jump to navigation

Trend Micro Unmasks FakeAV June 18, 2010

Posted by Jim Locke in Alerts.
Tags: , ,
add a comment

TrendMicro_logo We all know what a pain FakeAV has been over the course of the last few years. It seems to be the problem that just won’t die. Well, in an attempt to educate the SMB community on this problem, Trend Micro released a white paper today called Unmasking FakeAV. This document seeks to educate users on how rogue antivirus or FAKEAV applications arrive on systems and to let them know what Trend Micro solutions they can use to combat these threats. FAKEAV threats have been rampant in the past few years and are definitely here to stay. Various FAKEAV variants have, in fact, infected millions of PCs and are continuously spreading worldwide.

Download Unmasking FakeAV

We recommend you use this document as a tool to help educate your customers about this problem. Hopefully, we can encourage Trend Micro to develop similar content in video form that can be shared more readily with customers using e-mail, social media platforms or webinars. So take this opportunity to keep your customer up to date on this threat and demonstrate the value that you and your company delivers.


Microsoft Critical Product Vulnerability Alert July 30, 2009

Posted by Jim Locke in Alerts.
Tags: ,
1 comment so far

Glenn Osako, Microsoft’s Partner Territory Manager for the Western Region, has asked me to bring this Critical Vulnerability Alert to the attention of our members. Microsoft recommends that customers prepare their systems and networks to apply this security bulletin immediately to help ensure their computers are protected. Additionally, they recommend that partners patch their own systems and then reach out to their customers to ensure that their systems are secure.  Attached are details of the security advisory & guidance.

This alert is to provide you with an overview of the Microsoft Security Advisory 973882, released on Tuesday, July 28, 2009. This security advisory provides information about our ongoing investigation into vulnerabilities in the public and private versions of Microsoft’s Active Template Library (ATL). In the advisory, we provide information about what Microsoft is doing in its ongoing investigation into the issue described, and we also offer guidance to both developers and IT professionals.

  •  Guidance for Developers (bulletin MS09-035): The Microsoft ATL is used by software developers to create controls or components for the Windows platform. Microsoft strongly recommends that developers who have built controls or components with ATL take immediate action to evaluate their controls for exposure to a vulnerable condition and follow the guidance provided to create controls and components that are not vulnerable. For more information on the vulnerabilities and guidance to address issues in ATL, see MS09-035, “Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution.”
  • Guidance for IT Professionals (bulletin MS09-034): To help better protect customers while developers update their components and controls, Microsoft has developed a new defense-in-depth technology. This new defense-in-depth technology built into Internet Explorer helps to protect customers from future attacks using the Microsoft Active Template Library vulnerabilities described in this Advisory and Microsoft Security Bulletin MS09-035. IT professionals should first assess and prepare their own systems, then help their customers deploy the Internet Explorer Security Update offered in Microsoft Security Bulletin MS09-034, “Cumulative Security Update for Internet Explorer.”

Please see below for important resources and a bulletin summary.

 Key Resources

Full text of Security Advisory 973882 http://www.microsoft.com/technet/security/advisory/973882.mspx

 New Bulletin Summary

Bulletin ID  Maximum Severity Rating  Vulnerability Impact  Restart Requirement Affected Software
Visual Studio(MS09-035) Moderate Remote Code Execution Requires restart Microsoft Visual Studio .NET 2003,Microsoft Visual Studio 2005,

Microsoft Visual Studio 2008,

Microsoft Visual C++ 2005, and

Microsoft Visual C++ 2008

Internet Explorer(MS09-034) Critical Remote Code Execution Requires restart Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008


Regarding Information Consistency

We recommend that Microsoft partners use the Microsoft TechNet Security TechCenter as a key source of security information: http://technet.microsoft.com/security, and that you sign up for comprehensive alerts at http://www.microsoft.com/technet/security/bulletin/notify.mspx.  We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.