MVP Jubo Security Blog

Adobe Reader 9 is there...

jubo — Fri, 04 Jul 2008 11:34:53 GMT

A few days ago Adobe released version 9 of their Adobe Reader. It seems to add new capabilities, better performance and stronger security, according to Adobe Reader Weblog.

You can download the new version here. This download also comes with the new online product(s) Acrobat.com (Beta), which is possible to uninstall later if you don't need/want it...

Patch Tuesday: Advanced Notification

jubo — Fri, 04 Jul 2008 07:08:28 GMT

Last time I was a bit late to tell you about the Windows Updates, but this time we have an advanced notification. On July 8th, Microsoft is releasing 4 "important" updates.

For more detailed information check TechNet and the post at the blog of Microsoft Security Response Center: July 2008 Advance Notification.

If you want to get these advanced notifications by email, RSS or Messenger then signup at: Microsoft Technical Security Notifications.

Have a wonderful day...

Update for Windows Update

jubo — Fri, 04 Jul 2008 06:27:54 GMT

Starting at the end of this month, Microsoft Update Product Team will be rolling out an update to the Windows Update agent. You can read all the information in the posting at their team blog: Upcoming Update to Windows Update.

What it means for you... is that unless you have chosen "Turn Automatic Updates Off", you will receive this update. Otherwise you have to check for updates and install it yourself manually.

Adobe Reader 8.1.2 Security Update

jubo — Wed, 25 Jun 2008 09:38:18 GMT

While you're busy updating your software, or maybe you just see this message, then it's a good idea to move your mouse to Adobe dot com too. They just released a security update for Adobe Reader.

For more information check the advisory: Adobe Reader 8.1.2 Security Update 1 - multiple languages and/or the release notes.

Microsoft Security Bulletin Summary for June 2008

jubo — Wed, 25 Jun 2008 07:21:22 GMT

It's a bit late, Microsoft already posted their patches for this month. So, if you haven't done that yet then it's a good idea to point your mouse to Windows Update and start getting those updates.

On June 10th, Microsoft released the following updates:

Critical:

MS08-030 - Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376)
MS08-031 - Cumulative Security Update for Internet Explorer (950759)
MS08-033 - Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Important:

MS08-034 - Vulnerability in WINS Could Allow Elevation of Privilege (948745)
MS08-035 - Vulnerability in Active Directory Could Allow Denial of Service (953235)
MS08-036 - Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

Moderate:

MS08-032 - Cumulative Security Update of ActiveX Kill Bits (950760)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

You can obtain the security updates offered this month on Windows Update, from Download Center on Security and Critical Releases ISO CD Image files. For more information, see Microsoft Knowledge Base Article 913086.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) blog

Apple's Safari on Windows Platform Threat

jubo — Mon, 02 Jun 2008 08:13:43 GMT

Microsoft is investigating new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default; it must be installed independently or through the Apple Software Update application. Customers running Safari on Windows should review this advisory.

More information: Microsoft Security Advisory (953818) and MSRC's blog: Security Advisory 953818 Posted.

Update your Flash!

jubo — Mon, 02 Jun 2008 07:58:44 GMT

Because of an Adobe Flash Player issue you need to update this software to the latest version, which is 9.0.124.0. For more detailed information see the Adobe Product Security Incident Response Team (PSIRT) blog web site.

To check which version you have installed go to the About Flash Player page. If it's not the most current, 9.0.124.0 version then install the latest version from the Install Flash Player page.

Microsoft Security Bulletin Summary for May 2008

jubo — Wed, 14 May 2008 07:20:00 GMT

Yesterday, May 13th, Microsoft released 3 "critical" and 1 "moderate" update. If the automatic update didn't get them yet, then it's time to move your mouse over to Microsoft Update and start updating your computer. If you haven't installed SP3 for Windows XP yet, then Microsoft Update will offer you this too.

This months updates:

Critical:

MS08-026 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
MS08-027 - Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
MS08-028 - Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

Moderate:

MS08-029 - Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

See also: Microsoft Security Response Center (MSRC) and Security Vulnerability Research & Defense blog: MS08-026: How to prevent Word from loading RTF files.

Windows XP SP3 Released

jubo — Tue, 13 May 2008 09:50:58 GMT

A few weeks sick, a virus caught me... and see what's happening! Microsoft releases SP3 for Windows XP. If you want to install it then you can get it at the Microsoft Download Center. But before you install it there's always important information to read. Especially if you have other version of IE installed than IE7.

Please first read:

Jane Maliouta's, Deployment PM for IE8, blog at IEBlog.
Then there's this article at Microsoft's Help and Support site: Steps to take before you install Windows XP Service Pack 3.
Spyware Doctor 5.5 or earlier versions of Spyware Doctor may cause Windows XP Service Pack 3 to stop responding when you try to install or to uninstall the service pack

Last but not least: Windows XP Service Pack 3 Overview and that's where you can download it too. Or just check at the Windows Update web site and download a smaller version.

If you have an AMD-based computer then this article, by Jesper Johansson, might be interested for you too: Does your AMD-based computer boot after installing XP SP3?

