MVP Jubo Security Blog

Possible vulnerability in Microsoft Office Word 2002 Service Pack 3

2008-07-09T08:48:03Z

Microsoft released an advisory for a Office Word 2002 SP3 vulnerability.

Investigation indicates that customers who use all other supported versions of Microsoft Office Word, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and Microsoft Office for Mac are not affected.

At this time, Microsoft is aware of limited, targeted attacks that attempt to use this vulnerability. While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability.

More information: Microsoft Security Advisory (953635) and MSRC Blog.

From the BBC News Desk: Fix found for net security flaw

2008-07-09T08:37:09Z

This article at the BBC web site,

Computer experts have released software to tackle a security glitch in the internet's addressing system.
The flaw, discovered by accident, would allow criminals to redirect users to fake webpages, even if they typed the correct address into a browser.
Internet giants such as Microsoft are now distributing the security patch.

More at the BBC site here...

is related to the security patch Microsoft posted yesterday: Microsoft Security Bulletin MS08-037:

Summary:

This security update resolves two privately reported vulnerabilities in the Windows Domain Name System (DNS) that could allow spoofing. These vulnerabilities exist in both the DNS client and DNS server and could allow a remote attacker to redirect network traffic intended for systems on the Internet to the attacker’s own systems.
This security update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008.

Microsoft Security Bulletin Summary for July 2008

2008-07-09T08:23:12Z

Patch Tuesday or patch Wednesday... it all depends on which part of the world you're in. For me it's patch Wednesday and yes, yesterday Microsoft released their monthly bulletin with 4 "important" updates.

On July 8th, Microsoft released the following updates:

Important:

MS08-040 - Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
MS08-038 - Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)
MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)
MS08-039 - Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) blog

So, you all know the drill! If it's not downloaded by automatic updates then move your mouse pointer to Microsoft Update...

Snapshot Viewer MS Access ActiveX Control Vulnerability

2008-07-08T07:00:46Z

Microsoft has released an advisory for a MS Access remote code-execution vulnerability. The flaw lies in the Microsoft Snapshot Viewer ActiveX control, "snapview.ocx", which may allow remote code-execution attacks. This affects Office Access 2000, Office Access 2002 and Office Access 2003.

An attacker could exploit this vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution.

There's no patch available yet, but there are manual workarounds. For more information see Microsoft's Security Advisory (955179) and MSRC Blog.

Security update for Opera 9.5

2008-07-07T09:09:22Z

Opera released a security and stability upgrade. For details see the Security section of the Changelog.

Download Opera's newest release Opera 9.51 for Windows.

Adobe Reader 9 is there...

2008-07-04T11:34:53Z

A few days ago Adobe released version 9 of their Adobe Reader. It seems to add new capabilities, better performance and stronger security, according to Adobe Reader Weblog.

You can download the new version here. This download also comes with the new online product(s) Acrobat.com (Beta), which is possible to uninstall later if you don't need/want it...

Patch Tuesday: Advanced Notification

2008-07-04T07:08:28Z

Last time I was a bit late to tell you about the Windows Updates, but this time we have an advanced notification. On July 8th, Microsoft is releasing 4 "important" updates.

For more detailed information check TechNet and the post at the blog of Microsoft Security Response Center: July 2008 Advance Notification.

If you want to get these advanced notifications by email, RSS or Messenger then signup at: Microsoft Technical Security Notifications.

Have a wonderful day...

Update for Windows Update

2008-07-04T06:27:54Z

Starting at the end of this month, Microsoft Update Product Team will be rolling out an update to the Windows Update agent. You can read all the information in the posting at their team blog: Upcoming Update to Windows Update.

What it means for you... is that unless you have chosen "Turn Automatic Updates Off", you will receive this update. Otherwise you have to check for updates and install it yourself manually.

Adobe Reader 8.1.2 Security Update

2008-06-25T09:38:18Z

While you're busy updating your software, or maybe you just see this message, then it's a good idea to move your mouse to Adobe dot com too. They just released a security update for Adobe Reader.

For more information check the advisory: Adobe Reader 8.1.2 Security Update 1 - multiple languages and/or the release notes.

Microsoft Security Bulletin Summary for June 2008

2008-06-25T07:21:22Z

It's a bit late, Microsoft already posted their patches for this month. So, if you haven't done that yet then it's a good idea to point your mouse to Windows Update and start getting those updates.

