The Microsoft Security Response Centre - new Security Advisory released.

sassofalco

What bad, bad,habit?
Vista Guru
Microsoft Security Response Centre - Security Advisory Updated Friday 12Dec08.

The Microsoft Security Response Centre (MSRC) - Security Advisory.
Advisory released by the MSRC Team on December 10, 2008 4.44pm [GMT= 12.44am 11 Dec 08].

The MSRC Team today released Microsoft Security Advisory 961051, which contains information regarding new attacks against a new vulnerability in Internet Explorer.

This advisory is posted less than 48 hours after the latest patch and update for IE.

To read the full Advisory, link to it here;

The Microsoft Security Response Center (MSRC) : Microsoft Security Advisory 961051

The vulnerability has been detected in a number of MS Operating Systems. Is yours included? Find out by reading the linked Advisory, and await further developments.
________________________________________________________________
Norm Cameron has prepared a well written summary of this ongoing crisis here;


Vista Forums>System Security>Big Security Hole in all IE Versions.
________________________________________________________________
Update - Microsoft Security Advisory 961051.
Released by the MSRC Team on December 11, 2008 4.04pm [GMT= 12.04am Fri 12 Dec 08].

This is the second Advisory released by the MSRC Team. It expands on the attacks on Internet Explorer7, and includes similar warnings about attacks to all other supported versions of IE;

The Microsoft Security Response Center (MSRC) : Microsoft Security Advisory 961051 Updated

Start telling your friends about this problem......now.

________________________________________________________________
Norm Cameron has prepared a well written summary of this ongoing crisis here;

Vista Forums>System Security>Big Security Hole in all IE Versions.
________________________________________________________________
Update - Microsoft Security Advisory 961051.
Released by the MSRC Team on December 12, 2008 4.58pm [GMT= 12.58am Sat 13 Dec 08].

This is the third Advisory released by the MSRC Team. This is fast becoming a problem of Global proportions and this release contains a great amount of information about it, and also gives some defensive workarounds for Users.

The Microsoft Security Response Center (MSRC) : Friday update for Microsoft Security Advisory 961051

Sure to be more to follow. Advisories Updates will be added as soon as they come to hand.
________________________________________________________________________
Update - Microsoft Security Advisory 961051.
Released by the MSRC Team on Tuesday December 16, 2008 12.28pm [GMT= 8.28pm Tue 16 Dec 08].

Microsoft - Advance Notification for December 2008 Out-of-Band Security Bulletin Release.
____________________________________________________

Microsoft plan to release an out-of-band security update tomorrow to deal with the above issues. The planned target time for the release is at 10.00am. Pacific Time, Wednesday 17 December 2008 [GMT= 6.00pm Wed 17 Dec 2008]


For the full detail of the Advance Notification, please link here;

The Microsoft Security Response Center (MSRC) : Advance Notification for December 2008 Out-of-Band Release

________________________________________________________________________
Update - Microsoft Security Response Centre Team Announcement.
Released by the MSRC Team on Wednesday December 17, 2008 11.20pm [GMT= 7.20pm Wed 17 Dec 08].


MS08-078 Released [Out-of-Band IE Security Update]
____________________________________________________



This announcement summarises events of the past week in which all supported versions of Internet Explorer came under active attack, and broadly outlines the subsequent steps that were taken, first to assist customers in working around the problem, and secondly, in the urgency with which the problem was addressed so that an out-of-band fix could be issued in the shortest possible time frame.

The announcement starts with;

Hello, Mike here,
Today we released security update MS08-078, protecting customers from active attacks against Internet Explorer. This update will be applied automatically to hundreds of millions of customers through automatic updates over the next few days. And, for our enterprise customers - with multiple systems within their networks – this update can be deployed through all standard security update management systems including, SCCM, SMS, WSUS, and Windows Update as of 10AM PST today.......more

The entire announcement can be read here;


The Microsoft Security Response Center (MSRC) : MS08-078 Released


Lets all hope that that's the end to this event. Finally, don't forget to check your Windows Updates and install the released fix for your version of Internet Explorer, as soon as possible.

