<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Garamond, sans-serif; ">
<div>
<div>
<div>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this issue:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Microsoft XML Vulnerability </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. AutoCAD Worm</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. What is Smishing And Why Should You Care?</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. Microsoft XML Vulnerability </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Attackers are actively exploiting a vulnerability in Microsoft XML Core Services (MSXML) 3.0, 4.0, and 6.0. The flaw was disclosed earlier this month when Microsoft issued its scheduled security
update. The company did not provide a patch, but did <a href="http://technet.microsoft.com/en-us/security/advisory/2719615">
suggest workarounds</a>, including a <a href="http://support.microsoft.com/kb/2719615">
"Fix it" solution</a> to prevent the flaw from being exploited on user's computers. </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The flaw, which is exploited through Internet Explorer (IE), is particularly dangerous because users need only visit compromised websites to become infected.
<a href="http://www.computerworld.com/s/article/9228301/Unpatched_Microsoft_XML_Core_Services_flaw_increasingly_targeted_in_attacks_researchers_say">
At least two compromised sites have been detected</a>: an aeronautical parts supplier and a medical company. Both are European companies.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-----------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. AutoCAD Worm</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-----------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">A worm that steals AutoCAD drawings has been detected. The industrial espionage malware has appeared mainly in Peru and neighboring countries where it appears to have infected more than 10,000 computers.
The firm that first detected the malware is calling it ACAD/Medre.A; it appears to have stolen tens of thousands of drawings, sending them to an email address registered with a Chinese provider. The email accounts that were being used in the attack have been
closed. </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href="http://www.theregister.co.uk/2012/06/21/autocad_worm/">Read the story in the news.</a></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. What is Smishing And Why Should You Care?</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-------------------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMS phishing." Similar to phishing, smishing uses cell phone text messages
to deliver "bait" to get you to divulge your personal information. The "hook" in the text message may be a web site URL, however, it has become more common to see a phone number that connects to an automated voice response system. If you fall for the bait,
the criminal gains access to your financial information.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href="http://netsecurity.about.com/od/secureyouremail/a/Protect-Yourself-From-Smishing-Attacks.htm">Learn how to protect yourself from Smishing attacks.</a></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px">
<br>
</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/"><span style="text-decoration: underline ; color: #1e37ee">http://securityfyi.wordpress.com/</span></a>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">===================================================================================</p>
</div>
<div>
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-family: Helvetica; ">
<span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; ">
<div style="font-size: 12px; "><br>
</div>
<div style="font-size: 12px; "><br>
</div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">Monique
Yeaton</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">IT
Security Communications Consultant</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">MIT
Information Services & Technology (IS&T)</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">(617)
253-2715</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; "><span class="Apple-style-span" style="font-size: 12px; ">http://ist.mit.edu/security</span></span></span></span></span></span></div>
<div style="font-size: 12px; "><br class="khtml-block-placeholder">
</div>
<br class="Apple-interchange-newline">
</span></span></span></span></span></span></span></div>
</div>
</div>
</div>
</body>
</html>