DarkFiber Consulting – IT Managed Services

Microsoft Releases Security Bulletin MS08-078

December 17th, 2008 . by DarkFiber Consulting

Microsoft has released Security Bulletin MS08-078 to address a vulnerability in Internet Explorer. This vulnerability is due to an invalid pointer reference in the data binding function. By convincing a user to view a specially crafted document that performs data binding (e.g., a web page, email message, or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code.

DarkFiber Consulting encourages users to review Microsoft Security Bulletin MS08-078 and apply the update or workarounds listed in the bulletin to help mitigate the risks. Users may also want to consider implementing the best security practices listed in the Securing Your Web Browser document to strengthen their web browsers against future vulnerabilities.

Additional information regarding this vulnerability can be found in the Vulnerability Notes Database.

Multiple Web Browsers Affected by Clickjacking

September 26th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a new cross-browser exploit technique called “Clickjacking.” According to one of the reports, Clickjacking gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable. Therefore, if a user clicks on a web page, they may actually be clicking on content from another page. A separate report indicates that this flaw affects most web browsers and that no fix is available, but that disabling browser scripting and plug-ins may help mitigate some of the risks.

An additional report suggests that Firefox users consider using the NoScript plug-in as an added preventative measure. Disabling IFRAMEs by default, as outlined in the Securing Your Web Browser document, is reported to protect against the vulnerability.

DarkFiber Consulting encourages users to review the report and follow the security recommendations as described in the Securing Your Web Browser document to help mitigate some of the risks.

DarkFiber Consulting will provide additional information as it becomes available.

Apple MobileMe Phishing Scam

August 13th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a phishing attack circulating via email messages that appear to be targeting Apple MobileMe users. These messages claim that there is a problem with the user’s billing information and instruct the user to follow a web link to update personal information. Clicking on this link directs the user to a web page that contains a seemingly legetimate web form requesting personal and financial information. Any information entered in this form is not sent to Apple but rather, to a malicious attacker.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Webex Meeting Manager ActiveX Control Vulnerability

August 11th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a vulnerability that affects Webex Meeting Manager. This vulnerability is due to improper handling of arguments passed to the “NewObject()” method within the WebexUCFObject ActiveX control (atucfobj.dll). By convincing a user to visit a specially crafted web page, a remote attacker may be able to execute arbitrary code.

Public reports indicate that Webex has addressed this issue in Meeting Manager version 20.2008.2606.4919. DarkFiber Consulting encourages users to upgrade to this version or set the kill bit for CLSID 32E26FD9-F435-4A20-A561-35D4B987CFDC. Information about how to set a kill bit can be found in Microsoft Support Article 240797.

Microsoft Releases Security Advisory For Snapshot Viewer ActiveX Control

July 14th, 2008 . by DarkFiber Consulting

Microsoft has released a Security Advisory to address a vulnerability in a Microsoft Access ActiveX control. By convincing a user to visit a specially crafted web page, a remote, unauthenticated attacker may be able to execute arbitrary code. The Advisory also indicates that the vulnerability is being used in active, targeted attacks.

DarkFiber Consulting encourages users to review Microsoft Security Advisory 955179 and apply the workarounds to help mitigate the risks. Additional information regarding this issue can be found in the Vulnerability Notes Database.