September 2008 - Posts - MVP Jubo Security Blog

News

Kim's Journal
My wife's blog, the "alternative" truth...

2003 - 2004 - 2005 - 2006 - 2007 - 2008 - 2009

Community

Email Notifications

MVP Sites

Microsoft Links

Blogs

Security Forums

Microsoft Blogs

September 2008 - Posts

An Online ticket?!?

What a surprise... This morning I was happily working at the office, hhmm... okay, from home..., when Outlook notified me that I had received an email. When I checked it was from an unknown company USA3000 Airlines. When I read the email they even had a ticket for me and had charged the credit card for $646.27. I thought, that should be at least a ticket to fly across the pond. Well, could have been a surprise from my wife since she's visiting family in the USA. But no, I unzipped the file and there was a file called: "eTicket.doc.exe" and... not detected by McAfee's antivirus program... yet... Submitted the file to VirusTotal and you can find the result here.

Then I also submitted the file to McAfee's WebImmune and they found a "new detection" and named it "spy-agent.bw". Not really a new one but a new variant. Not long after that I received an "Extra.dat" file from AvertLabs for some extra protection. See also McAfee's Avert Labs Blog: Invoice Spam Takes Flight

No e-ticket for me this morning... but the computer is still safe. Now I only wonder how it came through the company's security. They run Symantec stuff...

Posted: Mon, Sep 22 2008 16:28 by jubo | with 2 comment(s)

Filed under: Latest Virus Threats, Spyware, Malware

Microsoft Security Bulletin Summary for September 2008

On September 9, Microsoft released four security patches and all of them are "critical". So, if you haven't updated it yet then it's time to do so now. Move your mouse to the Microsoft Update web site to download and install the updates.

Critical:

MS08-054 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593)
MS08-053 - Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)
MS08-055 - Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also MSRC blog: September 2008 Monthly Bulletin Release and for a more technical version, the Security Vulnerability Research & Defense blog.

Stay safe and have a great weekend!!

Posted: Fri, Sep 12 2008 9:04 by jubo | with no comments

Filed under: Security Bulletins

MVP Jubo Security Blog

Recent Posts

Tags