[IS&T Security-FYI] SFYI Newsletter, May 8, 2009

Fri May 8 12:57:11 EDT 2009

In this issue:

1. Updated Browsers More Secure
2. Adobe Patch Coming Soon for Zero-Day Flaw
3. Pirated Windows 7 Release Candidate Contains Trojan

--------------------------------------------
1. Updated Browsers More Secure
--------------------------------------------

When was the last time you updated your browser? Does this happen  
automatically, or do you need to install the update manually?

In a study conducted by Thomas Duebendorfer of Google Switzerland and  
Stefan Frei of the Swiss Federal Institute of Technology, statistics  
show how updating browsers more frequently and automatically makes for  
safer browsing.

Chrome, Google's browser, updates without asking the user every 5  
hours. Compared to other browsers, such as Firefox, Safari, Opera and  
Internet Explorer, Google Chrome's update policy is set to occur the  
most frequent.

Why is frequent and automatic updates considered a good thing? Aside  
from the obvious bias the researchers had when conducting the study,  
it showed that 97% of Chrome users had the most current version of  
their browser, compared to 85% of Firefox users, 53% of Safari users,  
and 24% of Opera users. Browsers that have not been updated with  
security patches remain vulnerable to the latest cyber threats.

The researchers conclude their study by encouraging browser makers to  
adopt the Chrome silent update mechanism.

Read the full story:
<http://www.informationweek.com/news/internet/security/showArticle.jhtml?articleID=217300466 
 >

-------------------------------------------------------------
2. Adobe Patch Coming Soon for Zero-Day Flaw
-------------------------------------------------------------

Adobe plans to push out a patch on May 12th to address a zero-day flaw  
in Acrobat and Reader that could be exploited to create denial of  
service conditions or execute arbitrary code.  Adobe will issue fixes  
for Reader and Acrobat versions 7, 8 and 9 for Windows and for  
versions 8 and 9 for Mac and Unix.  Adobe has also acknowledged a  
second flaw in Reader for Unix that will be fixed in forthcoming Adobe  
Reader for Unix updates.

Until the fixes are available, Adobe recommends disabling JavaScript  
in both Reader and Acrobat by using the following instructions:

1. Launch Acrobat or Adobe Reader
2. Select Edit > Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK

Adobe Security Bulletins CVE-2009-1492 and CVE-2009-1493
<http://www.adobe.com/support/security/advisories/apsa09-02.html>

Full story:
<http://www.eweek.com/c/a/Security/Adobe-Preps-Patch-for-Zeroday-Vulnerability-366529/ 
 >

[Article source: SANS]

-------------------------------------------------------------------------
3. Pirated Windows 7 Release Candidate Contains Trojan
-------------------------------------------------------------------------

Reports are circulating that pirated versions of Windows 7 Release  
Candidate (RC) available on file sharing sites contain malware.  The  
malware has been identified by one user as the Falder Trojan horse  
program, which plants scareware on PCs and uses a rootkit to evade  
detection by real antivirus packages.

Microsoft released Windows 7 RC on Tuesday, May 5. Earlier this year,  
pirated copies of Apple's iWork '09 were found to contain malware that  
took control of Macs.

It is recommended to always download software (even pre-lease software  
like Windows 7 RC) from trustworthy sources, such as the company's  
official download page, and not from file sharing sites. In addition,  
it is not advisable to test pre-release software on your primary or  
business computer, but on a virtual or other test computer.

Read the full story:
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9132522 
 >

[Article source: SANS]

=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20090508/b51c0310/attachment.htm