Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: NEWS - October 17, 2012

by: Carol~ October 17, 2012 9:20 AM PDT

Like this

0 people like this thread

Staff pick

NEWS - October 17, 2012

by Carol~ Moderator - 10/17/12 9:20 AM

Critical Java Patch Plugs 30 Security Holes

Oracle on Tuesday pushed out a bevy of security patches for its products, including an update to Java that remedies at least 30 vulnerabilities in the widely-used program.

The latest versions, Java 7 Update 9 and Java 6 Update 37, are available either through the updater built into Java (accessible from the Windows control panel), or by visiting Java.com. If you're not sure which version you have or whether you've got the program installed at all, click the "Do I have Java" link below the red download button on the Java homepage.

Apple maintains supplies its own version of Java. Given the rapidity with which they have followed Oracle's Java updates (ever since April 2012, when the Flashback worm used an unpatched Java flaw to infect more than 650,000 Macs), I would expect Apple to have an update ready soon.

Broken record alert: If you need Java, update it now. Cyber thieves and malware love to use unpatched Java holes to break into systems, and miscreants are always looking for new Java exploits to use. If you don't need Java, uninstall it; you can always reinstall it later.

If you need it for a specific Web site, I'd suggest unplugging it from the browser and adopting a two-browser approach. For example, if you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox, and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site that requires it.

Continued : http://krebsonsecurity.com/2012/10/critical-java-patch-plugs-30-security-holes/

Related:
Stormy October patch day for Oracle
Oracle patches 109 vulnerabilities


Reply
Report offensive post
Email to friend

Oracle Leaves Fix for Java SE 0-Day Until Feb Patch Update

by Carol~ Moderator - 10/17/12 9:34 AM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

Oracle will not patch a critical sandbox escape vulnerability in Java SE versions 5, 6 and 7 until its February Critical Patch Update, according to the researcher who discovered the flaw. Adam Gowdiak of Polish security firm Security Explorations told Threatpost via email that Oracle said it was deep into testing of another Java patch for the October CPU released yesterday and that it was too late to include the sandbox fix.

Gowdiak said he plans to present technical details on the flaw Nov. 14 at the Devoxx Java Community Conference in Belguim. His team did share a technical description of the issue and source and binary codes of proof-of-concept exploit code.

The vulnerability and exploit were announced in late September. Gowdiak's exploit successfully beat a fully patched Windows 7 computer running Firefox 15.0.1, Chrome 21, Internet Explorer 9, Opera 12 and Safari 5.1.7. The exploit relies on a user landing on a site hosting the exploit; an attacker would use a malicious Java applet or banner ad to drop the malware and ultimately have full remote control of a compromised machine.

Oracle did not respond to a request for comments.

Continued : https://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-until-february-patch-update-101712


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Computer Viruses "Rampant" on Medical Devices in Hospitals

by Carol~ Moderator - 10/17/12 12:06 PM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

"A meeting of government officials reveals that medical equipment is becoming riddled with malware."

Computerized hospital equipment is increasingly vulnerable to malware infections, according to participants in a recent government panel. These infections can clog patient-monitoring equipment and other software systems, at times rendering the devices temporarily inoperable.

While no injuries have been reported, the malware problem at hospitals is clearly rising nationwide, says Kevin Fu, a leading expert on medical-device security and a computer scientist at the University of Michigan and the University of Massachusetts, Amherst, who took part in the panel discussion.

Software-controlled medical equipment has become increasingly interconnected in recent years, and many systems run on variants of Windows, a common target for hackers elsewhere. The devices are usually connected to an internal network that is itself connected to the Internet, and they are also vulnerable to infections from laptops or other device brought into hospitals. The problem is exacerbated by the fact that manufacturers often will not allow their equipment to be modified, even to add security features.

Continued : http://www.technologyreview.com/news/429616/computer-viruses-are-rampant-on-medical-devices/

Related:
Medical Device Security in Need of Major Upgrade
Pacemaker hack can deliver deadly 830-volt jolt


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Spoofed WebEx, PayPal Emails Lead to Rogue Flash Update

by Carol~ Moderator - 10/17/12 12:06 PM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

TrendLabs Malware Blog:

Without verifying its legitimacy, users who may be anticipating a WebEx conference are at risk of downloading variants of a notorious info stealing malware.

