[1735] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, May 8, 2009
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Fri May 8 13:04:22 2009
Message-Id: <93DF9E86-EA67-4685-BC9A-A84B17A51CC0@mit.edu>
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi@mit.edu
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Fri, 8 May 2009 12:57:11 -0400
Cc: itss@mit.edu
Content-Type: multipart/mixed; boundary="===============1923419317=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1923419317==
Content-Type: multipart/alternative; boundary=Apple-Mail-17--645856696
--Apple-Mail-17--645856696
Content-Type: text/plain;
charset=WINDOWS-1252;
format=flowed;
delsp=yes
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Updated Browsers More Secure
2. Adobe Patch Coming Soon for Zero-Day Flaw
3. Pirated Windows 7 Release Candidate Contains Trojan
--------------------------------------------
1. Updated Browsers More Secure
--------------------------------------------
When was the last time you updated your browser? Does this happen =20
automatically, or do you need to install the update manually?
In a study conducted by Thomas Duebendorfer of Google Switzerland and =20=
Stefan Frei of the Swiss Federal Institute of Technology, statistics =20
show how updating browsers more frequently and automatically makes for =20=
safer browsing.
Chrome, Google's browser, updates without asking the user every 5 =20
hours. Compared to other browsers, such as Firefox, Safari, Opera and =20=
Internet Explorer, Google Chrome's update policy is set to occur the =20
most frequent.
Why is frequent and automatic updates considered a good thing? Aside =20
from the obvious bias the researchers had when conducting the study, =20
it showed that 97% of Chrome users had the most current version of =20
their browser, compared to 85% of Firefox users, 53% of Safari users, =20=
and 24% of Opera users. Browsers that have not been updated with =20
security patches remain vulnerable to the latest cyber threats.
The researchers conclude their study by encouraging browser makers to =20=
adopt the Chrome silent update mechanism.
Read the full story:
=
<http://www.informationweek.com/news/internet/security/showArticle.jhtml?a=
rticleID=3D217300466=20
>
-------------------------------------------------------------
2. Adobe Patch Coming Soon for Zero-Day Flaw
-------------------------------------------------------------
Adobe plans to push out a patch on May 12th to address a zero-day flaw =20=
in Acrobat and Reader that could be exploited to create denial of =20
service conditions or execute arbitrary code. Adobe will issue fixes =20=
for Reader and Acrobat versions 7, 8 and 9 for Windows and for =20
versions 8 and 9 for Mac and Unix. Adobe has also acknowledged a =20
second flaw in Reader for Unix that will be fixed in forthcoming Adobe =20=
Reader for Unix updates.
Until the fixes are available, Adobe recommends disabling JavaScript =20
in both Reader and Acrobat by using the following instructions:
1. Launch Acrobat or Adobe Reader
2. Select Edit > Preferences
3. Select the JavaScript Category
4. Uncheck the =91Enable Acrobat JavaScript=92 option
5. Click OK
Adobe Security Bulletins CVE-2009-1492 and CVE-2009-1493
<http://www.adobe.com/support/security/advisories/apsa09-02.html>
Full story:
=
<http://www.eweek.com/c/a/Security/Adobe-Preps-Patch-for-Zeroday-Vulnerabi=
lity-366529/=20
>
[Article source: SANS]
=
-------------------------------------------------------------------------
3. Pirated Windows 7 Release Candidate Contains Trojan
=
-------------------------------------------------------------------------
Reports are circulating that pirated versions of Windows 7 Release =20
Candidate (RC) available on file sharing sites contain malware. The =20
malware has been identified by one user as the Falder Trojan horse =20
program, which plants scareware on PCs and uses a rootkit to evade =20
detection by real antivirus packages.
Microsoft released Windows 7 RC on Tuesday, May 5. Earlier this year, =20=
pirated copies of Apple's iWork '09 were found to contain malware that =20=
took control of Macs.
It is recommended to always download software (even pre-lease software =20=
like Windows 7 RC) from trustworthy sources, such as the company's =20
official download page, and not from file sharing sites. In addition, =20=
it is not advisable to test pre-release software on your primary or =20
business computer, but on a virtual or other test computer.
