Blog

The H-Online: As expected, Microsoft has released nine bulletins to close a total of 21 holes in its products. Four of the bulletins close critical vulnerabilities in Windows, Internet Explorer, .NET and Silverlight, including an issue in the Windows kernel-mode drivers that became publicly known in December of last year. The company advises those responsible for prioritizing update deployment to focus on the critical patches for Internet Explorer and the C Runtime Library in Windows, as these could be exploited by an attacker to remotely execute arbitrary code on a victim’s system. For an attack to be successful, a user must first visit a malicious web page or open a specially crafted file. The other critical bulletins fix issues in .NET and Silverlight, as well as the Windows kernel. Microsoft notes that it has yet to see any active attacks exploiting these issues in the wild. ...

The H-Online: Adobe has updated Shockwave Player on Windows and Mac OS X to version 11.6.4.634 after identifying nine critical vulnerabilities. The problems affect Shockwave Player 11.6.3.633 and all earlier versions on Windows and Mac OS X – Adobe recommend updating to the new release by downloading it from get.adobe.com/shockwave. To identify whether Shockwave Player is installed on a system, users should visit the test page on Adobe’s site. The majority of the problems are in the Shockwave 3D Asset where seven memory corruption vulnerabilities could lead to code execution; these were all reported by Hongnang Ren of FortiGuard Labs. An eighth memory corruption issue and a heap overflow vulnerability, both of which could also lead to code execution, were reported by “instruder” of vulnhunt.com and bring the flaw tally up to nine.

LifeHacker: Chrome 17 is out with a new pre-rendering feature designed to make your pages load faster, and both Firefox and Opera have also released speedy new versions since our last round of speed tests. So, we’ve once again pitted the four most popular web browsers against each other in a battle of startup times, tab loading times, and more, with more surprising results. Continue Reading: http://lifehacker.com/5884941/browser-speed-tests-chrome-17-firefox-10-internet-explorer-9-and-opera-1161 (Hint: As always Chrome is winner, no doubt!)

SophosLabs: A hacker, identified as a 17-year-old based in Morocco, claims to have stolen the personal information of 350,000 users from hardcore porn mavens Brazzers. The point, claims the hacker, was to highlight a security vulnerability on the adult site. According to reports, the teen uploaded a small small of the stolen data to the internet, displaying customer emails, usernames and passwords. Presumably to offer up proof that he was behind the breach. ...

SophosLabs: It’s Valentine’s Day tomorrow and the spammers are out in force to make the most of unwitting shoppers on the international day of love. Looking to buy a present for someone this Valentine’s Day? Ooh look what popped into my inbox, an email inviting me to buy my Valentine an *ahem* “romantic” gift. Valentine’s Day, the 14th February, is the day we celebrate our feelings of affection for our boyfriends, girlfriends, husbands and wives. It is traditional to do this with a special romantic gift. Looking for a Valentine’s Day Gift for him or the perfect token of love for her? Look no further than here! ...

Sorin Mustaca wrote at Avira TechBlog: In case you’ve seen this on Facebook, try to not click on it even if you understand French (it appears to be only in Franch) because it will take you on a road where you don’t want to be. But, we like to live dangerous, so we analyzed this for you. Continue Reading at Avira TechBlog: http://techblog.avira.com/2012/02/13/new-captcha-method-or-just-another-likejacking-scam/en/

The H-Online: Opera has published a development snapshot of version 12 of its web browser that adds support for Mozilla’s “Do Not Track” (DNT) header. Code-named “Wahoo”, the unstable release is the first from Opera to support the DNT header, which signals web sites that the browser user wishes to opt-out of online behavioral tracking; online advertising networks use cookies and other web technologies to recognize internet users and serve them tailored advertising. Support for DNT in Opera 12 is currently disabled by default. Users can enable it in the preferences dialogue by selecting “Preferences > Advanced > Security > Ask websites not to track me”. ...

Mashable: Reddit, known for its freewheeling approach to content management, instituted a new rule over the weekend that banned suggestive or sexual content featuring minors. “We have very few rules here on Reddit; no spamming, no cheating, no personal info, nothing illegal, and no interfering the site’s functions,” read a post on the site’s blog Sunday. “Today we are adding another rule.” The post noted that Reddit has dealt with content that “might be child pornography” by complying with legal guidelines and reporting procedures outlined by the National Center for Missing and Exploited Children. ...

SophosLabs: ComputerWorld today reports that the UK’s Metropolitan Police has warned Windows users of a malware attack that poses as a message from the computer crime-fighting cops themselves. The ransomware attack attempts to lock the computer, and posing as an unofficial notice from a law enforcement agency, claims that the victim’s PC has been determined to have visited illegal websites. Only payment for a fine, claims the message, will restore the computer’s functionality. ...

SophosLabs: Have you seen the news? Maybe your friends have shared it with you. Apparently, Facebook is going to shut down on March 15th, 2012. Mark Zuckerberg has reportedly found running the site just too stressful. Here’s the link that many Facebook users have been sharing with each other. Some worried Facebook users have even been sharing this photograph of a news report about the claimed closure of the world’s most popular social network: ...