Introducing: Live Mesh

jubo — Fri, 25 Apr 2008 08:53:02 GMT

You probably have heard it already, but if not then here it is. Microsoft's new product: Live Mesh. For more information check their web site at:

And at on10 you can see a video of what Live Mesh actually is. Check it out here: Hands on with Live Mesh.

Automatic distribution of Windows Vista SP1 begins today

jubo — Thu, 24 Apr 2008 11:09:01 GMT

Check out the Windows Vista Team blog: Automatic distribution of Windows Vista SP1 begins today

Windows XP Service Pack 3 Released to Manufacturing

jubo — Tue, 22 Apr 2008 06:52:13 GMT

Yesterday, Chris Keroack, Release Manager Windows Serviceability, posted the following announcement:

Today we are happy to announce that Windows XP Service Pack 3 (SP3) has released to manufacturing (RTM). Windows XP SP3 bits are now working their way through our manufacturing channels to be available to OEM and Enterprise customers.
We are also in the final stages of preparing for release to the web (i.e. you!) on April 29th, via Windows Update and the Microsoft Download Center. Online documentation for Windows XP SP3, such as Microsoft Knowledge Base articles and the Microsoft TechNet Windows XP TechCenter, will be updated then. For customers who use Windows XP at home, Windows XP SP3 Automatic Update distribution for users at home will begin in early summer.

Microsoft Security Advisory (951306)

jubo — Sat, 19 Apr 2008 09:01:51 GMT

Vulnerability in Windows Could Allow Elevation of Privilege
Published: April 17, 2008

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008.

Source: TechNet

Firefox 2.0.0.14 - Security release

jubo — Sat, 19 Apr 2008 08:43:16 GMT

Some people I know have this browser installed... If you do not have the automatic update activated then it's time to install an new version of this browser. For more information see the release notes:

What's New in Firefox 2.0.0.14
Mozilla Foundation Security Advisory 2008-20

Crash in JavaScript garbage collector

Click here: Download Firefox 2

The "Alternative" Blog...

jubo — Thu, 17 Apr 2008 20:00:21 GMT

As you may know, I recently married Kim, the most wonderful and beautiful woman who I met at the MVP Summit in 2007. Recently she started her own blog... Yes, if you're interested what an American woman does in Holland or what I do in my off-line life, then click here: Kim's Journal...

PS: don't believe everything she tells you about me. I deny everything... ;)

Windows Live OneCare Beta (v2.5)

jubo — Tue, 15 Apr 2008 12:51:00 GMT

Since a few weeks a new Windows Live OneCare v2.5 BETA has been released. If you're interested then click here and fill out a short survey at Microsoft Connect.

Of course you'll have to uninstall the previous version first, or any other antivirus program you may have installed. For more information check the Windows Live OneCare at Microsoft Connect. Support forums and where you can get a lot of good information is at Windows Live OneCare Support Forums.

More details at: The Windows Experience Blog

Let The (malware) Games Begin...

jubo — Tue, 15 Apr 2008 11:20:34 GMT

Few days ago the McAfee Avert Labs received an email with a executable flash movie. The attachment was called: "RaceForTibet.exe", which eventually seems to be a keylogger program. Even a log file is being send to a provider in China.

Just want to warn you: never open or run a file that you get from (un)known people. Keep your Windows updated and/or check your version at Microsoft Update, keep your antivirus and/or antispyware updated.

For more (technical) details about the above keylogger program see this topic: Is Malware Writing the Next Olympic Event?

Microsoft Security Bulletin Summary for April 2008

jubo — Fri, 11 Apr 2008 07:08:23 GMT

On April 9th, Microsoft released 5 "critical" and 3 "important" updates. If you didn't get them yet then it's time to move your mouse to Microsoft Update and start updating your computer. Installed them on my computers and the ones I maintain without any problems.

Critical:

MS08-018 - Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)
MS08-021 - Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
MS08-022 - Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)
MS08-023 - Security Update of ActiveX Kill Bits (948881)
MS08-024 - Cumulative Security Update for Internet Explorer (947864)

Important:

MS08-020 - Vulnerability in DNS Client Could Allow Spoofing (945553)
MS08-025 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
MS08-019 - Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)

A more technical version of the Security Bulletin can be found at TechNet and an end-user version is available at Microsoft's Security At Home site.

Support:

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. International customers can receive support from their local Microsoft subsidiaries. Visit the International Help and Support.

McAfee, Inc. Launches Global S.P.A.M. Experiment

jubo — Wed, 02 Apr 2008 06:16:00 GMT

McAfee, Inc. today announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, participants from around the world - ranging from homemakers, government executives, and students to retirees - will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at http://www.mcafee.com/spamexperiment.

With a proven link between spam and cybercrime, the experiment aims to show the devastating effects of spam.

To track the daily progress of the S.P.A.M. Experiment and read reports from the participants, please visit http://www.mcafee.com/spamexperiment.

Source: McAfee.com

Microsoft Acquires Komoku

jubo — Tue, 25 Mar 2008 11:20:00 GMT

Last Thursday, Microsoft announced that it acquired Komoku, a provider of advanced rootkit detection solutions, to add its functionality into the upcoming versions of Forefront and Windows Live OneCare.

For more information, see Forefront Team Blog and Anti-Malware Engineering Team.