Friday, July 17, 2009

A security vulnerability in Office XP 2003 and 2007 already exploited by hackers

Microsoft had to recognize the existence of a security vulnerability in its Office suite on the day of the distribution of its monthly security patches. This vulnerability lies in the web components of Office that are triggered via Internet Explorer. It is embarrassing for Microsoft, communicate attacks have been on Office XP, 2003 and 2007 users via a security hole. This vulnerability lies in Office Web Components which can be used with Internet Explorer.

Hackers create pages trapped and attract their victims through spam in disguise. Hackers have administrator rights on the infected PC and can then do what they want. Microsoft advises disabling Office Web Components until a patch is published at a yet unspecified date. Dave Marcus, director of security research at McAfee finds: "Despite the repairs today, Windows users are still attacked. When Microsoft made two steps forward, these attackers are the backward one." The attack exploiting the Excel Unspecified Remote Code Execution Vulnerability requires a computer user to open an attachment sent via e-mail that has a maliciously crafted Excel document. Opening the malicious spreadsheet triggers the
vulnerability. This causes the shellcode to execute and then drops two files on the system--the malicious binary mentioned earlier and another valid Excel document. The shell code then executes the dropped file and opens the valid Excel document to mask the fact that Excel has just crashed. This helps to decrease suspicion when the affected spreadsheet is opened."

Wednesday, July 15, 2009

Microsoft closes nine vulnerabilities in July

Three critical patches close vulnerabilities in DirectX and Windows. Attacker can use to infiltrate malicious code and execute it. Three "important" bugs in Publisher, ISA Server and Virtual PC and Virtual Server. Microsoft has released the July-Patchday six security updates for the nine sub-classified as critical vulnerabilities. The patches fix bug in DirectX, Windows, Microsoft Office, Internet Security and Acceleration Server (ISA) and Virtual PC and Virtual Server.

The critical error in DirectShow (MS09-028), in embedded OpenType font module (MS09-029) and in Video ActiveX control (MS09-032). They relate to DirectX 7, 8 p.m. to 9 p.m., or Windows 2000, XP, Server 2003, Vista and Server 2008. The Video ActiveX update is only for Windows XP and Windows Server 2003.



In Microsoft Office Publisher 2007 (MS09-030), ISA Server 2006 (MS09-031) and Virtual PC 2004 and 2007 and Virtual Server 2005 (MS09-033) are three important stuffs to security vulnerabilities. In addition, the company has a current version of the Windows Malicious Software Removal Tool, bringing to delete the wrong security program Win32/FakeSypgro. An update for the beginning of the week reported vulnerabilities in Office Web Components, according to the manufacturer's specifications could not be completed.


All updates are now available via the automatic update feature of Windows or the Download Center to download. Microsoft recommends that the patches should be installed immediately. The probability that in the next 30 days, malicious programs appear to fill the gaps to exploit, Microsoft has considered as high.

Sunday, July 12, 2009

The competitor to Flash, Silverlight, is in version 3

Microsoft's technology allows the creation and implementation of rich Internet applications is now in version 3. Number of Internet users have probably already downloaded Silverlight, including those who have followed the broadcasts of tennis matches at Roland Garros on the site of France Television. The direct competitor of Flash and Adobe Flex has made some improvements and new features since the previous version released in 2008. Thus, in addition to support for hardware graphics acceleration to display high definition video (HD) full screen, Silverlight 3 manages the H.264 and AAC codecs.

Flows via the plugin available from Microsoft may also be protected by DRM, via support PlayReady Content Protection. The editor has also added to Silverlight 3 3D, and many graphics options (Bitmap Caching, Pixel Shader effect ). Another major change, the ability to install applications developed with Silverlight outside the browser and run offline. Silverlight's video capabilities have always been impressive when compared to Flash, and the new version boasts some new features that should keep the competition with Flash hot. It uses a media broadcasting technology Microsoft calls Smooth Streaming, an adaptive technology for playing the same H.264 video stream at the highest bit rate the device and its bandwidth limitations will allow. These applications can be launched from the desktop (Windows or Mac) like any other software. Security side, Microsoft has implemented the performance of applications in the sandbox with isolated persistent storage of data.

Wednesday, July 8, 2009

Mono C # and shake the free software community

Mono and C # should be used in Linux distributions. Mono, the open source implementation of the framework. NET platform, is at the heart of a debate within the free software community. Mono is included in several Linux distributions, including Debian, Ubuntu and Fedora. Yet, even though it is distributed under a free license, Mono incorporates technology covered by patents Microsoft (ADO.Net, ASP.Net and Windows.Forms). The fear exists that the publisher prosecution in respect of users of these technologies. This is the position defended by the father of the GPL, Richard Stallman, whose Free Software should not depend on Mono or C #.


In a message on the website of the FSF (Free Software Foundation) Richard Stallman has criticized the decision to include Mono Debian (via the application Tomboy) for the installation of Gnome. According to him, any implementation of C # describes the Open Source projects at risk of legal action from Microsoft, the existence of software patents. Therefore, on the one hand, discourage developers build applications using this programming language, and on the other hand, did not incorporate implementations of C # in the default installation of distributions Linux or in Gnome.


