Tomorrow, June 8th, is that infamous day again when Microsoft releases the latest updates for it’s software. Unlike last month’s that was really a ‘nothing’ update, this month’s iteration is huge. In all, 10 bulletins fixing 34 vulnerabilities will be released. Some are rated as critical and effect Windows, Ofiice, and Internet Explorer.
For Windows (including Windows 7 and Windows Server R2)
6 vulnerability patches of which 2 are rated “Critical” and 4 are rated as “Important”.
For Office
2 vulnerability patches both of which are rated as “Important”
For Windows and Office combined
1 vulnerability patch rated as “Important”
For Internet Explorer
1 vulnerability patch rated as “Important”.
Microsoft also confirmed that this update would also include the long awaited fix for the XXS flaw. This flaw could allow priveledge elevation, in Sharepoint, that could lead to a cross site scripting attack.
Microsoft is not the only company that is trying to get it’s software more secure. Adobe has been effected with a critical flaw in it’s Flash and Acrobat softwares AGAIN. I say that as since Adobe announced it’s plan to implement quarterly patches for it’s software, they seem to be getting hit with exploits, some of which are zero-day exploits, on a weekly basis. A zero day exploit is one that was not known of, until it was already being exploited in the ‘wild’.
Adobe says that this effects it’s Flash player version 10.0.45.2 and earlier. Flash version 10.1 does not appear to be effected. This exploit could cause a crash that could lead to a computer being taken over by the hacker. Adobe says that it effects the authplay.dll file and the deleting, renaming, or moving of this file will create a temporary, albeit annoying fix. After deleting, moving, or renaming this file, what will happen, is that any PDF file that is opened that contains SWF content will cause a crash, although this crash will not be exploitable.
The earlier versions 8.x, have been confirmed not to be effected by this exploit.
The authplay.dll file can be found in these two locations….
c:\ProgramFiles\Adobe\Reader9.0\Reader\authplay.dll
and c:\ProgramFiles\Adobe\Acrobat9.0\Acrobat\authplay.dll
Read Adobes release by clicking HERE.
Now all this being said. Getting your software updates is the #2 most important thing to make sure that you do in order to keep your computer safe. That is, next to making sure that your actions on the internet are safe. I have said this many times before, but never click on links in emails unless you are sure they are from someone that you trust. Most malware needs the user to initiate the attack by click on something. A common way that hackers have infected an unsuspecting user, is by sending a targeted email or spear phishing attack. You will receive an email from, what appears to be your bank. It looks official so you open the email. They then tell you that your account has a problem and to click a link in order to fix the account. Clicking on the link will take you to a site that looks very much like your banks website. Looking up at the URL will tell you that it is not your bank’s website, but it looks so good that you are coerced into entering your personal information (account number, password, etc), and now they have you. Your bank, or any other organization including Amazon, eBay, and other ecommerce sites will never ask for your personal identifying information via a link in an email, so do not be fooled by this trick.
Social networking is also another venue in which attacks occur and many a faithful user is getting infected via this method. A friend’s Facebook, Twitter, Friend Feed, etc. account is compromised by a hacker without their knowledge. You, then receive a message, from this friend’s hacked account, stating that “you should see this photo I took of you last night”. What???….What photo are you talking about? Intrigued, you open the message, after all it is from a trusted friend. It asks you to click a link to view this mysterious photo and takes you to a site that looks very much like Flickr, SmugMug, or other photo sharing sites, but tells you that the photo you are trying to view cannot be opened because you need to download a new version of Flash, or a different codec. You obviously want to see the photo so you click on the link to download this software so you can view this photo. You did not download a new version of Flash or that new codec, instead you just installed a virus, worm, trojan horse, or other nasty.
Should you ever be asked to download a new software or go to a banking site from a link, never click that link. Always, manually type the URL pointing to that site such as http://www.adobe.com and manually download that program or check your banking account by manually logging into your account. Links, email addresses, and social networking names can be spoofed and trick many an unaware user into getting hacked.
Don’t let it be you……