Published September 20, 2012
Yesterday, Microsoft announced that it would be issuing an out-of-band patch on Friday, in response to the latest zero-day Internet Explorer vulnerability discovered this past weekend. For those users concerned about waiting, Microsoft released a FixIt tool on Wednesday that will temporarily neutralize the threat. Microsoft “FixIt” tools, are automated solutions that can diagnoses and repair problems on end user machines. There are several FixIt tools available, that can fix a wide range of issues on machines running Windows operating systems. More information on Microsoft FixIt tools can be found here.
Published September 18, 2012
Security researcher Eric Romang has discovered a new zero-day vulnerability in Internet Explorer, which he claims will affect fully patched versions of Microsoft Internet Explorer 7, 8 and 9.
The exploits, developed over the weekend for the Metasploit exploit toolkit, have been linked to Nitro, the same group of hackers from China who were exploiting two Java zero-days in late August. “Since Microsoft has not released a patch for this vulnerability yet, Internet users are strongly advised to switch to other browsers such as Chrome or Firefox until a security update becomes available,” a post on the Metasploit community blog said. “The exploit had already been used by malicious attackers in the wild before it was published in Metasploit.”
Microsoft is [strongly] advising all Windows users to install a free security software to protect their PCs from a newly discovered vulnerability in its Internet Explorer browser. The free security tool, called the Enhanced Mitigation Experience Toolkit (EMET), will prevent hackers from gaining access to Windows-based systems and is currently available from Microsoft here .
Published September 04, 2012
Unfortunately, it appears that Java is once again unsafe. Over the weekend, the good folks over at security firm FireEye spotted a new attack that exploits a vulnerability in Java to install a Trojan named Poison Ivy, which communicates with C&C servers in China and Singapore.
Since there’s no fix in sight, it is highly recommended that users turn off/disable Java in their browsers. This might keep certain websites from operating 100% but, it will help prevent possible “drive-by downloads”. What is a “drive-by download” you might ask? Well, in a drive-by download, your computer becomes infected just by visiting a website which contains malicious code. Cybercriminals search the Internet looking for vulnerable web servers that can be hacked, and when one is found, they can then inject their malicious code onto the web pages. If your operating system or one of your applications is un-patched, a malicious program is downloaded to your computer automatically when you access the infected web page.
For instructions on how to disable Java in Google Chrome, go here, for Firefox, go here, for Safari, here and for disabling it in Internet Explorer, click here. You might be tempted to “downgrade” to an earlier version of Java since these new exploits only target version 7 but, don’t do it! The previous versions of Java also have security flaws. Don’t waste time downgrading to an earlier version since it will be equally insecure.
If you absolutely MUST use a Java-enabled browser for mission-critical productivity apps, Brian Krebs over at Krebs On Security suggests users switch to a secondary browser with Java installed, using a Java-less browser for normal browsing and only occasionally switching to a Java-enabled one. This isn’t a bullet proof plan but, it’s safer than surfing the Web with a browser where Java is fully enabled. Good news if you use Google Chrome, you will get a warning every time Java wants to execute and you can decide for yourself whether or not to allow it.
Published July 09, 2012
Brian Krebs over at KrebsOnSecurity.com has just issued a warning regarding a new Java exploit, powered by The Blackhole Exploit Kit. It is very important to make sure your Java is constantly up-to-date and patched since it is one of the most common vulnerabilities related to malicious attacks.
For more details, you can check out Brian Krebs' original post on the Java exploit
We here at New River Computing would like to thank Mr. Krebs for all of his great work on keeping everyone informed with the latest security news!