Tuesday Fun With Microsoft

The new patches are here, the new patches are here!

Microsoft Patches 17 Bugs in December Patch Tuesday

Microsoft fixed 17 bugs in the Windows operating system, Microsoft Office, Windows Media Player and Internet Explorer. The fixes also cover a zero-day flaw exploited by the Duqu Trojan.

Microsoft released 13 security bulletins to fix 17 different vulnerabilities as part of its December Patch Tuesday update, according to the advisory released Dec. 8. Three bulletins were marked critical and the remaining 10 were rated important.

See also:
Microsoft Security Bulletin Summary for December 2011
Merry Christmas! Microsoft Plans Massive Patch Tuesday to Close 2011
Last Patch Tuesday of 2011 Secures Windows XP, Vista, Windows 7
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Microsoft fixes 20 bugs in year’s last ‘Patch Tuesday’
Microsoft to patch three critical holes
Microsoft slims final patch Tuesday of 2011 to 13 patches from proposed 14
No BEAST fix from Microsoft in December patch batch
Microsoft fixes Duqu hole, but not BEAST problem
Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
December Patch Tuesday Fixes Duqu Worm
‘Duqu’ zero-day Windows flaw patched this week
Microsoft: Duqu patched, bringing years total to 99 corrections

Well, it’s a good thing that Microsoft finally patched against the Duqu virus, better late than never, as they say. What are you waiting for? Start installing your gifts!

/at least you can’t say Microsoft didn’t get you anything for the Holidays

Don’t Get Caught In The Crossfire

The Duqu virus is squarely aimed at Iran’s nuclear program. Unless you’re connected with Iran’s nuclear program, your chances of being directly targeted are extremely low. However, Microsoft was freaked out enough to issue a security bulletin for Windows users. So, better safe than sorry, protect yourself against the possibility of becoming collateral damage in an epic, upcoming attack.

Microsoft issues Duqu virus workaround for Windows

Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as “Son of Stuxnet” — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.

The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization’s network to look for data, and the virus could propagate itself.

See also:
Microsoft Security Advisory (2639658)
Microsoft software bug linked to ‘Duqu’ virus
Microsoft Provides Workaround Patch for Duqu Malware
Microsoft announces workaround for the Duqu exploit
Microsoft Issues Temporary Duqu Workaround, Plans 4 Patch Tuesday Fixes
Six Ways to Protect Yourself from Duqu
Microsoft Airs Temporary Fix to Defeat Duqu Worm
Microsoft Releases Temporary Plug For Duqu
Duqu exploits same Windows font engine patched last month, Microsoft confirms
5 Things To Do To Defend Against Duqu
Microsoft issues temporary ‘fix-it’ for Duqu zero-day
Patch Tuesday: Fix for ‘Duqu’ zero-day not likely this month

Is it just me or doesn’t it seem a bit more than odd that Microsoft, a company with close ties to and a past history of working with U.S. intelligence agencies, would publicly issue a workaround to defend against a specific piece of malware that, by many accounts, is being actively and currently used by U.S. intelligence agencies to set up and facilitate an upcoming attack, in cyberspace or otherwise, against Iran’s nuclear program? I mean, it’s not like the Iranians can’t read English, why help them defend against Duqu? Hmmm, something’s not quite right here.

/whatever’s going on, and something is going on, it’s way above my pay grade, but when the endgame comes, don’t forget to duck

Tuesday Is The Time At Microsoft When We Patch

It’s a relatively small one this time, but critical.

Microsoft Fixes 22 Bugs in July Patch Tuesday

Microsoft addressed 22 security vulnerabilities across four security bulletins in July’s Patch Tuesday update. Three of the patches fix issues in the Windows operating system.

The four bulletins patched issues in all versions of the Windows operating system and in Microsoft Visio 2003 Service Pack 3, Microsoft said in its Patch Tuesday advisory, released July 12. Of the patches, only one has been rated “critical.” The remaining three are rated “important,” according to Microsoft.

“Today’s Patch Tuesday, though light, should not be ignored, as these patches address vulnerabilities that allow attackers to remotely execute arbitrary code on systems and use privilege escalation exploits,” said Dave Marcus, director of security research and communications at McAfee Labs.

Security experts ranked Microsoft bulletin MS11-053, which addressed a critical vulnerability in the Windows Bluetooth stack on Windows Vista and Windows 7, as the highest priority. Attackers could exploit the vulnerability by crafting and sending specially crafted Bluetooth packets to the target system to remotely take control, Microsoft said in its bulletin advisory.

See also:
Microsoft Security Bulletin Summary for July 2011
Microsoft fixes 22 security holes
Microsoft issues critical patch for Windows 7, Vista users
Microsoft Releases 4 Updates for Windows and Office
Microsoft warns of critical security hole in Bluetooth stack
Security Experts Warn of Microsoft Bluetooth Vulnerability
Patch Tuesday Fixes Critical Bluetooth Flaw in Windows 7
‘Bluetooth sniper’ Windows vuln fix in light Patch Tuesday
Microsoft Squashes Bluetooth Bug
Microsoft patches ‘sexy’ Bluetooth bug in Vista, Windows 7
Microsoft Fixes 22 Bugs in July Patch Tuesday
Businesses should not ignore critical Microsoft Patch Tuesday update, say experts
Microsoft Patch Tuesday: four security bulletins
Microsoft Patch Tuesday – 12th July 2011
Windows Update

This isn’t the first time you’ve had to update Windows, you know what to do, so get busy.

/until next time, same patch time, same patch channel

Aid And Comfort To The Enemy

Let’s see, China launches cyberattacks and conducts internet espionage against the United States 24/7/365 and our U.S. Department of Homeland Security is warning China about their vulnerabilities? WTF?

China’s Infrastructure Vulnerable to Cyber Attack

Software widely used in China to help run weapons systems, utilities and chemical plants has bugs that hackers could exploit to damage public infrastructure, according to the Department of Homeland Security.

The department issued an advisory on Thursday warning of vulnerabilities in software applications from Beijing-based Sunway ForceControl Technology Co that hackers could exploit to launch attacks on critical infrastructure.

See also:
SCADA Vulnerabilities Patched in Two Industrial Control Software from China
Chinese Weapon Systems Vulnerable To SCADA Hack
US warns China software risk to public infrastructure
US Warns of Problems in Chinese SCADA Software
Software bugs discovered in Chinese-made applications
China’s weapons systems have exploitable software bugs
Department Of Homeland Security Cites China Vulnerability
Exclusive: China software bug makes infrastructure vulnerable
US reveals Stuxnet-style vuln in Chinese SCADA ‘ware
Critical vulnerability in industrial control software

China is not our friend, why are we feeding the hand that bites us? Why aren’t we keeping these discovered Chinese vulnerabilities to ourselves in case we might actually need to use them in the event of escalated hostilities with China?

/and just when did the DHS become the CDHS, Chinese Department of Homeland Security, protecting the homeland of a hostile country?

Tuesday Fun With Microsoft

It’s another big one and the flaws are serious.

Microsoft Fixes 24 Bugs in June Patch Tuesday

Microsoft addressed 24 security vulnerabilities across 16 security bulletins in June’s Patch Tuesday update. This will be Microsoft’s second-largest Patch Tuesday in 2011 after April’s gargantuan release.

Microsoft patched the Windows operating system, all supported versions of Internet Explorer, Microsoft Office, SQL Server, Forefront, .NET/Silverlight, Active Directory and Hyper-V, the company said in its Patch Tuesday advisory released June 14. Of the patches, nine have been rated as “critical,” and seven have been ranked as important, according to Microsoft.

Microsoft called out four critical updates as top priorities on the Microsoft Security Response Center blog. They include a fix for all versions of the SMB Client on Windows (MS11-043), 11 bugs in all versions of Internet Explorer (MS11-050), another Windows flaw (MS11-052) and two issues in the DFS client for all versions of Windows (MS11-042), according to Trustworthy Computing’s Angela Gunn.

See also:
Microsoft Security Bulletin Summary for June 2011
Microsoft ‘Patch Tuesday’ Fixes 24 Flaws In 16 Updates
MS Patch Tuesday: Gaping holes haunt Internet Explorer browser
Patch Tuesday Fixes Dangerous Flaws with Exploits Imminent
Microsoft plugs 34 holes; Adobe fixes Flash Player bug
Microsoft patches critical IE9, Windows bugs
Patch Tuesday heralds a busy spell for admins
Microsoft Puts Out 16 Patches, 9 Critical, for June
Microsoft issues 16 bulletins, 9 critical including SMB, IE fixes
June Gloom: Microsoft Releases 16 Bulletins for Patch Tuesday
Windows Update

Damn, if Windows was a car that had been “repaired” this many times, it wouldn’t have any original parts left.

/anyway, get busy with the updating, don’t let the bad guys in, at least until they find new holes in Widows that Microsoft will have to patch next month

Do You Own A Sony HackStation?

You’ve probably already noticed that your Sony PlayStation won’t connect to the online network, but do you know that hackers probably stole all your personal data, including your credit card number, too?

User data stolen in Sony PlayStation Network hack attack

Sony is warning its millions of PlayStation Network users to watch out for identity-theft scams after hackers breached its security and plundered the user names, passwords, addresses, birth dates, and other information used to register accounts.

The stolen information may also include payment-card data, purchase history, billing addresses, and security answers used to change passwords, Sony said on Tuesday. The company plans to keep the hacked system offline for the time being, and to restore services gradually. The advisory also applies to users of Sony’s related Qriocity network.

See also:
Sony Warns Online Hacker May Have Stolen Credit Card Data
Sony’s PlayStation Network and Qriocity hacked
77million PlayStation accounts hacked
Breach at Sony may include profiles
Massive data breach suspected in Sony PlayStation hacker attack
Sony: Card details may be compromised
Millions of PlayStation user’s information hacked
PlayStation Network hacked, data stolen: how badly is Sony hurt?
Sony’s PlayStation Network Hacked, User Data Stolen
Sony Explains Delayed Response to Hacked PSN Accounts
Sony’s PlayStation Network Is Hacked

With 77 million potential victims, this could wind up being the largest data theft in history. If you own a PlaySyation, make sure you keep an eye on your credit card account for any unusual activity and change your passwords and probably as much other PlayStation Network account information as you can as soon as the system goes back online.

/and watch out for phishing attacks, if Sony contacts you, make damn sure it’s actually Sony