[IS&T Security-FYI] Security FYI Newsletter, April 16, 2015

Thu Apr 16 10:33:30 EDT 2015

In this issue:

1. Microsoft Security Updates for April 2015
2. Adobe and Oracle Release Critical Updates
3. The Simda Botnet

----------------------------------------------------------
1. Microsoft Security Updates for April 2015
----------------------------------------------------------

On Patch Tuesday this week, Microsoft released eleven security bulletins<https://technet.microsoft.com/en-us/library/security/ms15-apr.aspx> (MS15-032 through MS15-042). Four bulletins are labeled as critical and the remaining seven as important.

Systems affected include Windows client and server operating systems as well as various Office products and Internet Explorer. One of the bulletins, MS15-033, addresses a zero-day vulnerability in Microsoft Office which is currently under limited attacks on Word 2010. The bulletin also fixes two critical RCE (remote code execution) flaws that could be exploited in Office 2007 and 2010 if a user looks at an email in the Outlook preview pane.

Be sure to accept the updates as they occur, or go to the Windows Update<http://www.update.microsoft.com/> site. You may need to restart your machine after installing patches.

Read the story in the news<http://www.networkworld.com/article/2909627/microsoft-subnet/patch-tuesday-april-2015-closes-0-day-holes-4-of-11-patches-rated-critical-by-microsoft.html>.

--------------------------------------------------------------
2. Adobe and Oracle Release Critical Updates
--------------------------------------------------------------

Adobe released a fix<https://helpx.adobe.com/security/products/flash-player/apsb15-06.html> for a zero-day bug in Adobe Flash Player for Windows and Mac. Users should update to Adobe Flash Player 17.0.0.169. If you are unsure whether your browser has Flash installed or what version it may be running, go to Adobe’s Flash Player page<https://www.adobe.com/software/flash/about/>. Internet Explorer on Windows 8 and Chrome should automatically update.

Oracle’s quarterly critical patch update plugs 15 security holes in Java 8. If you have Java installed and use it for specific websites or applications, update as soon as possible. Windows users can check for the program in the Add/Remove Programs listing or visit Java.com<http://www.java.com/en/> and click the “Do I have Java?” link on the home page. Note that Oracle will be ending support for Java 7 after this update of Java 8 (Update 45).

Read the full story at Krebs on Security.<http://krebsonsecurity.com/2015/04/critical-updates-for-windows-flash-java/>

----------------------------
3. The Simda Botnet
----------------------------

The Simda botnet (a botnet is a network of computers infected with self-propagating malware) has compromised more than 770,000 computers worldwide in the past six months. The botnet has recently been taken down by law enforcement groups and private security companies by seizing 14 command-and-control servers located in various countries, including the US.

Simda malware takes advantage of Windows computers with unpatched software to re-route a user’s Internet traffic to websites under control by the criminals. The infected computers can also be used to install additional malware, give criminals access to harvest user credentials, or cause other malware attacks.

Read a full report on this threat in the alert released by the DHS and FBI: TA15-105A<https://www.us-cert.gov/ncas/alerts/TA15-105A>, which includes the recommended actions users can take:

  *   Use and maintaining anti-virus software
  *   Change your passwords
  *   Keep your operating system and software up to date
  *   Do a manual check of your system (or ask for assistance to do so) to see if it is infected. Microsoft has developed a free cleaning agent for Simda. If you have been infected by Simda.AT, run a comprehensive scan of your environment using Microsoft Safety Scanner<http://www.microsoft.com/security/scanner/en-hk/default.aspx>, Microsoft Security Essentials<http://windows.microsoft.com/en-US/windows/security-essentials-download> or Windows Defender.

Read the story in the news here<http://blogs.technet.com/b/mmpc/archive/2015/04/12/microsoft-partners-with-interpol-industry-to-disrupt-global-malware-attack-affecting-more-than-770-000-pcs-in-past-six-months-39-simda-at-39-designed-to-divert-internet-traffic-to-disseminate-other-types-of-malware.aspx> and here<http://arstechnica.com/security/2015/04/botnet-that-enslaved-770000-pcs-worldwide-comes-crashing-down/>.

=======================================================================================
Read all archived Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
=======================================================================================

Monique Buchanan
Social Communications Specialist
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu
tel: 617.253.2715

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20150416/a0a38ff7/attachment.htm