July 2014 - Posts

What is zoolo?

The Malwarebytes research team has determined that zoolo is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F152450-removal-instructions-for-zoolo%2F

Posted Sat, Jul 12 2014 6:56 by Don
Filed under:

Summary

The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS14-030
* MS14-033

Bulletin Information:

* MS14-030 - Important
- »technet.microsoft.com/library/se···ms14-030
- Reason for Revision: V1.1 (July 10, 2014): Bulletin revised to
remove the prerequisite requirements for the 2965788 update on
Window 7 systems. This is an informational change only.
Customers who have already successfully updated their systems do
not need to take any action.
- Originally posted: June 10, 2014
- Updated: July 10, 2014
- Bulletin Severity Rating: Important
- Version: 1.1

* MS14-033 - Important
- »technet.microsoft.com/library/se···ms14-033
- Reason for Revision: V1.1 (July 10, 2014): Bulletin revised to
remove the prerequisite requirement for the MSXML 6.0 update on
Windows Server 2003 systems. This is an informational change only.
Customers who have already successfully updated their systems do
not need to take any action
- Originally posted: June 10, 2014
- Updated: July 10, 2014
- Bulletin Severity Rating: Important
- Version: 1.1

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2982792)
- Title: Improperly Issued Digital Certificates Could Allow
Spoofing
- »technet.microsoft.com/library/se···/2982792
- Revision Note: V1.0 (July 10, 2014): Advisory published.

2014-07-09
Adware
+ Firseria + Win32.Agent.qvo
Malware
+ OneInstaller
PUPS
+ UpToDown
Trojans
+ Win32.Allaple.ab ++ Win32.Tibs.tc ++ Win32.Wabot.a ++ Win32.Zhelatin.my
Total: 2599665 fingerprints in 809730 rules for 7294 products.

http://www.safer-networking.org/about/updates/

Posted Wed, Jul 9 2014 8:47 by Don
Filed under:



Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:
»technet.microsoft.com/library/se···ms14-jul

Critical (2)

Microsoft Security Bulletin MS14-037
Cumulative Security Update for Internet Explorer (2975687
»technet.microsoft.com/library/se···ms14-037

Microsoft Security Bulletin MS14-038
Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689)
»technet.microsoft.com/library/se···ms14-038

Important (3)

Microsoft Security Bulletin MS14-039
Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685)
»technet.microsoft.com/library/se···ms14-039

Microsoft Security Bulletin MS14-040
Vulnerability in Ancillary Function Driver (AFD) Could Allow Elevation of Privilege (2975684)
»technet.microsoft.com/library/se···ms14-040

Microsoft Security Bulletin MS14-041
Vulnerability in DirectShow Could Allow Elevation of Privilege (2975681)
»technet.microsoft.com/library/se···ms14-041

Moderate (1)

Microsoft Security Bulletin MS14-042
Vulnerability in Microsoft Service Bus Could Allow Denial of Service (2972621)
»technet.microsoft.com/library/se···ms14-042

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

What is HDPureV9.5?

The Malwarebytes research team has determined that HDPureV9.5 is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F151965-removal-instructions-for-hdpurev95%2F

Posted Fri, Jul 4 2014 7:45 by Don
Filed under:

This is an advance notification of 6 security bulletins that Microsoft is intending to release on July 8, 2014


2 rated as Critical, 3 rated as Important and 1 with a rating of Moderate

https://technet.microsoft.com/library/security/ms14-jul

What is video MediaPlay-Air?

The Malwarebytes research team has determined that video MediaPlay-Air is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F151818-removal-instructions-for-video-mediaplay-air%2F

Posted Wed, Jul 2 2014 5:11 by Don
Filed under:

2014-07-02

Adware
+ Firseria
Malware
+ OneInstaller
PUPS
+ ToggleDownloader
Trojans
+ Win32.Kazy.ie + Win32.Sality.gen + Win32.Zusy
Total: 2599639 fingerprints in 809704 rules for 7291 products.

»www.safer-networking.org/about/updates/

Posted Wed, Jul 2 2014 5:05 by Don
Filed under:

What is CinemaHDplus?

The Malwarebytes research team has determined that CinemaHDplus is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F151767-removal-instructions-for-cinemahdplus%2F

Posted Tue, Jul 1 2014 5:13 by Don
Filed under: