" />

Tech Geek and More

Technology Explained for All

AD IDrive Remote Backup

Category Archives: Alerts

Alert: You need to make sure your Windows/Office software is up to date. Targeted attacks against recently addressed Microsoft Office vulnerability is now out

Last November, Microsoft released security bulletin MS10-087 (http://www NULL.microsoft NULL.com/technet/security/Bulletin/MS10-087 NULL.mspx), which addresses a number of critical vulnerabilities in how Microsoft Office parses various office file formats. One of them is CVE-2010-3333 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2010-3333), “RTF Stack Buffer Overflow Vulnerability,” which could lead to remote code execution via specially crafted RTF data. A few days before Christmas, we received a new sample (sha1: cc47a73118c51b0d32fd88d48863afb1af7b2578) that reliably exploits this vulnerability and is able to execute malicious shellcode which downloads other malware.

The notice that was posted on the Microsoft Protection Center blog ( http://blogs.technet.com/b/mmpc/archive/2010/12/29/targeted-attacks-against-recently-addressed-microsoft-office-vulnerability-cve-2010-3333-ms10-087.aspx (http://blogs NULL.technet NULL.com/b/mmpc/archive/2010/12/29/targeted-attacks-against-recently-addressed-microsoft-office-vulnerability-cve-2010-3333-ms10-087 NULL.aspx) ) concerns a flaw in the Microsoft Office program that was fixed in November. The bad guys have now found a way to exploit the flaw on computers that do NOT have the updated software. This affects you no matter which version of Office or Windows you are running.

Symantec underlined the seriousness of the flaw to CNET’s Elinor Mills in November:

“One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious e-mail to be infected,” Joshua Talbot, security intelligence manager at Symantec Security Response, said at the time. “All that is required is for the content of the e-mail to appear in Outlook’s Reading Pane. If a user highlights a malicious e-mail to preview it in the Reading Pane, their machine is immediately infected. The same holds true if a user opens Outlook and a malicious e-mail is the most recently received in their in-box; that e-mail will appear in the Reading Pane by default and the computer will be infected.”

image

So what does this mean to you…….It means that if you receive an email, even if its obvious that the email is bad and you don’t click on it, just by it appearing in the reading pane section, will cause your computer to get infected with malware.

How do you make sure you are protected?

Windows Vista / Windows 7

If you are running Windows Vista or Windows 7 go to start –> Control Panel –> Windows Update

Once in Windows Update –>  click on Check for updates –> Once the scan is complete –> system will tell you how many updates you need –> now click on Install updates.

image

Once you have successfully updated all Windows / Office software your Windows update should look like this.

image

Windows XP

In Windows XP –> Using Internet Explorer –> Visit the Microsoft Update website (LINK) http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us (http://www NULL.update NULL.microsoft NULL.com/microsoftupdate/v6/default NULL.aspx?ln=en-us)

(IMPORTANT NOTE: In XP – Microsoft has 2 websites for updates. One is called Windows Updates and one is called Microsoft Updates. You want to make sure that you are on the one that says Microsoft Updates as the Windows Updates site does NOT give you Office updates)

image

Once you are on the site –> Click on Custom and let it scan your pc.  (Note you may be asked to run an ActiveX file if this is the 1st time you have been to the site. Just make sure you say you in this case specifically)

image

You may also get a message about a needed download –> if you do just click on “Download and Install Now”

image

Once Microsoft Update completes its scan it will show you what updates you are missing

image

Look under the “High Priority” updates and make sure that you have selected them all

image

Followed up clicking on “Review and install updates”

image

This will bring you to the confirmation page.  Make sure you have all missing updates selected. You will see 1 final “Install Updates”. Click on it –>

image

Followed by “I Accept” under the agreements area –> and then watch your updates download and install.

After the updates install –> Reboot pc –> and visit site again to see if you have any remaining updates.  Continue the steps until you get 0 (zero) remaining “High Priority” updates.

image

Once you are at 0 (Zero) now your Windows / Office software is up to date.

(FINAL NOTE: This does NOT mean you are free and clear, as always you need to take care of precautions when surfing the Internet.  There are still many other ways you can have your computer compromised)

Alert: iPhone users – those not using Recurring alarms. The alarm STOPS working on 1/1/2011

apple It seems that Apple is facing another issue with its alarm clock feature in the iOS software.  The following information comes from 9to5MAC (LINK: http://www.9to5mac.com/45310/new-years-2011-breaks-non-recurring-iphone-alarm-clocks (http://www NULL.9to5mac NULL.com/45310/new-years-2011-breaks-non-recurring-iphone-alarm-clocks) ) posted this evening 12/31/2010. The work around for the issue is to make all alarms set on iOS software recurring for the time being …….

*******************************************************************************************************************************

According to multiple users expressing their frustration through Twitter (http://twitter NULL.com/search?q=iphone%20alarm), come New Years 2011 (where ever you are) your iPhone alarm clock won’t function correctly. You may recall a similar bug in iOS (http://www NULL.9to5mac NULL.com/33276/daylight-savings-welcomes-ios-alarm-bug-to-europe) when daylight savings time switched on but this is exactly the opposite. This New Year’s 2011 iPhone alarm clock bug shows its face to users without recurring alarms.

This means that anybody who sets an alarm just for tomorrow won’t be woken up by the iPhone’s built-in alarm clock application. To avoid this issue you need to set a recurring alarm by tapping repeat to select the days you want the alarm to go off on. Apple is yet to say anything and it is still unknown whether this is iOS 4.2.1 only or if it affects past system versions too. Be sure to tell everyone you know with iPhones! (via Engadget (http://www NULL.engadget NULL.com/2010/12/31/psa-iphone-alarms-not-working-come-new-years-day-2011/))

Update: We just ran a few tests and the above iPhone alarm clock issue fixes itself on January 3rd. You should follow our steps to avoid the issue above until then. Reader Aaron F. (https://twitter NULL.com/aaronmfisher) has let us know that the issue is occurring on his iOS 4.1 iPhone 4 as well. Let us know if you see the issue on anything earlier.

(http://www NULL.9to5mac NULL.com/45310/new-years-2011-breaks-non-recurring-iphone-alarm-clocks/repear)

Online Security: Hackers take Control of PA Women’s Online ID (From 6abc.com)

The following story comes from the 6abc Newscast (12/29/10) in Philadelphia, where a local women had her Facebook and AOL email ID’s compromised, and where the hacker was using the compromised accounts to send “Bogus” messages to the friends lists in the compromised accounts asking for money.  The “bogus” messages said that the user was assaulted while on a trip and asking the friends list for money to help. 

This story just goes to prove that users need to be careful in responding the messages received (from all electronic communications), even when they appear to be coming from someone they know.  In addition, you should always make sure you do the following 

  • Keep your pc Software updated (Windows, Programs, Antivirus)
  • Use a complicated password with a mix of Capital and Lower Case Letters, Numbers, and Symbols (Example: P@55w0rd@ – Note the use of the @ symbol, the #5 and the #0 instead of the normal letter)
  • Use different passwords on each account (I know this one is HARD)
  • If possible set up additional security reset options with each online account, for example on Gmail you can now require a code be text messaged to your cell phone, which would then be required before a change to your security settings would be allowed. (Gmail->Settings->Accounts and Imports->Change Account Settings)

*****************************************************************************************************************************************

With that being said here is the story posted on 6abc.com (LINK)  http://abclocal.go.com/wpvi/story?section=news/crime&id=7870339 (http://abclocal NULL.go NULL.com/wpvi/story?section=news/crime&id=7870339)

By Alicia Vitarelli – 6abc Philadelphia

ABINGTON, Pa. – December 29, 2010 (WPVI) — A Montgomery County is trying to put her online life back together after hackers took control of her Facebook and email accounts.

Billie Bakhshi said it began recently when she tried to log on to Facebook, but couldn’t get in. So, she tried to reset her password.

"But the hacker changed that. They changed the email address on Facebook so that the retrieval is being sent directly to the hacker instead of to me," Billie said.

She then found out her AOL account was also wiped out.

That’s when she got a strange call.

"I got a phone call from a friend who said ‘Are you okay? I didn’t know you were in Wales!" said Billie. "I said ‘What?!"

