DP's Security Bits

29 Internet Explorer
0 Restricted Sites
0 Firefox

15206 items in database

http://www.javacoolsoftware.com/downloads.html

Windows Multi Control System is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Multi Control System in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

http://www.bleepingcomputer.com/virus-removal/remove-windows-multi-control-system

2012-05-23
Trojans
+ Bancos + Bancos.Santander ++ BoanKeeper ++ Win32.Banker.prx ++ Win32.Barys.bho + Win32.Muollo + Win32.OnLineGames.down + Win32.OnLineGames.gen ++ Win32.Typic.bga + Win32.ZBot
Total: 2541906 fingerprints in 792410 rules for 6658 products.

http://www.safer-networking.org/en/index.html

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS11-100 - Critical
  * MS12-034 - Critical
  * MS12-035 - Critical
  * MS12-MAY

Bulletin Information:

* MS11-100 - Critical

  -http://technet.microsoft.com/security/bulletin/MS11-100
  - Reason for Revision: V1.5 (May 22, 2012): Added entry to the
    update FAQ to announce a detection change for KB2656352 for
    Microsoft .NET Framework 2.0 Service Pack 2 to correct an
    installation issue. This is a detection change only. There were
    no changes to the security update files. Customers who have
    already successfully updated their systems do not need to take
    any action.
  - Originally posted: December 29, 2011
  - Updated: May 22, 2012
  - Bulletin Severity Rating: Critical
  - Version: 1.5

* MS12-034 - Critical

  -http://technet.microsoft.com/security/bulletin/MS12-034
  - Reason for Revision: V1.2 (May 22, 2012): Added an entry to
    the Frequently Asked Questions (FAQ) Related to This Security
    Update section to explain this revision.
  - Originally posted: May 8, 2012
  - Updated: May 22, 2012
  - Bulletin Severity Rating: Critical
  - Version: 1.2

* MS12-035 - Critical

  -http://technet.microsoft.com/security/bulletin/MS12-035
  - Reason for Revision: V2.1 (May 22, 2012): Added entry to the
    update FAQ to announce a detection change for KB2604092 for
    Microsoft .NET Framework 2.0 Service Pack 2 and KB2604110 for
    Microsoft .NET Framework 3.0 Service Pack 2 to correct an
    installation issue. This is a detection change only. There were
    no changes to the security update files. Customers who have
    already successfully updated their systems do not need to take
    any action.
  - Originally posted: May 8, 2012
  - Updated: May 22, 2012
  - Bulletin Severity Rating: Critical
  - Version: 2.1

MS12-MAY

- http://technet.microsoft.com/security/bulletin/MS12-may
- Reason for Revision: V2.1 (May 22, 2012): For MS12-034, added
footnotes for security update KB2660649 for Windows Server 2008
and Windows Server 2008 R2. There were no changes to the
security update files. Customers who have successfully
installed the update do not need to take any action.
- Originally posted: May 8, 2012
- Updated: May 22, 2012
- Version: 2.1

Windows Private Shield is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Private Shield in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

http://www.bleepingcomputer.com/virus-removal/remove-windows-private-shield

Windows Pro Safety Release is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Pro Safety Release in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

http://www.bleepingcomputer.com/virus-removal/remove-windows-pro-safety-release

What is RealBoan?

The Malwarebytes research team has determined that RealBoan is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=110073

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS12-034 - Critical


Bulletin Information:

* MS12-034 - Critical

- http://technet.microsoft.com/security/bulletin/MS12-034
- Reason for Revision: V1.1 (May 16, 2012): Added a link to
Microsoft Knowledge Base Article 2681578 under Known Issues
in the Executive Summary. Also added Microsoft .NET Framework 1.1
Service Pack 1 to the Non-Affected Software table and corrected
the update replacement information for Microsoft Office.
These were informational changes only. There were no changes
to the security update files or detection logic.
- Originally posted: May 8, 2012
- Updated: May 16, 2012
- Bulletin Severity Rating: Critical
- Version: 1.1

2012-05-16
Malware
+ ClaroMultimedia + Win32.Autorun.ie ++ Win32.Downloader.bdld + Win32.FraudLoad.edt + Win32.Renos
Trojans
++ Conficker.rtk ++ Win32.Graftor.6078 + Win32.IRCBot + Win32.Mabezat + Win32.OnLineGames.down + Win32.OnLineGames.gen + Win32.SpyEye ++ Win32.Yakes.adkv + Win32.ZBot
Total: 2541129 fingerprints in 792248 rules for 6655 products.

http://www.safer-networking.org/en/index.html

What is Cen Protect?

The Malwarebytes research team has determined that Cen Protect is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=109934

Windows Secure Surfer is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Secure Surfer in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

http://www.bleepingcomputer.com/virus-removal/remove-windows-secure-surfer

What is Total Anti Malware Protection?

The Malwarebytes research team has determined that Total Anti Malware Protection is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=109828

Windows Be-on-Guard Edition is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Be-on-Guard Edition in order to clean it.

