MVP Jubo Security Blog

Microsoft has updated the Malicious Software Removal Tool. Has added detection and cleaning capabilities for the following malicious software:

• Zotob.A
• Zotob.B
• Zotob.C
• Zotob.D
• Zotob.E
• Bobax.O
• Esbot.A
• Rbot.MA
• Rbot.MB
• Rbot.MC

See the complete list of malicious software cleaned by this tool.

You can run the Malicious Software Removal Tool online or downloaded from the Microsoft Download Center.

Source: Microsoft Security.

The Microsoft Security Advisory Homepage has been updated with two more options to receive advisories. There's now a Security Advisory RSS Feed as well as a Instant Message Alert, in addition to the existing Comprehensive Email Notification service.

Available Notifications:

• RSS: Security Advisory RSS Feed
• Instant Message: Technical Security Update: Security Advisory
• Email: Microsoft Security Notification Service: Comprehensive Edition

Source: TechNet Microsoft Security Advisories

Microsoft is aware that detailed exploit code has been published on the Internet for the vulnerability that is addressed by Microsoft security bulletin MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588). Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. However, Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.

Our investigation of this exploit code has verified that it does not affect customers who have installed the updates detailed in MS05-039 on their computers. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.


References

CVE Reference	CAN-2005-1983
Security Bulletin	MS05-039

Source: TechNet

Yes! I finally have my own wireless network. There were always two network cables on the floor to the two laptops. Now we have this configuration:

• Dell desktop
• Dell notebook
• Toshiba Notebook

Now there's this Linksys Wireless-G Broadband Router
and two Wireless-G Notebook Adapter from Linksys for both the notebooks.


Because of this I got very interested in the security of a wireless network. Didn't know anything about it but found some very interesting articles written by Barb Bowman, Microsoft MVP Networking. Articles Barb Bowman recently published was: How to Secure Your Wireless Home Network with Windows XP, Set up a secure wireless network using Windows Connect Now.

Two other articles I want to mention here are: WPA Wireless Security for Home Networks and an Expert Zone Support Webcast: How to set up WPA-based wireless security on a home network, where you can download the webcast and the the PowerPoint presentation and for this you'll need at least a PowerPoint Viewer.

This, and RTFM of the Linksys Wireless-G Broadband Router will make it easy to set up your first wireless network.

For more articles written by Barb Bowman see: Previous Columns by Barb Bowman.

Stephen Toulouse, (Stepto) of the Microsoft Security Response Center gives his reaction regarding a potential virus for Windows Vista:

A virus for Windows Vista? Wrong.

Hi everyone, Stephen Toulouse here. There’s been some commentary the past couple of days regarding a potential Windows Vista virus and we wanted to weigh in with some details. First of all, in examining the details of the reports, there is no Windows Vista virus described in them. Instead, the reports are regarding potential proof of concept viruses in the form of malicious scripts that are developed to affect a new interactive shell codenamed "Monad", which is currently in early phase of beta testing.

Full article: Microsoft Security Response Center Blog!

Last Review : August 4, 2005
Revision : 10.0

Update Rollup 1 for Windows 2000 SP4 makes it easier for customers to enhance and maintain the security and stability of their Windows 2000-based computers.

For more information about the problems that are fixed in Update Rollup 1 for Windows 2000 SP4, click the following article number to view the article in the Microsoft Knowledge Base:

• 900345 Problems that are fixed in the Update Rollup 1 for Microsoft Windows 2000 Service Pack 4 that is dated June 28, 2005

After the release of Update Rollup 1 for Windows 2000 SP4, we identified several issues that may occur when you install this update rollup. These issues are isolated, and affect few customers. These issues are described in this article. This article also explains how to resolve these issues. If you are affected by these issues, we suggest that you do not install Update Rollup 1 for Windows 2000 SP4 until the corresponding hotfix is available. We plan to reissue Update Rollup 1 for Windows 2000 SP4 soon. Several hotfixes will be integrated into the new version of Update Rollup 1 for Windows 2000 SP4.

Error messages
You may receive one of the following error messages when you visit the Windows Update Web site:

• MSXML3.DLL File Not Found
• Error 0x80244001
• Error 0x800700C1

More information: Microsoft's Knowledge Base KB891861

August 4, 2005

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers on the number of new security updates being released, the products affected, the aggregate maximum severity and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.

On 9 August 2005 Microsoft is planning to release:

Security Updates

• 6 Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer (MBSA).

Microsoft Windows Malicious Software Removal Tool

• Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Non-security High Priority updates on MU, WU, WSUS and SUS

• Microsoft will release one NON-SECURITY High-Priority Update for Microsoft Windows on Windows Update (WU), Microsoft Update (MU), Software Update Services (SUS), and Windows Server Update Services (WSUS).

Related Links

• Sign Up for the Security Notification Service
• Get the Security Bulletin RSS Feed
• Security Bulletin Summaries and Webcasts
• Security Bulletin Search

Source: TechNet - Security

Each of the following tasks addresses a different security concern. You can strengthen your PC's defenses by completing both tasks.

Use Microsoft Windows Security Center
The Windows Security Center, which is already installed on your computer, monitors and enables you to manage important security settings on your computer, including a firewall, automatic updates, and the status of your antivirus software. See how to use it and why it's important.

Click here to learn more

Get Anti-spyware Software
Anti-spyware software helps to protect your computer from known programs that can track your Web browsing habits or make changes to your computer settings without your consent or control. See if you already have it, why it's important, and how to get it.

Click here to get Anti-Spyware software

Redaction is the careful editing of a document to remove confidential information.

The Microsoft Office Word 2003 Redaction Add-in makes it easy for you to mark sections of a document for redaction. You can then redact the document so that the sections you specified are blacked out. You can either print the redacted document or use it electronically.

Sensitive government documents, confidential legal documents, insurance contracts, and other sensitive documents are often redacted before being made available to the public. With the Word 2003 Redaction Add-in, users of Microsoft Office Word 2003 now have an effective, user-friendly tool to help them redact confidential text in Word documents.

Download: Word Redaction