Read the full story:
=
<http://www.computerworld.com/action/article.do?command=3DviewArticleBasic=
&articleId=3D9132522=20
>
[Article source: SANS]
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
--Apple-Mail-17--645856696
Content-Type: text/html;
charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">In =
this issue:</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">1. =
Updated Browsers More Secure</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">2. Adobe Patch Coming Soon for =
Zero-Day Flaw</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; "><span style=3D"font: 14.0px Helvetica">3. =
</span>Pirated Windows 7 Release Candidate Contains Trojan</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">--------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">1. =
Updated Browsers More Secure</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">--------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">When was the last time you =
updated your browser? Does this happen automatically, or do you need to =
install the update manually? </div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">In =
a study conducted by Thomas Duebendorfer of Google Switzerland and =
Stefan Frei of the Swiss Federal Institute of Technology, statistics =
show how updating browsers more frequently and automatically makes for =
safer browsing.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Chrome, Google's browser, updates without asking the user every 5 =
hours. Compared to other browsers, such as Firefox, Safari, Opera and =
Internet Explorer, Google Chrome's update policy is set to occur the =
most frequent.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Why is frequent and automatic updates considered a good thing? Aside =
from the obvious bias the researchers had when conducting the study, it =
showed that 97% of Chrome users had the most current version of their =
browser, compared to 85% of Firefox users, 53% of Safari users, and 24% =
of Opera users. Browsers that have not been updated with security =
patches remain vulnerable to the latest cyber threats.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; ">The researchers conclude their =
study by encouraging browser makers to adopt the Chrome silent update =
mechanism.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">Read the full story:</div><div style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Helvetica; "><<a =
href=3D"http://www.informationweek.com/news/internet/security/showArticle.=
jhtml?articleID=3D217300466">http://www.informationweek.com/news/internet/=
security/showArticle.jhtml?articleID=3D217300466</a>></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; min-height: 17px; "><br></div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
">-------------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; ">2. =
Adobe Patch Coming Soon for Zero-Day Flaw</div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; =
">-------------------------------------------------------------</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Helvetica; =
min-height: 17px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Adobe plans to push out a patch on =
May 12th to address a zero-day flaw in Acrobat and Reader that could be =
exploited to create denial of service conditions or execute arbitrary =
code. Adobe will issue fixes for Reader and Acrobat versions 7, 8 =
and 9 for Windows and for versions 8 and 9 for Mac and Unix. Adobe =
has also acknowledged a second flaw in Reader for Unix that will be =
fixed in forthcoming Adobe Reader for Unix updates.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Until the fixes are available, Adobe =
recommends disabling JavaScript in both Reader and Acrobat by using the =
following instructions:</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><br>
1. Launch Acrobat or Adobe Reader<br>
2. Select Edit > Preferences<br>
3. Select the JavaScript Category<br>
4. Uncheck the =91Enable Acrobat JavaScript=92 option<br>
5. Click OK<br>
</div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Adobe Security Bulletins =
CVE-2009-1492 and CVE-2009-1493</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; "><<a =
href=3D"http://www.adobe.com/support/security/advisories/apsa09-02.html">h=
ttp://www.adobe.com/support/security/advisories/apsa09-02.html</a>></di=
v><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Full story:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.eweek.com/c/a/Security/Adobe-Preps-Patch-for-Zeroday-Vu=
lnerability-366529/">http://www.eweek.com/c/a/Security/Adobe-Preps-Patch-f=
or-Zeroday-Vulnerability-366529/</a>></div><div style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; ">[Article source: SANS]</div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; min-height: 16px; =
"><br></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Helvetica; =
">------------------------------------------------------------------------=
-</div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
"><span style=3D"font: 14.0px Helvetica">3. </span>Pirated Windows 7 =
Release Candidate Contains Trojan</div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Helvetica; =
">------------------------------------------------------------------------=
-</div><div style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: =
0px; margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">Reports are circulating that pirated =
versions of Windows 7 Release Candidate (RC) available on file sharing =
sites contain malware. The malware has been identified by one user =
as the Falder Trojan horse program, which plants scareware on PCs and =
uses a rootkit to evade detection by real antivirus packages. =
</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Microsoft released Windows 7 =
RC on Tuesday, May 5. Earlier this year, pirated copies of Apple's iWork =
'09 were found to contain malware that took control of Macs.</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; =
min-height: 16px; "><br></div><div style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 14px/normal Arial; ">It is recommended to always download =
software (even pre-lease software like Windows 7 RC) from trustworthy =
sources, such as the company's official download page, and not from file =
sharing sites. In addition, it is not advisable to test pre-release =
software on your primary or business computer, but on a virtual or other =
test computer.</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">Read the full story:</div><div =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 14px/normal Arial; "><<a =
href=3D"http://www.computerworld.com/action/article.do?command=3DviewArtic=
leBasic&articleId=3D9132522&source=3Drss_null17">http://www.comput=
erworld.com/action/article.do?command=3DviewArticleBasic&articleId=3D9=
132522</a>></div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 14px/normal Arial; ">[Article source: =
SANS]</div><div style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
14px/normal Arial; min-height: 16px; "><br></div><div =
apple-content-edited=3D"true"> <div style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><div><div><div><br></div></div></div></div></div><div =
apple-content-edited=3D"true"><span class=3D"Apple-style-span" =
style=3D"border-collapse: separate; color: rgb(0, 0, 0); font-family: =
Calibri; font-size: 14px; font-style: normal; font-variant: normal; =
font-weight: normal; letter-spacing: normal; line-height: normal; =
orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; =
white-space: normal; widows: 2; word-spacing: 0px; =
-webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: =
0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; "><div style=3D"word-wrap: =
break-word; -webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space; =
"><div><div><div>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D</div><div>Monique Yeaton</div><div>IT Security =
Awareness Consultant</div><div>MIT Information Services & Technology =
(IS&T)</div><div>(617) 253-2715</div><div><a =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
a></div><div><br></div><br></div></div><br></div></span><br =
class=3D"Apple-interchange-newline"> </div><br></body></html>=
--Apple-Mail-17--645856696--
--===============1923419317==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1923419317==--