________________________________________________________________________
Additional Reading and Information here;
Microsoft® Malware Protection Center
________________________________________________________________________
 
Last edited:

My Computer

System One

  • Manufacturer/Model
    Acer Aspire Notebook 5633WLMi.[5630 Series]
    CPU
    Intel Centrino Duo Processor - Intel Core 2 CPU.
    Memory
    4GB DDR2 [3.07GB maximum real available]
    Graphics Card(s)
    nVidia GeForce Go 7300, 128MB
    Sound Card
    Realtek HD Audio, Ver. 6.0.1.5717, 2.08MB
    Monitor(s) Displays
    Acer Aspire Notebook - 15.4"; Acer LCD Monitor X223Wsd - 22".
    Screen Resolution
    1280x800x60Hertz [max.]
    Hard Drives
    Notebook - Samsung HM320JI 320GB HD installed 07 August 2009.
    External HDs [4];Maxtor One Touch4 - 500GB External HD [Drive M:\].Western Digital WDXMS1200TA - 120GB External HD [Drive G:\ - Windows Defender Backup Files only]. Two x LaCie 320GB Mobi
    Mouse
    Logitech Wireless V320 for Notebooks - Model M/N: M-RCD125
    Internet Speed
    Down 20000kb/sec / Up 1000kb/sec [Bigpond-Aus]
    Other Info
    Brother MFC-465CN; PC to Fax/Scan/Copy/Photo MFC. Epson Perfection V300 Photo Scanner. Siemens Speedstream 6520 Router. Wacom 'Bamboo Fun' CTE-650 PC Tablet, Stylus and Mouse. UAC - On;Activated. Browsers; [1] FireFox v3.6[2] IE8. Honorary R.S.M. to the 4th [Assault Pioneer] Troop Pune Sepoys , and 3rd Troop Jodhpur Bengali Lancers.
Update - Microsoft Security Advisory 961051.
Released by the MSRC Team on December 11, 2008 4.04pm [GMT= 12.04am 12 Dec 08].

The MSRC Team today released an update to Microsoft Security Advisory 961051 which includes the following introductory statement;

"While the known attacks are only targeting Internet Explorer 7, we have found that the underlying vulnerability affects all currently supported versions of Internet Explorer. We have updated the advisory to include this information."


To read the full updated Advisory, link to it here;


The Microsoft Security Response Center (MSRC) : Microsoft Security Advisory 961051 Updated


For your own security, please link to and read the Advisory, then tell all your friends of this developing situation. Subscribe to this Thread and await further updates on this problem.
 

My Computer

System One

  • Manufacturer/Model
    Acer Aspire Notebook 5633WLMi.[5630 Series]
    CPU
    Intel Centrino Duo Processor - Intel Core 2 CPU.
    Memory
    4GB DDR2 [3.07GB maximum real available]
    Graphics Card(s)
    nVidia GeForce Go 7300, 128MB
    Sound Card
    Realtek HD Audio, Ver. 6.0.1.5717, 2.08MB
    Monitor(s) Displays
    Acer Aspire Notebook - 15.4"; Acer LCD Monitor X223Wsd - 22".
    Screen Resolution
    1280x800x60Hertz [max.]
    Hard Drives
    Notebook - Samsung HM320JI 320GB HD installed 07 August 2009.
    External HDs [4];Maxtor One Touch4 - 500GB External HD [Drive M:\].Western Digital WDXMS1200TA - 120GB External HD [Drive G:\ - Windows Defender Backup Files only]. Two x LaCie 320GB Mobi
    Mouse
    Logitech Wireless V320 for Notebooks - Model M/N: M-RCD125
    Internet Speed
    Down 20000kb/sec / Up 1000kb/sec [Bigpond-Aus]
    Other Info
    Brother MFC-465CN; PC to Fax/Scan/Copy/Photo MFC. Epson Perfection V300 Photo Scanner. Siemens Speedstream 6520 Router. Wacom 'Bamboo Fun' CTE-650 PC Tablet, Stylus and Mouse. UAC - On;Activated. Browsers; [1] FireFox v3.6[2] IE8. Honorary R.S.M. to the 4th [Assault Pioneer] Troop Pune Sepoys , and 3rd Troop Jodhpur Bengali Lancers.
Update - Microsoft Security Advisory 961051.
Released by the MSRC Team on December 11, 2008 4.04pm [GMT= 12.04am 12 Dec 08].