Last week, we received two spoofed emails that redirect users to a fake Adobe Flash Player update. These messages use different approaches to lure users into downloading the malicious file update_flash_player.exe (detected as TSPY_FAREIT.SMC).

The first email is disguised as a WebEx email containing an HTM attachment. Once users execute this attachment, they are lead to a malicious site hosting TSPY_FAREIT.SMC. Employees may be trick into opening this as it appears to be an alert coming from a business tool they often use. The second sample, on the other hand, is a spoofed PayPal email that features transaction details. Curious users who click these details are then directed to the webpage hosting the rogue Flash update file.

[Screenshot: Spoofed WebEx Email] - [Screenshot: Spoofed PayPal Email]

The said site in question is a spoofed Adobe Flash Player update. To the undiscerning eye, this site may pass off as the real Adobe Flash Player website as it is an exact copy of the legitimate Adobe site. But looking closer into the site's address, reveals that it is everything but authentic.

Continued : http://blog.trendmicro.com/trendlabs-security-intelligence/spoofed-webex-paypal-emails-lead-to-rogue-flash-update/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apple resumes User Tracking with iOS 6. How to disable it.

by Carol~ Moderator - 10/17/12 12:06 PM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

Apple got caught with its hand in the cookie jar when privacy experts protested the use of a universal device identifier, or UDID, to track the online preferences of iPhone and iPad users.

The problems with that model became all too apparent after hackers compromised systems belonging to digital media firm Bluetoad and made off with close to a million device IDs.

Enough is enough, right? Well, maybe not.

It looks like device tracking is back with iOS 6, courtesy of a new tracking technology: IDFA, or identifier for advertisers.

Like the UDID, the IDFA uniquely identifies your Apple device.

Websites that you browse with your iPhone or iPad device can request the IDFA. Unlike UDID, however, the IDFA can't be traced back to individuals, it merely links a pattern of online behavior with a specific device.

Continued : http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Report: Steam poses security risk

by Carol~ Moderator - 10/17/12 12:20 PM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

Security firm ReVuln has analysed the browser protocol that Steam servers use to execute commands via users' browsers. During the analysis, the company's researchers discovered security issues that could potentially allow attackers to infect PCs with malicious code such as spyware.

Among other things, Valve's Steam platform is used to distribute games and also functions as a central hub of the company's digital rights management concept. During installation, it registers the steam:// URL protocol which is capable of connecting to game servers and launching games, for example via: steam://run/id/language/url_encoded_parameters

In the simplest case, an attacker can use this to interfere with the parameters that are submitted to the program. For example, the Source engine's command line allows users to select a specific log file and add items to it. The ReVuln researchers say that they successfully used this attack vector to infect a system via a batch file that they had created in the autostart folder. Popular games such as Half-Life 2 and Team Fortress 2 use the Source engine and are distributed through Valve's Steam platform. In the even more popular Unreal engine, the researchers also found a way to inject and execute arbitrary code. Potential attackers would, of course, first have to establish which games are installed on the target computer.

Continued : http://www.h-online.com/security/news/item/Report-Steam-poses-security-risk-1731562.html

Also: Steam vulnerability can lead to remote insertion of malicious code


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Facebook partners with Panda Security

by Carol~ Moderator - 10/17/12 12:21 PM

In Reply to: NEWS - October 17, 2012 by Carol~ Moderator

Panda Security signed a collaboration agreement with Facebook to protect users. Facebook users will be able to download a free 6-month version of Panda Internet Security 2013 from the AV Marketplace. Additionally, both companies will share their databases of malicious URLs to protect users while surfing the Web.

"Starting today, the people who use Facebook will be able to benefit from Panda's software and technology with their malicious URL data and inclusion in the AV Marketplace. We look forward to better protecting the people who use our service with this partnership," explains Joe Sullivan, Facebook CSO.

Panda Internet Security 2013 is specifically designed to protect users' identity while using social networking sites and other Internet services. Its Panda Safe Browser module is particularly useful for users who want to preserve their privacy and security.

Continued : http://www.net-security.org/secworld.php?id=13787


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close