[IS&T Security-FYI] SFYI Newsletter, June 15, 2009
Monique Yeaton
myeaton at MIT.EDU
Mon Jun 15 13:18:54 EDT 2009
In this issue:
1. June 2009 Security Updates
2. The Tagged.com Scam
3. Temporary Dip in Spam Levels
---------------------------------------
1. June 2009 Security Updates
---------------------------------------
----- Microsoft -----
As part of the Microsoft Security Bulletin Summary for June 2009,
Microsoft released ten updates (six of them critical) to address 31
vulnerabilities that affect:
* Microsoft Windows
* Office
* Internet Explorer
A remote, unauthenticated attacker could execute arbitrary code, gain
elevated privileges, or cause a vulnerable application to crash. Users
and administrators are advised to download the updates. The security
patches in this update are now approved for installation via MIT WAUS.
Read the update in full here:
<http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx>
In addition to the 10 security bulletins, Microsoft released an
updated version of its Malicious Software Removal Tool so that it now
detects and removes scareware known as Internet Antivirus Pro. The
malware pops up a phony warning message on infected computers and
claims to be scanning the machines for malware, but it really
downloads software that searches for and steals FTP user names and
passwords.
Read more here:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9134161
>
----- Apple -----
Apple has released several security updates in June for more than 50
vulnerabilities it found in its software. Updates released were:
* QuickTime 7.6.2
* iTunes 8.2
* Safari 4.0
The updates were released for Mac OS X 10.4.10 or later, Windows XP,
and Vista.
Read the updates in full here:
<http://support.apple.com/kb/HT1222>
----- Adobe -----
Adobe's first scheduled quarterly security update arrived on June 9,
2009; it addresses 13 critical security flaws including heap overflow
vulnerabilities, a stack overflow vulnerability, and a memory
corruption flaw that could be exploited to execute arbitrary code.
Systems affected:
* Adobe Reader versions 9.1.1 and earlier, 8.1.5 and earlier, and
7.1.2 and earlier
* Adobe Acrobat (Standard, Professional, and 3D) versions 9.1.1 and
earlier, 8.1.5 and earlier, and 7.1.2 and earlier
Users are encouraged to read Adobe Security Bulletin APSB09-07 and
update vulnerable versions of Adobe Reader and Acrobat:
<http://www.adobe.com/support/security/bulletins/apsb09-07.html>
Workarounds/tips:
Disable JavaScript in Adobe Reader and Acrobat.
Disable the display of PDF documents in the web browser.
Do not open unfamiliar or unexpected PDF documents, particularly those
hosted on websites or delivered as email attachments.
---------------------------------
2. The Tagged.com Scam
---------------------------------
The Tagged.com scam, first seen in 2007, appears to be rearing its
ugly head again. This scam (which some may argue is not a scam, but is
merely a form of inappropriate and deceptive behavior by the company)
appears in the form of an email saying a friend wants to share photos
with you from a site called Tagged.com.
The email comes from the address book of one of your friends, whose
information has been accessed. If you click either "yes" or "no,"
you'll be taken to a fairly unassuming page that asks for some
personal information.
Do not open or respond to these emails! If you do, you'll risk opening
up your address book to spammers. As part of the signing up process to
Tagged.com, you are asked for your email username and password. What
you may not know is that if you enter this information, your email
address book is then used by Tagged.com to send out more "commercial
email," basically spam, trying to get more of your friends to sign up.
They may even be selling your email to other spammers.
Fake or deceptive social networking sites are cropping up more and
more as they become more popular. A good rule of thumb for identifying
the real thing from a scam:
Any social networking site that asks you to put personal information
into a form that shouldn't be needed to sign up or access a friend's
page (like date of birth, email username and PASSWORD, gender, etc) is
a tip-off that they are NOT legitimate. No legitimate social
networking site or photo sharing site should ever need this
information from you. If you're still not sure of its legitimacy,
first email your friend to ask if he/she actually sent the email.
Read more here:
<http://www.markturner.net/2009/06/06/taggedcom-a-social-media-scam/>
<http://www.snopes.com/computer/internet/tagged.asp>
-------------------------------------------
3. Temporary Dip in Spam Levels
-------------------------------------------
The level of spam fell 15 percent following the Federal Trade
Commission (FTC) order to shut down the Internet service provider
Pricewert, also known as 3FN. However, the respite appears to be
short-lived, as spam volumes have begun climbing again. The Cutwail
botnet, also known as Pushdo, experienced significant downturns in
activity following the shutdown. The level of spam is expected to
resume its prior level - about 90 percent of all email sent - once
spammers make arrangements with companies based outside the US where
anti-spam enforcement is not as rigorous. The FTC made its decision
to order the takedown based on Pricewert's reputation for recruiting
and cooperating with cyber criminals.
Read more here:
<http://news.cnet.com/8301-1009_3-10260338-83.html?part=rss&subj=news&tag=2547-1009_3-0-20
>
<http://www.scmagazineus.com/Pricewert-shutdown-brought-only-short-lived-drop-in-spam/article/138298/
>
[Article source: SANS.org]
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you
for your password.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090615/66072f02/attachment.htm
More information about the ist-security-fyi
mailing list