Whoever stole her social network identity was emailing her friends and family, saying she on vacation overseas, in danger and needed money. The message read, in part, "I am writing this out of frustration and pain – we got mugged last night…"

Complete Post can be found on the 6abc (LINK) http://abclocal.go.com/wpvi/story?section=news/crime&id=7870339 (http://abclocal NULL.go NULL.com/wpvi/story?section=news/crime&id=7870339)

Alert: Be careful shopping this coming Cyber Monday (11/29) as the bad guys are looking for easy victims

computer%20science As always the bad guys are online, out to try and steal from unknowing victims this holiday season.  With the popularity of Online Shopping, it has never been easier for a bad guy to steal from you without ever having to leave his home.  The following post below comes from Panda Labs (LINK: http://pandalabs.pandasecurity.com/blackhat-friday-and-cybercrime-monday/ (http://pandalabs NULL.pandasecurity NULL.com/blackhat-friday-and-cybercrime-monday/) ), showing how crooks are manipulating search engines to trick users.  As always, just because you are shopping online that doesn’t mean that you don’t have top pay attention.  Always make sure to keep your Cyber Guard up.

*******************************************************************************************************************************************

Black(hat) Friday and Cyber(crime) Monday

  • by Sean-Paul Correll (http://pandalabs NULL.pandasecurity NULL.com/author/sean-paul-correll/)

You may be in for more than you bargained for if you plan on looking for the latest Black Friday or Cyber Monday deals online.  Cyber criminals are quick to capitalize on new opportunities and have already done so by optimizing their Blackhat SEO campaigns to infect those looking for those hot ticket item deals.

The following image is a malicious search result aimed at innocent users looking for Black Friday deals at a popular U.S. based retail chain:

Best Buy/Black Friday Malicious Search Result (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/bestbuy_malicious_search NULL.png)

Best Buy/Black Friday Malicious Search Result

Clicking on the link in the Firefox browser will redirect you to a fake Firefox “update” website, which will then infect your computer with fake antivirus software:

Fake Firefox Update Website (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/fakefirefoxupdate NULL.png)

Fake Firefox Update Website

Clicking the link in Internet Explorer (or any other browser) will lead you directly to the fake antivirus scan page:

Rogueware "Fake Antivirus" Page (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/Roguewarepage NULL.png)

Rogueware “Fake Antivirus” Page

ALERT: Windows Live Messenger 2009 Users–“Active links in Messenger 2009 temporarily turned off to prevent a malicious worm”

microsoft  Microsoft has announced via the Windows Team Blog (LINK) http://windowsteamblog.com/windows_live/b/windowslive/archive/2010/11/12/security-alert-active-links-in-messenger-2009-temporarily-turned-off-to-prevent-a-malicious-worm.aspx (http://windowsteamblog NULL.com/windows_live/b/windowslive/archive/2010/11/12/security-alert-active-links-in-messenger-2009-temporarily-turned-off-to-prevent-a-malicious-worm NULL.aspx) that they are now blocking Active links in Windows Live Messenger 2009. What that means is that when you are in a chat with someone, if a link appears that you will NOT be able to directly click on it to open the link. If you wish to see the link you will need to copy it from the chat window and then past it into your browser. 

     Keep in mind that not only in WLM chat but in all chat programs there is always a possibility of receiving “Rogue” links that were not actually sent by the person who you are talking to.  If you ever receive a link via chat, you want to make sure and check with the person you are talking to, so that you can confirm if its legit or not. 

     Those who click on the malicious link, will download a Worm (a form of virus), which will install on your pc, and then use your pc to send itself to all your friends links.  As always you should make sure you have an up to date Antivirus.

A particularly malicious worm (a self-replicating computer virus) is currently trying to spread itself through many of the world’s largest instant messaging and social networks, including Windows Live Messenger 2009. We’re very serious about protecting our customers, and are pursuing multiple avenues to help stop its progress. The worm spreads by inserting a link into an IM conversation with a person whose computer is already infected. When someone clicks the link, it opens in a browser, downloads the worm on the recipient’s computer, and then repeats this process.

Normally, when Messenger sees a web address in a conversation it is turned into a hyperlink which, when clicked, automatically opens in a web browser. This feature makes it very easy for the malicious worm to be unknowingly installed on your computer by clicking on the link and being sent to a web site containing the malicious software. We’re pursuing a number of activities to help protect you, working actively with industry experts and law enforcement to help stop this criminal activity.

