Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
Might put out patch in update, might chuck it out sooner. The bug (CVE-2014-6352) can be triggered by sending a specially crafted Microsoft Office files to intended targets before tricking them into opening the booby-trapped files. "Currently, attacks using PowerPoint files are known to exist, but all Office file types can be used to carry out this attack," Jonathan Leopando, a technical communications staffer at Trend Micro, warns in a blog post. 
No comment yet.
Sign up to comment
Scoop.it!
The official Microsoft Security Blog provides in-depth discussion of security, cybersecurity and technology trends affecting trust in computing, as well as timely security news, trends, and practical security guidance. We have included data on drive-by download attacks in numerous past volumes of the Microsoft Security Intelligence Report. But in the latest volume of the report, volume 15, we published some new data that we haven’t included in the report before - the relative prevalence of drive-by download sites hosted on different web server platforms. Drive-by download attacks continue to be many attacker’s favorite type of attack. This is something I have written about several times in the past: .
Gust MEES's insight:
.
Scoop.it!
Secunia and Microsoft have partnered to offer a consolidated approach to patch management.
The partnership sees Secunia selected as Microsoft's first vulnerability security alliance partner, which will also enable the technology giant to introduce Secunia's products to its global technology centres that will allow users to deploy third-party patches.
Gust MEES's insight:
The partnership sees Secunia selected as Microsoft's first vulnerability security alliance partner, which will also enable the technology giant to introduce Secunia's products to its global technology centres that will allow users to deploy third-party patches.
Scoop.it!
Microsoft annonce avoir fermé un nouveau botnet en collaboration avec Symantec et affectant les requêtes des internautes sur les moteurs de recherche.
Gust MEES's insight:
Microsoft et Symantec ferment un botnet touchant 8 millions de PC
Gust MEES's curator insight,
February 7, 2013 7:56 AM
Microsoft et Symantec ferment un botnet touchant 8 millions de PC
Scoop.it!
Of the many weapons and tricks in an attacker’s arsenal, none is more dangerous or insidious than the ability to hide and continuously compromise a system from within.
This is the role of a rootkit. Malware uses rootkits, or rootkit functionality, in order to hide their presence on an affected computer and thus impede their removal.
===> Once compromised by a rootkit, any information returned by an affected system can no longer be trusted and must be regarded as suspect (which is exactly how they hide themselves and their components from you - by modifying requests for information that might give them away). <===
===> Know your enemy and protect yourself by learning about these threats. <===
You can download the paper here [PDF]:
Read more:
Scoop.it!
Summary: Microsoft released two eagerly awaited updates for Internet Explorer today, both addressing serious security issues. One covers a zero-day flaw in IE9 and earlier versions, the second updates Flash in Windows 8.
Read more:
|
Scoop.it!
Une vulnérabilité, permettant l'exécution de code malicieux, a été découverte dans Microsoft Word. Cette vulnérabilité est déjà exploitée activement dans des pièces jointes au format RTF (Rich text files) de courriers électroniques indésirables. RéférencesClassificationOrange (niveau 4/5) Systèmes vulnérablesToutes les versions de Microsoft Office Word sont vulnérables (même sur Mac). Mesures à prendre :
Gust MEES's insight:
Scoop.it!
Patch Tuesday has been and gone, which means that if you're responsible for the security of the computers in your office - or the ones you use at home - it's time to update your systems once again.
Gust MEES's insight:
Scoop.it!
As expected Microsoft released seven important and two critical fixes for Windows, Internet Explorer and other Microsoft products. Adobe followed suite releasing fixes for ColdFusion, Flash and Sho...
Gust MEES's insight:
===> Update asap!!! <===
Scoop.it!
The official Microsoft Security Blog provides in-depth discussion of security, cybersecurity and technology trends affecting trust in computing, as well as timely security news, trends, and practical security guidance.
Gust MEES's insight:
===> Be AWARE of the MALWARE!!! <===
Scoop.it!
The number of application vulnerabilities reported during the first half of 2012 increased compared to previous semesters...
A MUST read:
|
The bug (CVE-2014-6352) can be triggered by sending a specially crafted Microsoft Office files to intended targets before tricking them into opening the booby-trapped files. "Currently, attacks using PowerPoint files are known to exist, but all Office file types can be used to carry out this attack," Jonathan Leopando, a technical communications staffer at Trend Micro, warns in a blog post.