[IS&T Security-FYI] SFYI Newsletter, May 15, 2012
Monique Yeaton
myeaton at MIT.EDU
Tue May 15 12:01:22 EDT 2012
In this issue:
1. Microsoft Security Updates for May 2012
2. Apple Releases Various Updates This Month
3. Warning: Malware Installed Through Hotel Internet Connections
-------------------------------------------------------
1. Microsoft Security Updates for May 2012
-------------------------------------------------------
Last Tuesday, May 8, Microsoft issued seven security bulletins that addressed a total of 23 security flaws. Three bulletins were labeled as critical. Systems affected:
* Windows
* .NET Framework
* Microsoft Office
* Silverlight
All but two bulletins addressed remote code execution vulnerabilities. While none of the bugs fixed in the update are currently being targeted, Microsoft said exploit code for eighteen of them was likely.
Among others, Microsoft patched flaws in Office for Mac 2011, a True Type Fonts vulnerability, a Rich Text Format mismatch vulnerability, six bugs in Excel, and various file format memory corruption, record heaps overflow, and remote code execution vulnerabilities.
Read the full Microsoft Security Bulletin summary here<http://technet.microsoft.com/en-us/security/bulletin/ms12-may>.
MIT WAUS<http://ist.mit.edu/waus> has released the patches to subscribers. They are also available through the operating system's Windows Update tool.
------------------------------------------------------------
2. Apple Releases Various Updates This Month
------------------------------------------------------------
In the past two weeks, Apple has released several updates, including:
* iOS 5.1.1 (for iPhone 4S, 4 and 3GS, iPod touch, and iPad)
* OS X Lion 10.7.4 and Security Update 2012-002
* OS X Leopard Security Update 2012-003 (for OS X 10.5 to 10.5.8)
* Flashback Removal Security Update (for OS X 10.5 to 10.5.8)
* Safari 5.1.7
OS X Lion 10.7.4 and Security Update 2012-002<http://support.apple.com/kb/HT5281> fixes 35 bugs including a FileVault password bug. It is possible that a debug log file could contain the password (stored in the clear) of every user who logged in. Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept their folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 users are unaffected. To be on the safe side, it is a good idea to change your FileVault password in addition to taking the update.
The Safari update contains stability improvements and fixes for four WebKit vulnerabilities. When installed, it also checks the version of Adobe Flash plugin that is installed in the browser and disables it if it is out of date.
The iOS update fixes the same WebKit vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, operate with elevated privileges, cause a denial-of-service condition, or perform a cross-site scripting attack.
A great outline of all the fixes from Apple this month are listed in this article from Sophos<http://nakedsecurity.sophos.com/2012/05/10/important-apple-updates-for-snow-leopard-and-lion-get-em-today/>.
The updates are available through the operating system's Software Update tool or from Apple's Downloads webpage<http://support.apple.com/downloads/>.
------------------------------------------------------------------------------------
3. Warning: Malware Installed Through Hotel Internet Connections
------------------------------------------------------------------------------------
Earlier this month, the IC3 (Internet Crime Complaint Center) released an intelligence note<http://www.ic3.gov/media/2012/120508.aspx> stating a recent discovery by the FBI of malicious actors targeting travelers abroad through pop-up windows when they attempt an Internet connection to their hotel rooms. If a traveler attempts an Internet connection, he is presented with a pop-up window notifying him to update a widely-used and legitimate software product. If installed, malware is installed on the laptop.
Recommendation: Take your software updates right before traveling and don't install any software while on the road, unless the vendor has been verified. To ensure protection while traveling, members of the MIT community can use the Cisco AnyConnect VPN client<http://kb.mit.edu/confluence/x/zwBa> (vpn.mit.edu), which establishes an encrypted connection to the Internet.
===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20120515/835adaa0/attachment.htm
More information about the ist-security-fyi
mailing list