[IS&T Security-FYI] SFYI Newsletter, June 15, 2009

Monique Yeaton myeaton at MIT.EDU
Mon Jun 15 13:18:54 EDT 2009 

In this issue:

1. June 2009 Security Updates
2. The Tagged.com Scam
3. Temporary Dip in Spam Levels


---------------------------------------
1. June 2009 Security Updates
---------------------------------------

  ----- Microsoft -----

As part of the Microsoft Security Bulletin Summary for June 2009,  
Microsoft released ten updates (six of them critical) to address 31  
vulnerabilities that affect:

  * Microsoft Windows
  * Office
  * Internet Explorer

A remote, unauthenticated attacker could execute arbitrary code, gain  
elevated privileges, or cause a vulnerable application to crash. Users  
and administrators are advised to download the updates. The security  
patches in this update are now approved for installation via MIT WAUS.

Read the update in full here:
<http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx>

In addition to the 10 security bulletins, Microsoft released an  
updated version of its Malicious Software Removal Tool so that it now  
detects and removes scareware known as Internet Antivirus Pro. The  
malware pops up a phony warning message on infected computers and  
claims to be scanning the machines for malware, but it really  
downloads software that searches for and steals FTP user names and  
passwords.

Read more here:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9134161 
 >


  ----- Apple -----

Apple has released several security updates in June for more than 50  
vulnerabilities it found in its software. Updates released were:

  * QuickTime 7.6.2
  * iTunes 8.2
  * Safari 4.0

The updates were released for Mac OS X 10.4.10 or later, Windows XP,  
and Vista.

Read the updates in full here:
<http://support.apple.com/kb/HT1222>


  ----- Adobe -----

Adobe's first scheduled quarterly security update arrived on June 9,  
2009; it addresses 13 critical security flaws including heap overflow  
vulnerabilities, a stack overflow vulnerability, and a memory  
corruption flaw that could be exploited to execute arbitrary code.  
Systems affected:

  * Adobe Reader versions 9.1.1 and earlier, 8.1.5 and earlier, and  
7.1.2 and earlier
  * Adobe Acrobat (Standard, Professional, and 3D) versions 9.1.1 and  
earlier, 8.1.5 and earlier, and 7.1.2 and earlier

Users are encouraged to read Adobe Security Bulletin APSB09-07 and  
update vulnerable versions of Adobe Reader and Acrobat:
<http://www.adobe.com/support/security/bulletins/apsb09-07.html>

Workarounds/tips:
Disable JavaScript in Adobe Reader and Acrobat.
Disable the display of PDF documents in the web browser.
Do not open unfamiliar or unexpected PDF documents, particularly those  
hosted on websites or delivered as email attachments.


---------------------------------
2. The Tagged.com Scam
---------------------------------

The Tagged.com scam, first seen in 2007, appears to be rearing its  
ugly head again. This scam (which some may argue is not a scam, but is  
merely a form of inappropriate and deceptive behavior by the company)  
appears in the form of an email saying a friend wants to share photos  
with you from a site called Tagged.com.

The email comes from the address book of one of your friends, whose  
information has been accessed. If you click either "yes" or "no,"  
you'll be taken to a fairly unassuming page that asks for some  
personal information.

Do not open or respond to these emails! If you do, you'll risk opening  
up your address book to spammers. As part of the signing up process to  
Tagged.com, you are asked for your email username and password. What  
you may not know is that if you enter this information, your email  
address book is then used by Tagged.com to send out more "commercial  
email," basically spam, trying to get more of your friends to sign up.  
They may even be selling your email to other spammers.

Fake or deceptive social networking sites are cropping up more and  
more as they become more popular. A good rule of thumb for identifying  
the real thing from a scam:

Any social networking site that asks you to put personal information  
into a form that shouldn't be needed to sign up or access a friend's  
page (like date of birth, email username and PASSWORD, gender, etc) is  
a tip-off that they are NOT legitimate. No legitimate social  
networking site or photo sharing site should ever need this  
information from you. If you're still not sure of its legitimacy,  
first email your friend to ask if he/she actually sent the email.

Read more here:
<http://www.markturner.net/2009/06/06/taggedcom-a-social-media-scam/>
<http://www.snopes.com/computer/internet/tagged.asp>


-------------------------------------------
3. Temporary Dip in Spam Levels
-------------------------------------------

The level of spam fell 15 percent following the Federal Trade  
Commission (FTC) order to shut down the Internet service provider  
Pricewert, also known as 3FN.  However, the respite appears to be  
short-lived, as spam volumes have begun climbing again.  The Cutwail  
botnet, also known as Pushdo, experienced significant downturns in  
activity following the shutdown.  The level of spam is expected to  
resume its prior level - about 90 percent of all email sent - once  
spammers make arrangements with companies based outside the US where  
anti-spam enforcement is not as rigorous.  The FTC made its decision  
to order the takedown based on Pricewert's reputation for recruiting  
and cooperating with cyber criminals.

Read more here:
<http://news.cnet.com/8301-1009_3-10260338-83.html?part=rss&subj=news&tag=2547-1009_3-0-20 
 >
<http://www.scmagazineus.com/Pricewert-shutdown-brought-only-short-lived-drop-in-spam/article/138298/ 
 >

[Article source: SANS.org]



= 
= 
= 
========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB 
 >



=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

---------------------------------------
Important: DO NOT GIVE OUT YOUR PASSWORDS!
Ignore emails asking you to provide yours. IS&T will *NEVER* ask you  
for your password.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090615/66072f02/attachment.htm

More information about the ist-security-fyi mailing list