Most notably, we’ve temporarily turned off active hyperlinks for web addresses sent in IM conversations using Windows Live Messenger 2009. You will still be able to copy a web address and paste it into a browser window if you know it to be safe, but by removing active hyperlinks from Messenger 2009, we’re taking a significant step towards stopping the unintentional spreading of this worm.

Because we’ve now blocked active links in Messenger 2009, starting today, some customers may also see a notification in the main Messenger window warning them that some features might not be available.

Messenger warning message (http://windowsteamblog NULL.com/cfs-file NULL.ashx/__key/CommunityServer-Blogs-Components-WeblogFiles/00-00-00-53-82-metablogapi/6116 NULL.messenger_2D00_warning_5F00_3E135389 NULL.png)

Messenger 2011 is not impacted in the same way, thanks to its Link Safety feature. However, we are actively monitoring the situation and investigating different approaches to help protect customers using the latest version of Messenger, should the situation change.

As always, we encourage customers to exercise caution with links to web pages that you receive in IMs, especially if the links are to a web page that you are not familiar with, unsure of the destination of, or suspicious of. Malicious software may be installed in your computer simply by visiting a web page with harmful content.

If you think your computer may have already been infected by a malicious worm, check the , please visit the Security TechCenter on Microsoft TechNet (http://technet NULL.microsoft NULL.com/en-us/security/default NULL.aspx), and then download and use the malicious software removal tool (http://www NULL.microsoft NULL.com/security/malwareremove/default NULL.aspx). For additional help with Messenger, check out the Messenger Solution Center (http://windowslivehelp NULL.com/product NULL.aspx?productid=2).

Apple: (Alert) Secret Button Sequence Bypasses iPhone Security

apple There is no doubt that the iPhone is one of the most successful phones of all time, but with success also comes a bigger target for people to want to find flaws with the product.  The recent issues with antenna gate, among others, have shown a flaw in the Apple armor.

Now we have a new issue for iPhone users, today a Brazilian iPhone user has discovered how to bypass any security code on any iPhone.  So if you trust that the keypad lock will keep others out of your phone, listen up……here is how to bypass the lock screen on your iPhone.

To bypass any lock screen simply hit “emergency call”, then enter three pound signs, hit the green call button and immediately press the lock button and you will have bypassed the security feature on the iPhone. “That simple procedure gives a snoop full access to the Phone app on the iPhone, which contains the address book, voicemail and call history.”  In addition, it seems that you also get access to the phones photo album.

 

Bug no iOS 4.1 (http://vimeo NULL.com/16179929) from Salomão Filho (http://vimeo NULL.com/salomao) on Vimeo (http://vimeo NULL.com).

Software: Pop Cap Giving Away Bejeweled for free–Today 10/10/10 only until 10 pm (PST)

image In celebration of the 10th anniversary of Bejeweled, Pop Cap which is the maker of the software, is giving away the full version of Bejeweled for FREE.  (That’s a $19.95 value)

image

For those not familiar with Bejeweled, it’s a puzzle game where you Match sparkling gems three at a time to make them burst in showers of color and points. Match four or more to create flashy power gems that boost your score and your mood with brilliant cascades and combos.

To get your copy of the full game for free visit the Pop Cap site (LINK) http://www.popcap.com/ (http://www NULL.popcap NULL.com/) and click on the “Get it Now” link.

Here are the steps to get the game once you click on the “Get it Now” link.

image

- You will get to the shopping cart page.  Note that on the page you will see the price and a discount amount bring your total to zero. Just click on checkout from here.

image

- You will now be taken to the Payment Method Page, where you will get prompted for your info, and you will see a selection of “No payment required”.  You can fill in your info (or some generic info if you wish not to share yours. Then make sure the “No payment needed” and select Review order.

image

- Finally you will see your order Review, just select “Place Order”.

image

- In the following screen you will see your Order Number (Shown as POP above), that is what you will use to register your game install. Now just click on download and install the game once it finishes downloading.

1st time after install –

When you 1st run the game you will see the following

image

- Click on Unlock Game

image

- Finally enter the order number here and click on register.

image

That’s it and with that you now have the full version of Bejeweled.

