DP's Security Bits

2011-11-30
Dialer
++ Dialer.AdultAccess
Malware
+ AntiSpyWare2007 + Win32.FraudLoad.edt + Win32.Kazy.pld + Win32.Renos
Trojans
+ Banload.bho ++ Win32.Behav ++ Win32.Delf.quf + Win32.Muollo + Win32.NrgBot.rtk + Win32.OnLineGames.down + Win32.OnLineGames.gen ++ Win32.Smorph + Win32.ZBot ++ Win32.Zusy.21 + Yobdam.ait
Total: 2481671 fingerprints in 778792 rules for 6410 products
http://www.safer-networking.org/en/index.html

Prevent the installation of spyware, malware, and other potentially unwanted software!

New in this version:
-Added Pale Moon browser support.
-Improved support for the latest versions of Mozilla Firefox.
-Improved support for certain non-standard user account configurations.
-Improved installer experience on Windows Vista/7.
-Fixed rare updating issues.
-Numerous other bug fixes, optimizations, and tweaks

http://www.wilderssecurity.com/showthread.php?t=313051

33 New ActiveX additions

0 Restricted Sites

0 Mozilla Firefox

14771 items in database

Issued: November 23, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-025 - Important

Bulletin Information:

* MS11-025 - Important

- http://technet.microsoft.com/security/bulletin/MS11-025
- Reason for Revision: V4.1 (November 23, 2011): Corrected the
installation switches and switch tables for
Microsoft Visual C++ 2010 Redistributable Package and
Microsoft Visual C++ 2010 Redistributable Package Service Pack 1.
This is an informational change only.
- Originally posted: April 12, 2011
- Updated: November 23, 2011
- Bulletin Severity Rating: Important
- Version: 4.1

The MVPS HOSTS file was recently updated [November-23-2011]
http://winhelp2002.mvps.org/hosts.htm

Download: hosts.zip (147 kb)
http://winhelp2002.mvps.org/hosts.zip

How To: Download and Extract the HOSTS file
http://winhelp2002.mvps.org/hosts2.htm

HOSTS File - Frequently Asked Questions
http://winhelp2002.mvps.org/hostsfaq.htm

Note: the "text" version makes a great resource for determining possible unwanted connections ...
http://winhelp2002.mvps.org/hosts.txt (597 kb)

Get notified when the MVPS HOSTS file is updated
http://winhelp2002.mvps.org/updates.htm

2011-11-23
Malware
+ Fraud.Sysguard + Win32.FraudLoad.edt ++ Win32.Kazy.pld + Win32.Renos
Trojans
+ Win32.Buzus ++ Win32.Genome.cudo ++ Win32.MessengerPlus + Win32.Muollo ++ Win32.NrgBot.rtk + Win32.OnLineGames.down ++ Win32.Slenfbot.A ++ Win32.Smadow + Win32.ZBot
Total: 2479971 fingerprints in 778467 rules for 6394 products
http://www.safer-networking.org/en/index.html

Issued: November 16, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2641690)
- Title: Fraudulent Digital Certificates Could Allow Spoofing
- http://technet.microsoft.com/security/advisory/2641690
- Revision Note: V2.0 (November 16, 2011): Revised to announce
the rerelease of the KB261690 update. See the Update FAQ in
this advisory for more information. Also, added link to
Microsoft Knowledge Base Article 2641690 under Known Issues
in the Executive Summary.

2011-11-16
Adware
++ Moozy ++ W3i.IQ5.fraud
Malware
++ Fraud.SecurityShield + Win32.FraudLoad.edt + Win32.Renos ++ Win32.Vilsel.bbfy + Win32.WwVii2
Trojans
+ Banload.bho ++ Fake.WindowsDefender ++ PB.FBImg.rtk + Win32.Bifrost.gen ++ Win32.Cutwail.BE ++ Win32.Cycbot.s ++ Win32.FakeAV ++ Win32.Graftor.3471 + Win32.Muollo + Win32.OnLineGames.down + Win32.OnLineGames.gen ++ Win32.Sirefef ++ Win32.Slenugga + Win32.Timer.hda ++ Win32.VideoDownloader ++ Win32.Yakes.jfx + Win32.ZBot
Total: 2478143 fingerprints in 778113 rules for 6391 products.