The MSRC Team today released an update to Microsoft Security Advisory 961051 which includes the following introductory statement;

"While the known attacks are only targeting Internet Explorer 7, we have found that the underlying vulnerability affects all currently supported versions of Internet Explorer. We have updated the advisory to include this information."


To read the full updated Advisory, link to it here;


The Microsoft Security Response Center (MSRC) : Microsoft Security Advisory 961051 Updated


For your own security, please link to and read the Advisory, then tell all your friends of this developing situation. Subscribe to this Thread and await further updates on this problem.


Thanks Tony. Good to keep on top of these things.
 

My Computer

System One

  • Manufacturer/Model
    Scratch Built
    CPU
    Intel Quad Core 6600
    Motherboard
    Asus P5B
    Memory
    4096 MB Xtreme-Dark 800mhz
    Graphics Card(s)
    Zotac Amp Edition 8800GT - 512MB DDR3, O/C 700mhz
    Monitor(s) Displays
    Samsung 206BW
    Screen Resolution
    1680 X 1024
    Hard Drives
    4 X Samsung 500GB 7200rpm Serial ATA-II HDD w. 16MB Cache .
    PSU
    550 w
    Case
    Thermaltake
    Cooling
    3 x octua NF-S12-1200 - 120mm 1200RPM Sound Optimised Fans
    Keyboard
    Microsoft
    Mouse
    Targus
    Internet Speed
    1500kbs
    Other Info
    Self built.
IE exploits for Advisory 961051, now hosted on pornography sites

New Technet blog :-
"Two days ago, we blogged about attacks that involve exploits of the recently discovered vulnerability in Internet Explorer. We would like to give you a quick update about these attacks.
Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability. That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: we saw a huge increase in the number of reports today compared to yesterday.
How are the attackers managing to affect more users now? First, some legitimate web sites were maliciously modified to include the exploits. For example a popular search engine in Taiwan was found to be hosting the exploit. Luckily, that site was quickly cleaned. Secondly, we’ve noticed some pornography sites have started hosting these exploits too: We recently found a web site in Hong Kong that serves various content including adult entertainment. Users who hoped to watch that content, became target of those attacks: specifically, the exploit dropped trojans that we detect as Trojan:Win32/VB.IQ.dr and Trojan:Win32/VB.IQ.
MSRC keeps their advisory updated with possible workarounds. Read carefully, see what applies to you and in the meantime, you should always exercise caution when browsing and try to go to sites that you trust."
Microsoft® Malware Protection Center : The new IE exploits for Advisory 961051, now hosted on pornography sites
 

My Computer

System One

  • Manufacturer/Model
    Scratch Built
    CPU
    Intel Quad Core 6600
    Motherboard
    Asus P5B
    Memory
    4096 MB Xtreme-Dark 800mhz
    Graphics Card(s)
    Zotac Amp Edition 8800GT - 512MB DDR3, O/C 700mhz
    Monitor(s) Displays
    Samsung 206BW
    Screen Resolution
    1680 X 1024
    Hard Drives
    4 X Samsung 500GB 7200rpm Serial ATA-II HDD w. 16MB Cache .
    PSU
    550 w
    Case
    Thermaltake
    Cooling
    3 x octua NF-S12-1200 - 120mm 1200RPM Sound Optimised Fans
    Keyboard
    Microsoft
    Mouse
    Targus
    Internet Speed
    1500kbs
    Other Info
    Self built.
Back
Top