©2010 Networking Delaware, LLC
First Name
City
State
Email Address
Sign Up for
our informative
Monthly Newsletter
First Name
City
State
Email Address
3/22/10
The Antivirus vendor,BitDefender, recently released a damaged update that marks legitimate Windows and BitDefender files as malicious. BitDefender will then quarantine these files identifying them as “Trojan.FakeAlert.5" resulting in Windows becoming un-bootable.
This faulty update only effects the 64-bit versions of Windows and was the update had to occur between 8am and 11:30am on the March 20th
The company has released a press release containing fixes for the various versions located here.
The company released this message:
"On behalf of BitDefender, we are very sorry for the problems that our update may have caused. We have also released a solution to this issue, for all affected users, we invite you to access it here:
http://www.bitdefender.com/site/KnowledgeBase/consumer/#643- BitDefender Business Client users
http://www.bitdefender.com/site/KnowledgeBase/consumer/#642- Bitdefender Security for File Server users
If there are any unexpected situations, we kindly ask you to contact our support team directly via email, chat, phone or forum at http://www.bitdefender.com/site/Main/contactEmail/
Thank you for your understanding."
Malware that exploits holes in popular applications is being delivered by big ad delivery platforms including those run by Yahoo, Fox, and Google, according to Prague-based antivirus firm Avast.
Malware has previously been found in ads running on normally trustworthy sites like The New York Times, the Drudge Report.com, TechCrunch and WhitePages.com. The practice has been dubbed "malvertising."
Researchers at Avast say some large ad delivery systems including Yahoo's Yield Manager and Fox Audience Network's Fimserve.com (together they cover more than 50 percent of online ads), and to a much smaller degree Google's DoubleClick, are delivering much of the Malvertising. In addition, some of the malicious ads ended up on Yahoo and Google sites, Avast claims.
"It's not just the small players but the ad servers connected with Google and Yahoo have been infected and served up bad ads," said Lyle Frink, public relations manager for Avast.
The most compromised ad delivery systems were Yield Manager and Fimserve, but a number of smaller ad systems, including Myspace, were also found to be delivering malware on a lesser scale, Avast Virus Labs said.
.
3/25/10
In these cases, JavaScript code that Avast dubbed "JS:Prontexi," was found in ads delivered from those networks. Avast researcher Jiri Sejtko said this is a Trojan in script form that targets the Windows operating system. It trys to find vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings when it does find them, Sejtko said. "The Google portion of JS:Prontexi is quite small and has gotten visibly even smaller as they have taken steps to improve the situation," Sejtko said. "That is not the case with Yahoo and Fox."
Users don't need to click on anything to get infected; a computer becomes infected immediately after the ad is loaded by the browser, Avast said.
Since the malware started spreading in late December, Avast has registered more than 2.6 million instances of it on customers' computers
The coming "Patch Tuesday on April 13th, 2010 features 11 important security and functional patches.
Here are the patches Microsoft says will be released:
Bulletin 1: Critical (Remote Code Execution) – Affects Windows
Bulletin 2: Critical (Remote Code Execution) – Affects Windows
Bulletin 3: Critical (Remote Code Execution) – Affects Windows
Bulletin 4: Critical (Remote Code Execution) – Affects Windows
Bulletin 5: Critical (Remote Code Execution) – Affects Windows
Bulletin 6: Important (Elevation of Privilege) – Affects Windows
Bulletin 7: Important (Remote Code Execution) – Affects Windows
Bulletin 8: Important (Remote Code Execution) – Affects Office
Bulletin 9: Important (Denial of Service) – Affects Windows & Exchange
Bulletin 10: Important (Remote Code Execution) – Affects Office
Bulletin 11: Moderate (Spoofing) – Affects Windows
To learn more about these patches, visit the Microsoft Security Bulletin page.
4/09/10
4/18/10
A serious vulnerability exists in Java and Sun has known about this vulnerability since around April 9th. This exploit can occur because the Java Browser Plugin is running “javaws.exe” without validating command-line parameters. Last week, when confronted about the problem, Oracle said they did not consider this vulnerability to be of high enough priority to break their quarterly patch cycle.
A U.S.-based Web site, Songlyrices.com was compromised by attackers, and was redirecting visitors to a Russian server feeding the Java attack as well as other exploits.
Now that users have started reporting that they are being infected by the drive-by Java attacks, Oracle has changed its mind and issued a patch. If you haven't already patched this vulnerability you can download Java software at http://www.java.com/en/download/index.jsp
McAfee agrees to cover Repair Bills for damaged XP SP3 Systems After Buggy Update
Last week McAfee released a buggy update that deleted a critical system file which caused computers to shut down.
McAfee recently sent out a press release saying that they will cover the repair bills for the machines effected:
For customers who have incurred costs to repair PCs as a result of the security update, McAfee will reimburse them for reasonable expenses, such as a visit by a tech support specialist (such as Networking Delaware).
Details of this program, including instructions on how to submit a reimbursement request, will be posted on McAfee's Web site within a few days. Check back often.
The press release went on to say; "Additionally, because we value our loyal customers, home or home office users whose PCs were rendered inoperable or severely impaired as a result of the security update will receive a free two-year extension of their current McAfee subscription product at no charge" .
If you were effected by this, here are the steps you can take to get the machine back up and running:
Step 1 - Locate a local toll free support number for your country. A qualified technician will diagnose your computer's current status and determine the fastest way to get you up and running again.
Step 2 - If the technician can't get your system up and running over the phone, we'll get you the software to get your system up and running again. We can get you the software in one of two methods. You can either download the software fix from a working PC, or we will express deliver a CD to you.
4/27/10
(302)
368-8630
Networking
Delaware
I.T. Services