Scam Alert/Rip-Off Warning: The Geek Squad @ Best Buy is selling an update to the Sony PlayStation 3 for $30 that is actually offered FREE by Sony

bestbuy  From the “ARE YOU KIDDING ME!!!!” file, it seems that the Geek Squad at Best Buy is now trying to sell a PlayStation 3 update that Sony gives to PS3 owners for FREE. The update in question is a Firmware update to the PS3 that takes no time at all for anyone to do as long as you have your PS3 connected to the internet.  (Comment) I can only assume that Best Buy is looking for some seriously uneducated customers. The instructions direct from Sony posted below.

The following shot (Source: http://dualshockers.com/2010/10/01/best-buy-sells-free-ps3-upgrades/ (http://dualshockers NULL.com/2010/10/01/best-buy-sells-free-ps3-upgrades/)) Shows the Geek Squad In Store Ad at a Best Buy in Staten Island NYC:

 

 

 

 

A “normal” PlayStation 3 costs $299, but if Geek Squad does the firmware upgrade for you, there is an additional $30 fee.

Geek Squad / Best Buy claims that if they do the upgrade you will benefit from

- Play all Blu-Ray Movies & PS3 Games

- Eliminate bugs & glitches

- System Runs Smoother

- Improved connection to Facebook

- Power Save Settings

- Photo Gallery & Video Editor

- Addition of PlayStation Plus (which is an online service)

- Improved System Settings

At best (In my opinion) this is unnecessary/misleading and taking advantaged of an uneducated user…..At worst…….

(My opinion) I don’t think this should be legal.

To show you how misleading the $30 fee is, here are the steps that Geek Squad is charging you $30 for.  The following comes from Sony’s PlayStation Page (LINK)

 http://manuals.playstation.net/document/en/ps3/current/settings/update.html (http://manuals NULL.playstation NULL.net/document/en/ps3/current/settings/update NULL.html)

System Update

Software updates may include security patches, new or revised settings and features and other items, which will change your current operating system. It is recommended that you always maintain your system to use the latest version of the system software.

There are two ways to update as listed below:

  • Update via Internet
  • Update via Storage Media
Notices
  • Do not turn off the system or remove media during an update. If an update is cancelled before completion, the system software may become damaged, and the system may require servicing or exchange.
  • During an update, the power button on the system front and the PS button on the wireless controller are not active.
  • Depending on the content, you may not be able to play without first updating the system software.
Update via Internet

Download the update data directly to the system from the Internet. The latest update is automatically downloaded.

1.

Select (Settings) > (System Update).

2.

Select [Update via Internet].
Download the latest update data from the Internet. Follow the on-screen instructions to complete the operation.

Update via Storage Media

Use update data saved on a disc, Memory Stick™ or other media. Download the update data from a Web site using a PC. For more information, visit the SCE Web site for your region (http://manuals NULL.playstation NULL.net/document/en/support NULL.html).

Hints
  • Update data may also be contained in some game discs, commercially available BD video software, and other types of disc media. When you play a disc that contains update data, a screen will be displayed to guide you through the update process. Follow the on-screen instructions to perform the update.
  • An appropriate USB adaptor (not included) is required to use storage media with some models of the PS3™ system.

 

Of course those instructions are based on the fact that you have your PS3 already connected to your internet service. If you have a PS 3 and are not sure how to get it connected to your home internet connection, you can visit the following Sony PlayStation pages

Wired Connection (LINK) http://us.playstation.com/support/answer/index.htm?a_id=261 (http://us NULL.playstation NULL.com/support/answer/index NULL.htm?a_id=261)

Wireless Connection (LINK) http://us.playstation.com/support/answer/index.htm?a_id=238 (http://us NULL.playstation NULL.com/support/answer/index NULL.htm?a_id=238)

So for now, be careful if you purchase a PS3 at a Best Buy location, save yourself the $30 dollars and use that to buy either an additional controller, a Blu-Ray disk, or an additional game. If nothing else, use that $30 to pay the 12 yr. old family member tech. or neighbor child to get them to unpack and install the PS3 at your house.  I’m sure they would appreciate it more.

ALERT: New Rogueware–This one can detect which browser your using and customize the fake alert to the browser you are using

computer virus  In a never ending effort to inform the visitors to TGM, here is another ALERT concerning a new version of Rogueware (Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven)) that can actually figure out what web browser you are using and then customize the fake message to look like a standard message for the browser you are using.  As always the reason these types of attacks work is because of the social engineering aspect, most people don’t know any better, they assume that if the message pops up on their pc the “it must be true”.  Unfortunately the messages that you will see as a result of the Rogueware are nothing more than a trick to get control of your pc. 