For the technical committee of Ubuntu, a withdrawal of Mono is not on the agenda. A patent does not announce itself in the desire to prosecute. On Fedora (supported by Red Hat), the position is different. The distribution company, Red Hat Enterprise Linux, it is not affected by this change. As for Microsoft, he tries to adopt a posture reassuring. The editor of Redmond has decided to place the implementations of C # and CLI (Common Language Infrastructure), components of Mono, under its Community Promise. This announcement may allay the fears of the players free to see a Trojan horse penetrate Linux.


However, some do not forget the repeated threats by Microsoft against Linux and its allegations of patent infringement. Especially, that the editor has reignited tensions during its recent conflict with the seller of GPS, TomTom, by criticizing its intellectual property. His complaint criminalized the Linux kernel used by TomTom even if Microsoft is defending.

Monday, July 6, 2009

Browser plug-in from Finjan protects against links to malicious sites

Secure browsing supports Internet Explorer and Firefox. It examines the code of linked sites in real time. That is especially for the users of Twitter, Digg, Blogger or MySpace use. Finjan has under the name "Secure Browsing" a free browser plug-in for Internet Explorer and Firefox published. It warns users of services like Twitter, Digg, Blogger, or MySpace before the links that lead to Web sites rigged. The tool also supports AJAX-based email services like Gmail and Yahoo mail, search engines Google, Yahoo and MSN and Google's AdSense advertising service.

Secure browsing investigated the code directly linked websites, instead of a blacklist of URLs to retrieve. This distinguishes the plug-in of similar offers. In addition to links to websites which may be viruses, trojans and other malicious programs that shows the plug-in, a red cross, while a secure link with a green check mark. Links to sites that the plug-in can not be scanned, provides it with a yellow question mark. Finjan has been the development of secure browsing is concentrated on services, a scan without the input of user data. Therefore support the plug-in is not the social network Facebook.

Kaspersky had earlier this month warned that, for example, in Twitter messages Short URLs used social engineering beneficiary. A user can not see the URL of the site, which he will attend. According to Finjan Secure Browsing scans also with services such as tinyurl generated links.

Thursday, July 2, 2009

Google fixes the bug in Apps Sync for Microsoft Outlook

The application proposed by Google to enable users of its Cloud Services to access Outlook from experiencing a bug that affected the search engine software. Google is corrected and made some improvements to Apps Sync. Google has put an early end to controversy with Microsoft after the bug in its implementation Apps Sync for Outlook. Now, The new synchronization app is called Google Apps Sync for Microsoft Outlook. It provides a way for users to keep their
familiar Microsoft user interface for e-mail and calendar functions while bypassing Microsoft Exchange Server. Instead, users connect with Google's Gmail servers in the Internet cloud.

Published in early June, the latter allows access to Google mail (Gmail, Calendar, Contacts) in Outlook. A way for Google to invest the business world where the mail client Microsoft is still so prevalent. A few days after its release, Microsoft has denounced the presence of a bug in Sync Apps blocking the functioning of the search engine of Outlook. Google ensured that this was not only the internal engine of Windows was concerned.

Now, New version is available for download. The dispute reached its conclusion yesterday with the publication of an updated version of Apps that Sync solves the problem and makes some improvements. For example, we can enable or disable automatic archiving at the time of installation. In addition, access to the Live Hotmail via Outlook plug-in connector is also restored. Users who have already installed Apps Sync will update automatically. The new version is it available for download.

Tuesday, June 30, 2009

Windows Vista less secure than Windows 2000, according to PC Tools

The British publisher of PC Tools antivirus has identified more threats on PCs running Vista with Windows 2000. The effectiveness of Window Vista is again being questioned, this time by the British publisher PC Tools. He has published the results of a study, saying that the latest Microsoft OS is less secure than Windows 2000. His analysis is based on figures collected over the last six months (since November 2007) from users of its software Threat Fire behavioral detection of threats. It appears that this time, Vista has been the target of 639 different threats, against 586 for Windows 2000.

"Microsoft introduced its latest OS as the version of Windows the most secure. "Yet, recent studies with statistics on 1.4 million computers with Threat Fire show that Vista is more susceptible to malware than Windows 2000, eight years, and only 37% more secure than Windows XP . "

An analysis that Microsoft has reacted, replying that the OS is not the only fault. He said that in many cases, users run necessarily at a given moment of harmful code on their machine, sometimes by lack of knowledge. "The amount of virus infections found by an antivirus publisher does not necessarily mean a poor safety. "

"The results published in the April 2008 edition, Security Intelligence Report show that Windows Vista is significantly less susceptible to malware than older operating system. To support its claims, PC Tools has released more accurate figures. 190 on 692 machines running Vista, 121 380 were infected by at least one type of harmful software and some up to 19 were identified, 74% were software cookies advertising (adware), and 17% of the Trojans.

"All systems used in the study using Threat Fire. As this technology examines the behavior, the data refers to threats that have alerted our detection tool because they had been executed on the client. Our data show that MSRT is not a complete anti-virus, but a tool to remove a certain type of harmful programs. "