1.If you find a USB token in the wild, don’t plug it into your USB port as it could autoinstall software if your system is set to autoplay CDROMs.
2.Though many organizations’ standards call for disabling autoplay of CDROMs, you should check and set yours. To disable autoplay follow these instructions (for WinXP):
Open My Computer
Right click [...]
A federal appeals court has ordered Microsoft to stop selling Word. In addition, Microsoft is to pay the Canadian company i4i Inc. $290 million for patent infringement.
Michel Vulpe i4i said it is “an important step in protecting the property rights of small inventors.”
A Texas U.S. district court ruled in favor of i4i Ltd in a patent dispute against Microsoft. i4i was awarded more than $290 million in damages. Microsoft was issued an injunction preventing them from selling versions of Word.
The patent being ruled on relates to the use of XML (extensible markup language) in the [...]
A massive phishing scam similar to the recent bank fraud scams is being sent in emails that look like the following:
From: “Microsoft Customer Support”
Subject: Update for Microsoft Outlook
Update for Microsoft Outlook / Outlook Express (KB910721)
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides [...]
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.
Microsoft Releases Advance Notification for May Security Bulletin
added May 7, 2009 at 02:58 pm
Microsoft has issued a Security Bulletin Advance Notification indicating that the May release cycle will contain one bulletin with a maximum severity rating of Critical. The notification states that the Critical bulletin is for Microsoft PowerPoint. The release is scheduled for Tuesday, [...]
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, and Forefront Edge Security as part of the Microsoft Security Bulletin Summary for April 2009. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with escalated privileges.
Microsoft Windows Malicious Software Removal Tool
Microsoft has released an [...]
Microsoft has released security advisory 969136 to address reports of a vulnerability in Microsoft Office PowerPoint. By convincing a user to open a specially crafted Office file, a remote attacker may be able to gain access to the affected system with the same rights as the user running PowerPoint.
US-CERT encourages users and administrators to review [...]
This report documents the GhostNet – a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.
The capabilities of GhostNet are far-reaching. The report reveals that Tibetan computer systems were compromised giving attackers access to [...]
US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across the network if the host is not patched with MS08-067.
The presence of a Conficker infection may be detected if a user is unable to [...]