http://www.safer-networking.org/en/index.html

Issued: November 15, 2011

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-037 - Important


Bulletin Information:

* MS11-037 - Important

- http://technet.microsoft.com/security/bulletin/MS11-037
- Reason for Revision: V2.1 (November 15, 2011): Corrected the
install verification registry keys, update log file name, and
removal information for Windows XP and Windows Server 2003.
This is an informational change only.
- Originally posted: June 14, 2011
- Updated: November 15, 2011
- Bulletin Severity Rating: Important
- Version: 2.1

Issued: November 11, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2639658)
- Title: Vulnerability in TrueType Font Parsing Could Allow
Elevation of Privilege
- http://technet.microsoft.com/security/advisory/2639658
- Revision Note: V1.4 (November 11, 2011): Revised impact
statement for the workaround, Deny access to T2EMBED.DLL,
to address applications that rely on T2EMBED.DLL for
functionality.

Issued: November 10, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2641690)
- Title: Fraudulent Digital Certificates Could Allow Spoofing
- http://technet.microsoft.com/security/advisory/2641690
- Revision Note: V1.0 (November 10, 2011): Advisory published.

Issued: November 8, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2269637)
- Title: Insecure Library Loading Could Allow Remote Code
Execution
- http://technet.microsoft.com/security/advisory/2269637
- Revision Note: V12.0 (November 8, 2011): Added the following
Microsoft Security Bulletin to the Updates relating to
Insecure Library Loading section: MS11-085, "Vulnerability in
Windows Mail and Windows Meeting Space Could Allow Remote
Code Execution."

* Microsoft Security Advisory (2639658)
- Title: Insecure Library Loading Could Allow Remote Code
Execution
- http://technet.microsoft.com/security/advisory/2639658
- Revision Note: V1.3 (November 8, 2011): Added link to MAPP
Partners with Updated Protections in the Executive Summary.
Revised impact statement for the workaround, Deny access to
T2EMBED.DLL, to address a reoffer issue on Windows XP and
Windows Server 2003. Also, revised the mitigating factors.

Event ID: 1032487958
Language(s): English.
Product(s): computer security and information security.
Audience(s): IT Decision Maker and IT Generalist.

Join us for a brief overview of the technical details of the Microsoft security bulletins for November. We intend to address your concerns in this webcast; therefore, most of the webcast is devoted to attendees asking questions and getting answers from Microsoft security experts.

Presenters: Jerry Bryant, Group Manager, Response Communications, Microsoft Corporation and Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation

Register Online

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms11-nov

Critical (1)

Microsoft Security Bulletin MS11-083
Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
»technet.microsoft.com/en-us/secu···ms11-083

Important (2)

Microsoft Security Bulletin MS11-085
Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704)
»technet.microsoft.com/en-us/secu···085.mspx

Microsoft Security Bulletin MS11-086
Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)
»technet.microsoft.com/en-us/secu···086.mspx

Moderate (1)

Microsoft Security Bulletin MS11-084
Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657)
»technet.microsoft.com/en-us/secu···084.mspx

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Issued: November 3, 2011

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2639658)
- Title: Vulnerability in TrueType Font Parsing Could Allow
Elevation of Privilege
- http://technet.microsoft.com/security/advisory/2639658
- Revision Note: V1.0 (November 3, 2011): Advisory published.

This is an advance notification of 4 security bulletins that Microsoft is intending to release on November 8, 2011.

1 rated as Critical, 2 rated Important and 1 with a Moderate rating affecting Microsoft Windows

http://technet.microsoft.com/en-us/security/bulletin/ms11-nov

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS11-081 - Critical


Bulletin Information:

* MS11-081 - Critical

- http://technet.microsoft.com/security/bulletin/MS11-081
- Reason for Revision: V1.2 (November 2, 2011): Announced the
release of a hotfix to resolve a known issue affecting Internet
Explorer 7 customers after the KB2586448 security update is
installed. See the Update FAQ for details.
- Originally posted: October 11, 2011
- Updated: November 2, 2011
- Bulletin Severity Rating: Critical
- Version: 1.2