The following article (Written by Daniel Radu of the Microsoft Malware Protection Center) comes from the Microsoft TechNet Blog (LINK) http://blogs.technet.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie.aspx (http://blogs NULL.technet NULL.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie NULL.aspx) . You should pay close attention to what the fake alert can look at in each of the browsers (At the bottom of the message you get “Upgrade to a reliable solution”).

**************************************************************************************************************************************

Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie

A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven). We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation.

Let us say from the beginning that the guys behind this rogue like to copy big-time. They start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome, or Firefox.  This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue, relying on the user’s trust of his day-to-day browser.

The similarity between the fake warning pages is so accurate that it can trick even highly trained eyes.

In the Firefox page, for example, you can see it’s not the real warning page because they misspelled ‘out’ and wrote ‘Get me our of here’.

Chrome

Internet Explorer

But for all three browsers, a common indication that you are not looking at the actual browser warning is the offer of some sort of an “update” or “solution”. All the “updates” point to a copy of MSIL/Zeven that promises to provide “a new approach to windows detection”. Internet Explorer, Firefox, and Chrome do not offer such a solution when a website is blocked.

When installed, the product looks very genuine: it allows you to scan files, tells you when you’re behind on doing your updates, and enables you to tweak your security and privacy settings. These features are usually available in various legitimate antivirus solutions. However, the features don’t work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs).

Of course once it scans your computer it’s bound to claim it found something scary (malicious), as shown below:

As usual with rogue scanners, although it “found” malicious files, it claims it cannot delete them unless you update. That implies that you need to pay for the full version, which has the ability to download updates. However, these files are totally bogus; no such files exist in the user’s computer.

If you decide to buy the product, this rogue opens an HTML window enabled with ‘Safe Browsing Mode’ and high strength encryption to “help” and ”protect” you while completing your purchase. Of course these features are totally worthless and don’t actually do anything in the way of securing your credit card details.

The main page of the rogue antivirus program itself looks awfully close to the Microsoft Security Essentials webpage – more copying from the bad guys. The people behind it have even copied the awards received by Microsoft Security Essentials and link to the Microsoft Malware Protection Center -  pretty sneaky of them.

This is a screenshot of the rogue’s main webpage:

And, by way of contrast, this is a screenshot of the genuine Microsoft Security Essentials (http://www NULL.microsoft NULL.com/security_essentials/) page:

It seems that these guys want to profit on the good reputation and success of Microsoft Security Essentials in order to make money – but we remind our customers that Microsoft Security Essentials can be downloaded at no cost. And it really does protect your computer from malware!

We detect both the downloader of the rogue and the rogue itself as Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven).

Until our next encounter: browse safely!

Daniel Radu
MMPC Dublin

Apple: (From Gizmodo) Apple Security Breach Gives Complete Access to Your iPhone (ALERT)

apple Gizmodo is reporting that a new vulnerability has been found that affects iPhone, iPod, and iPads

From Gizmodo -

Right now, if you visit a web page and load a simple PDF file, you may give total control of your iPhone, iPod touch (http://gizmodo NULL.com/tag/ipodtouch/), or iPad to a hacker. The security bug affects all devices running iOS 3.1.2 and higher.

Update: Initially we thought that this exploit only effected iOS4 devices, but it turns out all iPhones, iPod Touches and iPads running 3.1.2 and higher are susceptible.

The vulnerability is easily exploitable. In fact, the latest one-click, no-computer-required Jailbreak solution for iOS 4 devices (http://gizmodo NULL.com/5601874/jailbreakme-20-jailbreaks-all-apple-ios-40-401-and-321-devices) uses this same method to break Apple’s own security (although in a completely benign way for the user).

The result is that, without any user intervention whatsoever, that program can do whatever it wants inside your iPhone, iPod touch or iPad. Anything you can imagine: Delete files, transmit files, install programs running on the background that can monitor your actions… anything can be done.

The short answer to this issue is that you need to be careful and not click on any links to PDFs on your iPhone, iPod, or iPad until Apple releases an update to this issue.

The complete post can be found on the Gizmodo site (LINK:) http://gizmodo.com/5603319/ (http://gizmodo NULL.com/5603319/)

Ads by Google

View in: Mobile | Standard