|
Shavlik Statement on Emergency Out-of-Band Patch for IE Attack Code Used to Hack Google
by Jason Miller |
|
"Microsoft has gone out-of-band from their normal release cycle for a critical security bulletin release. The bulletin addresses the zero-day vulnerability described in Security Advisory KB979352.
The last time Microsoft went out-of-band for a security bulletin was in July 2009. That bulletin addressed a vulnerability in the ATL library. Unlike the July out-of-band release, this bulletin fixes a zero-day exploit that is currently being attacked.
This bulletin, MS10-002, applies to all supported versions of Internet Explorer on all supported operating systems.
Only 1 of the vulnerabilities has been publicly disclosed and is currently being used in targeted attacks. The other 7 vulnerabilities addressed by this bulletin are not publicly known and are not being used in attacks.
It is important to note that this is a cumulative update for Internet Explorer. Multiple vulnerabilities are addressed by this bulletin. With each patch, administrators should test the patch to ensure functionality is not broken in Internet Explorer by the fixes. In the case of this patch, Administrators should deploy this patch immediately to all servers and workstations as the exploit code has been published for the one known vulnerability.
Microsoft typically releases a cumulative Internet Explorer update every other month. February’s patch day would mark the usual schedule for another cumulative release. Microsoft rolled the fix for the publicly known exploit with this cumulative update. Microsoft has shown with this bulletin release that they are able to address critical vulnerabilities while still addressing other vulnerabilities that may or may not be publicly known."
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
 |
The Top 10 Reports for Managing Vulnerabilities | |
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
Shavlik COMMENTS ON EMERGENCY OUT-OF-BAND PATCH FOR INTERNET EXPLORER ATTACK CODE USED TO HACK GOOGLE
————-
Shavlik NetChk Protect Leverages Single Agent to Both Detect and Block, As Well As Ensure All Systems Patched Against this Zero Day IE Flaw
St. Paul, MN (January 21, 2010) — Shavlik Technologies, the market leader in simplifying and automating critical-to-perform and manage IT operations, today commented on the latest Microsoft out-of-band patch that repairs a zero-day flaw in Internet Explorer. Shavlik is also offering a webinar to demonstrate how its single agent solution can do double duty by both applying the out-of-band patch and protecting systems by detecting and blocking the exploit code.
"Today Microsoft released a new out-of-band patch designed to address the serious undiscovered flaw in Internet Explorer that was used to launch a zero-day attack against Google users in China," said Jason Miller, data and security team leader, Shavlik Technologies. "The exploit allowed hackers to trick users into installing malware on targeted machines which could then be used to steal data.
"The attack looks like a message that’s sent from a trusted source via email or social media, so when the user clicks on a link or file, it triggers the hack. The exploit opens a back door which then compromises the machine of the target. This attack was designed to exploit PCs, netbooks and laptops using Internet Explorer version 6 running on Windows XP. By issuing this out-of-band patch now, Microsoft has cut the time hackers could use to exploit the vulnerability in advance of the February 9 Patch Tuesday bulletin releases."
Shavlik reports that users of Shavlik NetChk Protect and its Shavlik NetChk Agent are protected against this flaw. The Shavlik NetChk Agent, which integrates Sunbelt Software’s award-winning VIPRE antivirus + antispyware engine, detects the exploit code and blocks it from executing. IT administrators can use the Shavlik NetChk console to quickly and easily determine that VIPRE threat signature files and engines are up-to-date. Once the out-of-band patch is released, the Shavlik NetChk Agent will deploy the patch. The Shavlik NetChk Agent reduces agent bloat by using a single agent to provide patch management and antivirus + antispyware.
Shavlik NetChk Protect is consistently ranked the best solution available for simplifying and automating critical IT operations for Microsoft Windows environments. Shavlik reports that corporate computing users running Windows Vista or Windows 7 would be challenged to exploit the flaw effectively due to advanced security protections already built into these newer versions of the Windows OS.
"However, just because it’s more difficult to exploit this flaw doesn’t mean that Windows Vista and Windows 7 users shouldn’t apply this patch immediately," said Miller.
Tags: Google, Microsoft Security Bulletins, Vulnerabilities, Zero-Day Exploit
This entry was posted on Thursday, January 21st, 2010 at 11:18 AM and is filed under Community Manager, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
|
| Impact of Design On Trust We attended RSA 2010 this week where VeriSign was a Platinum Sponsor. Executive Chairman, Jim Bidzos, gave a Keynote Address on the 'Internet and Trust' explaining that without trust, people are less likely to freely share information or transact online.... Launch of VeriSign Trust Seal With the launch of the VeriSign TrustTM Seal last week, we introduced a new section to the Website dedicated to the Trust Seal. The Seal enables Websites to communicate that they are a trusted site to do business with and... New Video Player Experience Videos on www.verisign.com have a new look and feel. Users will experience an improved delivery of videos that are optimized for their available bandwidth. During playback when hovering over the video, users now have the ability to quickly share (e-mail,... |
|
| PayPal UK Launch Security Key - Guest Posting from PayPal I am happy to say they are using VeriSign Identity Protection to deliver this, which means that PayPal Customers will be able to use their token at other sites who join the VIP network. PayPal are the first UK members of the network, but there are around 30 other members in different countries around the world so you can expect to see more places where you can use your token in the UK appearing shortly. Facebook scam - Part 2 This just in from the BBC web site, Symantec have identified a virus that steals user names and passwords, nothing new there. But, if I understand this right, it is delivered through a Facebook invitation from someone you don't know and delivers malware which can then steal user names / passwords and also keylog credit card info. Survey finds passwords are not secure - well d'uh! I don't think the vendor community has been crying wolf about the problems that stronger authentication solves, more like highlighting that this problem is here and growing. Well the discussion I have had recently with many different organisations across many different industries are now resulting in more and more consumer projects in this area |
|
| Open Identity Exchange: enabling all the VISAs of identity The Open Identity Exchange was launched this morning at the RSA conference in San Francisco. It is a significant step for federated identity as it will enable US government web sites such as the NIH to embrace open identity standards... Rethinking Internet Trust and Reputation Today, we are launching the VeriSign Trust Seal, a new service for small and medium businesses with an online presence. It is a big day for everyone at VeriSign who has been working really hard on the new service the... Google Hacked or Why the Cyber World Could Get M.A.D** As the world already knows, Google and a few other prominent US companies got severely hacked around Christmas time last year. Sophos has an interesting analysis of the exploit. Web malware and a zero day vulnerability in IE6 were... |
|
