Trend Micro Unmasks FakeAV June 18, 2010Posted by Jim Locke in Alerts.
Tags: FakeAV, Security, Trend Micro
add a comment
We all know what a pain FakeAV has been over the course of the last few years. It seems to be the problem that just won’t die. Well, in an attempt to educate the SMB community on this problem, Trend Micro released a white paper today called Unmasking FakeAV. This document seeks to educate users on how rogue antivirus or FAKEAV applications arrive on systems and to let them know what Trend Micro solutions they can use to combat these threats. FAKEAV threats have been rampant in the past few years and are definitely here to stay. Various FAKEAV variants have, in fact, infected millions of PCs and are continuously spreading worldwide.
We recommend you use this document as a tool to help educate your customers about this problem. Hopefully, we can encourage Trend Micro to develop similar content in video form that can be shared more readily with customers using e-mail, social media platforms or webinars. So take this opportunity to keep your customer up to date on this threat and demonstrate the value that you and your company delivers.
Microsoft Critical Product Vulnerability Alert July 30, 2009Posted by Jim Locke in Alerts.
Tags: Microsoft, Security
1 comment so far
Glenn Osako, Microsoft’s Partner Territory Manager for the Western Region, has asked me to bring this Critical Vulnerability Alert to the attention of our members. Microsoft recommends that customers prepare their systems and networks to apply this security bulletin immediately to help ensure their computers are protected. Additionally, they recommend that partners patch their own systems and then reach out to their customers to ensure that their systems are secure. Attached are details of the security advisory & guidance.
This alert is to provide you with an overview of the Microsoft Security Advisory 973882, released on Tuesday, July 28, 2009. This security advisory provides information about our ongoing investigation into vulnerabilities in the public and private versions of Microsoft’s Active Template Library (ATL). In the advisory, we provide information about what Microsoft is doing in its ongoing investigation into the issue described, and we also offer guidance to both developers and IT professionals.
- Guidance for Developers (bulletin MS09-035): The Microsoft ATL is used by software developers to create controls or components for the Windows platform. Microsoft strongly recommends that developers who have built controls or components with ATL take immediate action to evaluate their controls for exposure to a vulnerable condition and follow the guidance provided to create controls and components that are not vulnerable. For more information on the vulnerabilities and guidance to address issues in ATL, see MS09-035, “Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution.”
- Guidance for IT Professionals (bulletin MS09-034): To help better protect customers while developers update their components and controls, Microsoft has developed a new defense-in-depth technology. This new defense-in-depth technology built into Internet Explorer helps to protect customers from future attacks using the Microsoft Active Template Library vulnerabilities described in this Advisory and Microsoft Security Bulletin MS09-035. IT professionals should first assess and prepare their own systems, then help their customers deploy the Internet Explorer Security Update offered in Microsoft Security Bulletin MS09-034, “Cumulative Security Update for Internet Explorer.”
Please see below for important resources and a bulletin summary.
Full text of Security Advisory 973882 http://www.microsoft.com/technet/security/advisory/973882.mspx
- Full bulletin for MS09-034, with guidance for IT professionals http://www.microsoft.com/technet/security/bulletin/ms09-034.mspx
- Full bulletin for MS09-035, with guidance for developers http://www.microsoft.com/technet/security/bulletin/ms09-035.mspx
- We recommend Microsoft partners use the Microsoft TechNet Security TechCenter as a source of security information http://technet.microsoft.com/security
New Bulletin Summary
|Bulletin ID||Maximum Severity Rating||Vulnerability Impact||Restart Requirement||Affected Software|
|Visual Studio(MS09-035)||Moderate||Remote Code Execution||Requires restart||Microsoft Visual Studio .NET 2003,Microsoft Visual Studio 2005,
Microsoft Visual Studio 2008,
Microsoft Visual C++ 2005, and
Microsoft Visual C++ 2008
|Internet Explorer(MS09-034)||Critical||Remote Code Execution||Requires restart||Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008|
Regarding Information Consistency
We recommend that Microsoft partners use the Microsoft TechNet Security TechCenter as a key source of security information: http://technet.microsoft.com/security, and that you sign up for comprehensive alerts at http://www.microsoft.com/technet/security/bulletin/notify.mspx. We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.