Once the rogue is installed on your computer it will be configured to start automatically when Windows starts. Once started it will perform a fake scan and then state that there are numerous infections present. If you attempt to use the program to remove these infections, though, it will state that you first need to purchase it before it can do so. This is a scam as the scan results are all fake, and in many cases, the infected files do not even exist on your computer. Therefore, please ignore the scan results and do not purchase the program.

http://www.bleepingcomputer.com/virus-removal/remove-windows-be-on-guard-edition

Summary

The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS12-035 - Critical
* MS12-MAY

Bulletin Information:

* MS12-035 - Critical

- http://technet.microsoft.com/security/bulletin/MS12-035
- Reason for Revision: V2.0 (May 11, 2012): Added an entry to the
update FAQ to communicate that security update KB2656353
addresses the vulnerabilities described in this bulletin for all
supported systems running Microsoft .NET Framework 1.1
Service Pack 1, except when installed on Windows Server 2003
Service Pack 2. There were no changes to the security update
files. Customers who have successfully installed the update
do not need to take any action.
- Originally posted: May 8, 2012
- Updated: May 11, 2012
- Bulletin Severity Rating: Critical
- Version: 2.0

* MS12-MAY

- http://technet.microsoft.com/security/bulletin/MS12-MAY
- Reason for Revision: V2.0 (May 11, 2012): For MS12-035,
corrected the security update number to KB2656353 for all
supported systems running Microsoft .NET Framework 1.1
Service Pack 1, except when installed on Windows Server 2003
Service Pack 2. There were no changes to the security update
files. Customers who have successfully installed the update
do not need to take any action.
- Originally posted: May 8, 2012
- Updated: May 11, 2012
- Version: 2.0

24 Internet Explorer

0 Restricted Sites

0 Firefox

15177 items in database

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.


* MS12-029 - Critical
* MS12-030 - Important
* MS12-032 - Important
* MS12-MAY


Bulletin Information:

* MS12-029 - Critical

- http://technet.microsoft.com/security/bulletin/MS12-029
- Reason for Revision: V1.1 (May 9, 2012): Corrected update replacement
information for Microsoft Office Compatibility Pack Service Pack 2.
This is a bulletin change only. There were no changes to detection
logic or security update files.
- Originally posted: May 8, 2012
- Updated: May 9, 2012
- Bulletin Severity Rating: Critical
- Version: 1.1

* MS12-030 - Important

- http://technet.microsoft.com/security/bulletin/MS12-030
- Reason for Revision: V1.1 (May 9, 2012): Removed erroneous reference
to known issues from the Executive Summary and updated the title of
CVE-2012-1847.
- Originally posted: May 8, 2012
- Updated: May 9, 2012
- Bulletin Severity Rating: Important
- Version: 1.1

* MS12-032 - Important

- http://technet.microsoft.com/security/bulletin/MS12-032
- Reason for Revision: V1.1 (May 9, 2012): Corrected mitigating factors
for CVE-2012-0174 and CVE-2012-0179 in the Vulnerability Information
section.
- Originally posted: May 8, 2012
- Updated: May 9, 2012
- Bulletin Severity Rating: Important
- Version: 1.1

* MS12-MAY

- http://technet.microsoft.com/security/bulletin/MS12-MAY
- Reason for Revision: V1.1 (May 9, 2012): Updated the title of
CVE-2012-1847 in the Exploitability Index.
- Originally posted: May 8, 2012
- Updated: May 9, 2012
- Version: 1.1

2012-05-09
Adware
+ Aureate
Malware
++ Sidego ++ Win32.Autorun.gen + Win32.FraudLoad.edt
PUPS
++ RiverNileCasino
Spyware
++ UltraAccessNetworks.NetBusPro
Trojans
+ Atraps.br + Bancos.prx + Banload ++ Win32.Autorun.bomb ++ Win32.Chiznit ++ Win32.Matsnu + Win32.OnLineGames.down + Win32.OnLineGames.gen
Total: 2539948 fingerprints in 791992 rules for 6646 products.

http://www.safer-networking.org/en/index.html

What is InterBoan?

The Malwarebytes research team has determined that InterBoan is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=109662

Event ID: 1032499667

Language(s):  English.
Product(s):  computer security and information security.
Audience(s):  IT Decision Maker and IT Generalist.

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

Presented By:

Pete Voss, Senior Response Communications Manager, Microsoft Corporation

Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms12-may

Critical (3)

Microsoft Security Bulletin MS12-029
Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352)
»technet.microsoft.com/en-us/secu···ms12-029

Microsoft Security Bulletin MS12-034
Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
»technet.microsoft.com/en-us/secu···ms12-034

Microsoft Security Bulletin MS12-035
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777)
»technet.microsoft.com/en-us/secu···ms12-035

Important (4)

Microsoft Security Bulletin MS12-030
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2663830)
»technet.microsoft.com/en-us/secu···ms12-030

Microsoft Security Bulletin MS12-031
Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597981)
»technet.microsoft.com/en-us/secu···ms12-031

Microsoft Security Bulletin MS12-032
Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338)
»technet.microsoft.com/en-us/secu···ms12-032

Microsoft Security Bulletin MS12-033
Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533)
»technet.microsoft.com/en-us/secu···ms12-033

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

.