Security News? Just a few clicks away

Monthly Archives: July 2010

Out-of-Band Update for Lnk vulnerability

This is good news – Microsoft has announced an out-of-band update to fix the .lnk-vulnerability in the supported Windows operating systems. The tests went well and the patch has the required quality, Microsoft writes in their Security Response Center Blog. … Continue reading

Exploit Protection Toolkit EMET

Currently the hacker conference Black Hat is taking place. Some interesting security issues get discussed and demonstrated; those are covered by most computer media already. What went past nearly unnoticed is a toolkit which Microsoft wants to release in August: … Continue reading

Browser Updates

The Mozilla Foundation just released another update of the Firefox web browser to version 3.6.8, very shortly after releasing version 3.6.7. There is only one bug fixed though, which has resulted in stability issues. The new version should work as … Continue reading

Apply Workaround for Windows Zero-Day Flaw

Since the weekend there is a so-called zero day vulnerability publicly known in all supported (and even in the now unsupported) Windows operating systems. Just by browsing to a folder with a manipulated .lnk file – a shortcut to a … Continue reading

Shortcut to Malware and Phishing

URL shorteners are a relatively young category of Internet service. As many social services on the Internet like Twitter &  Co. have a character limitation for messages, these URL shorteners became interesting for sharing links. For example, you’d loose 64 … Continue reading

Patchday fixes actively exploited vulnerability

Just as announced last Friday, Microsoft released 4 security bulletins on this Patch Tuesday. The updates from the bulletins close a security hole in the Windows Help and Support Center of Windows XP and Windows Server 2003, which is already … Continue reading

YouTube Spam Mails with malicious JavaScript

During the last few days we received a lot of mails with subjects like “User <username> suggests you to become friends on YouTube”. Since there is no YouTube account connected to those email accounts, we were suspicious and took a … Continue reading

4 Updates announced for Patch Tuesday

For the next Tuesday, Microsoft announced to release 4 security bulletins on the monthly Patchday. 3 of the bulletins deal with security vulnerabilities which the company considers critical, 1 is about an important issue. The vulnerabilities affect the Windows operating … Continue reading

Twitter spam is back

This night, a new spam wave started hitting the mailboxes of Internet users. It’s again using Twitter as bait and the links in the spam mails finally lead to the well known fake Canadian Online Pharmacies. This time, the subject … Continue reading

More Malware Spam – fake DHL Mails

During the weekend we saw spam mails with Paypal as bait which tried to make the recipient execute the attached malware. For some time now, we see another social engineering tactic in place: Fake DHL Mails. Some of the mails … Continue reading