purchase a qualifying Windows Vista personal computer starting June 26, 2009. Under the program, designated PCs pre-installed with premium versions of Windows Vista will qualify for licenses of the equivalent Windows 7 product.

For more details on Windows 7 pricing and offers please see the company's announcement at www.windowsteamblog.com

http://news.prnewswire.com/DisplayReleaseContent.aspx?ACCT=104&STORY=/www/story/06-25-2009/0005050378&EDATE=

http://www.microsoft.com/Presspass/press/2009/jun09/06-25Windows7UpgradeOptionPR.mspx

http://windowsteamblog.com/blogs/windows7/archive/2009/06/25/announcing-the-windows-7-upgrade-option-program-amp-windows-7-pricing-bring-on-ga.aspx

Check out the New Windows 7 Packaging

Microsoft Hohm

donna — Thu, 25 Jun 2009 18:07:03 GMT

Microsoft Corp. today announced Microsoft Hohm, a new online application that enables consumers to better understand their energy usage, get recommendations and start saving money. Microsoft Hohm uses advanced analytics licensed from the Lawrence Berkeley National Laboratory and the U.S. Department of Energy to provide consumers with personalized energy-saving recommendations. Microsoft Hohm is an easy-to-use tool that helps consumers lower their energy bill and reduce their impact on the environment. The beta application is available at no cost to anyone in the United States with an Internet connection and can be accessed directly by visiting http://www.microsoft-hohm.com

http://www.microsoft.com/presspass/press/2009/jun09/06-24EnergyUsagePR.mspx

Kaspersky released 2010 editions of KAV and KIS

donna — Wed, 24 Jun 2009 14:52:32 GMT

The new version 2010 products incorporate the advantages of advanced Host-based Intrusion Prevention System (HIPS) technology in the Application Control module that assigns a security rating to previously unknown malware; unique Sandbox technology embodying virtualization technologies and providing a dedicated secure runtime environment; and the innovative Kaspersky Security Network that uses information from millions of users to dramatically reduce response times to new threats and replenish reputation databases with the most up-to-date information about clean and infected files.

The version 2009 products that were released last summer for personal use have won recognition from tens of millions of users all over the world, demonstrated their efficiency and reliability in hundreds of comparative tests, and established themselves as leaders in the global market. They are now succeeded by the new Kaspersky Lab products Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010, based on the very latest developments in IT security.

An even more secure environment is provided in Kaspersky Internet Security 2010 as the product integrates the “Safe Run” functionality based on the new Sandbox technology – unique for Internet Security Suites product range. “Safe Run” enables the user to run new software in an isolated environment that protects the operating system from all malicious changes. Statistically, it has been demonstrated that vulnerabilities in operating systems and trusted applications are often exploited by hackers to attack applications that make use of the Internet.

The “Safe Run” function makes surfing the Internet using various web browsers much safer and easier, as well as allowing any number of other applications to be run simultaneously. A green border around the application window also makes it easy for the user to see that it is protected.

http://www.kaspersky.com/news?id=207575849

I’m so interested with that Safe Run feature!

NOTE: Existing users of 2009 and v7 editions is eligible for Free upgrade to 2010 editions as long as the license/subscription is active. http://www.kaspersky.com/support/kis2010/license?qid=208280369

BING-VS-GOOGLE

donna — Wed, 24 Jun 2009 14:39:02 GMT

BING-VS-GOOGLE.COM (that’s http://www.bing-vs-google.com/)

Search or compare the search results using two engines - the popular one vs the new decision 'search' engine.

Thanks to Tom Kelchner @ Sunbelt Blog

Office OCX WordViewer.OCX Word Viewer ActiveX Multiple Vulnerabilities

donna — Wed, 24 Jun 2009 14:32:12 GMT

Vulnerable:
Office OCX Word Viewer 3.2.0.5
Office OCX Word Viewer 3.2

Word Viewer ActiveX control is prone to multiple denial-of-service and code-execution vulnerabilities.
Exploiting these issues allows remote attackers to crash applications that employ the vulnerable controls (typically Microsoft Internet Explorer). Attackers may also execute arbitrary code in the context of an affected user.

Word Viewer ActiveX Control 3.2.0.5 is reported vulnerable; other versions may also be affected.

http://www.officeocx.com/Word_ActiveX.htm
http://blog.trendmicro.com/another-messy-mass-compromise-emerges/
http://moaxb.blogspot.com/2007/05/moaxb-03-wordviewerocx-32-multiple_03.html
http://www.securityfocus.com/bid/23784/discuss

Adobe Security Bulletin: APSB09-08

donna — Wed, 24 Jun 2009 14:24:31 GMT

A Security Bulletin has been posted for Shockwave Player. Adobe is not currently aware of any exploits in the wild for this issue.
http://blogs.adobe.com/psirt/2009/06/security_bulletin_adobe_shockw.html
http://www.adobe.com/support/security/bulletins/apsb09-08.html

Make sure you have the latest version of Adobe Shockwave Player. The current version is 11.5.0.600. You can get it from http://get.adobe.com/shockwave/

We have this update in the calendar of updates: http://www.calendarofupdates.com/updates/index.php?showtopic=20544

Twitter users offered security plug-in (SecureTwitter)

donna — Tue, 23 Jun 2009 17:13:35 GMT

As Twitter becomes increasingly abused by hackers, Finjan Software has released a free browser add-on with a new feature that scans links and warns if they point to a page containing malware.

The SecureTwitter component is wrapped into SecureBrowsing, a plug-in for either the Firefox or Internet Explorer browsers, said Yuval Ben-Itzhak, Finjan's CTO.

SecureTwitter is designed to warn people about links that people post on the micro-blogging service. Because of Twitter's 140-character limit, most of the URLs posted have been shortened using services such as Bit.ly or TinyURL.

http://securebrowsing.finjan.com/
http://www.techworld.com/security/news/index.cfm?NewsID=117948

Microsoft Security Essentials Beta is now available

donna — Tue, 23 Jun 2009 15:54:52 GMT

http://www.microsoft.com/security_essentials/
Download via Connect (survey is offered to you before you can download): http://go.microsoft.com/fwlink/?LinkID=153446