04.19.10
Eye on Security: ‘F1′ Keystrokes Made Safe Again, XP Unpatched, Goodbye to Vista, Vista 7 Flaw
Summary: A big heap of security news from the past week, hopefully showing the really sad state of Windows
Patchfest
• Microsoft Targets Media Flaws In April Patches
• Another big Microsoft Patch Tuesday coming
• Microsoft Schedules Major Patch Tuesday
It’s likely that at least a few Microsoft employees had to work overtime in preparation for tomorrow’s Patch Tuesday activities. The company’s supposed to release 11 security bulletins in order to address 25 vulnerabilities, which may send signals about both its dedication to fixing stuff and the state of some popular software.
Microsoft plans to fix the ‘F1′ security bug that has been plaguing Internet Explorer users for six weeks in its monthly set of security patches tomorrow.
XP Neglect
• MS kernel patch skirts infected machines (mentioned a few days ago)
Microsoft’s latest batch of patches contains a kernel update designed not to install on machines infected with a rootkit.
• Microsoft Tries to Avoid Windows Blue Screen Repeat (same here)
• Microsoft Will Not Patch Newest XP Virus
• Microsoft Advises Some XP Users to stay Unpatched (interesting headline, but not entirely accurate)
Vista Neglect
• Microsoft slams coffin lid on Vista
Microsoft has killed support for its unloved Windows Vista operating system today.
The company announced in February that the service pack-free version of its post-XP, pre-Windows 7 OS would hit end of life support in April.
This means that from today, the OS which hit manufacturers in late 2006 is left entirely at the mercy of hackers who might wish to exploit the now unsupported code.
• Windows Vista SP1 needed for support to continue
• Microsoft Ends Original Vista Support
• Microsoft ends support for original Windows Vista
• Microsoft to end support for earlier Windows versions
• End of the road for Windows Vista RTM
• Microsoft To Stop Supporting Windows Vista RTM
• No more support for Microsoft Windows Vista – so now what do you do?
Microsoft is now using fake numbers about Vista 7. These are fake for reasons we explained before (it was the same with Vista).
Vista 7 Spin
• Microsoft to Patch Unhackable Windows 7 Bug (also here)
Later today, Microsoft will play it safe by patching a Windows 7 bug that it says can’t be exploited.
Of the 11 security bulletins that will be released in a few hours, “Bulletin 7″ will address one or more vulnerabilities in Windows 2000, Windows XP and Windows Server 2003.
Worth seeing:
- Cybercrime Rises and Vista 7 is Already Open to Hijackers
- Vista 7: Broken Apart Before Arrival
- Department of Homeland Security ‘Poisoned’ by Microsoft; Vista 7 is Open to Hijackers Again
- Vista 7 Security “Cannot be Fixed. It’s a Design Problem.”
- Why Vista 7 Could be the Least Secure Operating System Ever
- Vista 7 Vulnerable to Latest “Critical” Flaws
- Vista 7 Seemingly Affected by Several More “Critical” Flaws This Month
- Reason #1 to Avoid Vista 7: Insecurity
- Vista 7 Left Hijackable Again (Almost a Monthly Recurrence)
- Vista 7 as Insecure as Predecessors, Shows Sophos
- More Critical Vulnerabilities in Vista 7, Windows Left Unsafe for Another Month
Zeus (Windows Spyware/Botnet)
• Zeus spyware pretends to be Royal Mail PDF
Once infected, compromised machines ‘phone home’ to hacker controlled servers in China.
• Zeus botnet exploits unpatched PDF flaw
• Researchers find bugs in archive file formats
Most antivirus vendors have patched their applications in order to detect the tampered archive file formats, such as “.rar,” and “.zip,” said Tomislav Pericin, founder of the commercial software protection project RLPack.
New Malware
• Hentai malware publishes web history of marks online
Some bogus files posing as games from Abel software attempt to trick victims into handing over personal information as part of a supposed game registration process. Meanwhile, in the background, the malware is collecting information on the victim’s computer including domain, OS version, file use history and IE favourites.
• Fake anti-virus scams on the rise, Google says
In a blog post previewing a 13-month study on the prevalence of fake AVs on the Web, Google said that more than 11,000 individual domains were involved in the distribution of these scams. According to Google, that figure accounts for roughly 15 percent of all malicious software on the Internet.
Conficker
China Reports Millions of Conficker Worm Infections (Conficker is good for GNU/Linux)
China had about 7 million Internet Protocol (IP) addresses infected with Conficker B at the end of last year, according to a recent annual security report posted on the Web site of China’s National Computer Network Emergency Response Technical Team (CNCERT). The number of infections varied during the second half of the year, which the report covered, but was higher than 5 million during all but one week.