On June 10th, Microsoft released the following updates:

Critical:

MS08-030 - Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
MS08-031 - Cumulative Security Update for Internet Explorer (950759)
MS08-033 - Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Important:

MS08-034 - Vulnerability in WINS Could Allow Elevation of Privilege (948745)
MS08-035 - Vulnerability in Active Directory Could Allow Denial of Service (953235)
MS08-036 - Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

Moderate:

MS08-032 - Cumulative Security Update of ActiveX Kill Bits (950760)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) blog

Apple's Safari on Windows Platform Threat

2008-06-02T08:13:43Z

Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.

More information: Microsoft Security Advisory (953818) and MSRC's blog: Security Advisory 953818 Posted.

Update your Flash!

2008-06-02T07:58:44Z

Because of an Adobe Flash Player issue you need to update this software to the latest version, which is 9.0.124.0. For more detailed information see the Adobe Product Security Incident Response Team (PSIRT) blog web site.

To check which version you have installed go to the About Flash Player page. If it's not the most current, 9.0.124.0 version then install the latest version from the Install Flash Player page.

Microsoft Security Bulletin Summary for May 2008

2008-05-14T07:20:00Z

Yesterday, May 13th, Microsoft released 3 "critical" and 1 "moderate" update. If the automatic update didn't get them yet, then it's time to move your mouse over to Microsoft Update and start updating your computer. If you haven't installed SP3 for Windows XP yet, then Microsoft Update will offer you this too.

This months updates:

Critical:

MS08-026 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
MS08-027 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
MS08-028 - Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Moderate:

MS08-029 - Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) and Security Vulnerability Research & Defense blog: MS08-026: How to prevent Word from loading RTF files.

Windows XP SP3 Released

2008-05-13T09:50:58Z

A few weeks sick, a virus caught me... and see what's happening! Microsoft releases SP3 for Windows XP. If you want to install it then you can get it at the Microsoft Download Center. But before you install it there's always important information to read. Especially if you have other version of IE installed than IE7.

Please first read:

Jane Maliouta's, Deployment PM for IE8, blog at IEBlog.
Then there's this article at Microsoft's Help and Support site: Steps to take before you install Windows XP Service Pack 3.
Spyware Doctor 5.5 or earlier versions of Spyware Doctor may cause Windows XP Service Pack 3 to stop responding when you try to install or to uninstall the service pack

Last but not least: Windows XP Service Pack 3 Overview and that's where you can download it too. Or just check at the Windows Update web site and download a smaller version.

If you have an AMD-based computer then this article, by Jesper Johansson, might be interested for you too: Does your AMD-based computer boot after installing XP SP3?

Introducing: Live Mesh

2008-04-25T08:53:02Z

You probably have heard it already, but if not then here it is. Microsoft's new product: Live Mesh. For more information check their web site at:

And at on10 you can see a video of what Live Mesh actually is. Check it out here: Hands on with Live Mesh.

Automatic distribution of Windows Vista SP1 begins today

2008-04-24T11:09:01Z

Check out the Windows Vista Team blog: Automatic distribution of Windows Vista SP1 begins today

Windows XP Service Pack 3 Released to Manufacturing

2008-04-22T06:52:13Z

Yesterday, Chris Keroack, Release Manager Windows Serviceability, posted the following announcement:

Today we are happy to announce that Windows XP Service Pack 3 (SP3) has released to manufacturing (RTM). Windows XP SP3 bits are now working their way through our manufacturing channels to be available to OEM and Enterprise customers.
We are also in the final stages of preparing for release to the web (i.e. you!) on April 29th, via Windows Update and the Microsoft Download Center. Online documentation for Windows XP SP3, such as Microsoft Knowledge Base articles and the Microsoft TechNet Windows XP TechCenter, will be updated then. For customers who use Windows XP at home, Windows XP SP3 Automatic Update distribution for users at home will begin in early summer.

Microsoft Security Advisory (951306)

2008-04-19T09:01:51Z

Vulnerability in Windows Could Allow Elevation of Privilege
Published: April 17, 2008

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008.

Source: TechNet

Firefox 2.0.0.14 - Security release

2008-04-19T08:43:16Z

Some people I know have this browser installed... If you do not have the automatic update activated then it's time to install an new version of this browser. For more information see the release notes:

What's New in Firefox 2.0.0.14
Mozilla Foundation Security Advisory 2008-20

Crash in JavaScript garbage collector

Click here: Download Firefox 2

The "Alternative" Blog...

2008-04-17T20:00:21Z

As you may know, I recently married Kim, the most wonderful and beautiful woman who I met at the MVP Summit in 2007. Recently she started her own blog... Yes, if you're interested what an American woman does in Holland or what I do in my off-line life, then click here: Kim's Journal...

PS: don't believe everything she tells you about me. I deny everything... ;)