SANS Internet Storm Center reported about new Microsoft Live Messenger Trojan that spreadin via network. First one is spreading with message from someone on your buddy list. Message is:

“Hot or Not? hxxp://mymsngallery.my.funpic de/viewimage.php?youremail@someplace.com”

or

“this really looks like you hxxp://mymsngallery.my.funpic de/viewimage.php?youremail@someplace.com”

Where youremail@someplace.com is your mail address. If you follow the link executable file tries to install on the computer. It is advised not to follow any links of such type and inform your online friends about this threat.

Secunia PSI application reported that 81% computers connected to the Internet runs critical versions of Adobe Reader, Apple QuickTime, Sun Java and Skype software. To be more precise versions of those programs are Adobe Reader 8.x, Apple QuickTime 7.x, Sun Java 1.5.x and Skype 3.x are vulnerable to various attacks and users are advised that upgrade them to newer versions as soon as possible.

Microsoft last Thursday released notice about its February collection of patches including seven critical flaws in Vista, Internet Explorer and Office. Most of them cover remote code executions vulnerabilities and most notable is Excel zero day vulnerability issued last month. All of these issues will be patched in February 12 Tuesday patch.

We already wrote about new upcoming Firefox patch that will fix a high severity vulnerability.. Today we got new information that Mozilla plans to release Firefox 2.0.0.12 on Feb. 7 or Feb. 8. The vulnerability, reported by the end of January can allow attackers to swipe cookies and other critical data that can leak out of Firefox via flat files such as add-ons. So, expect that Firefox will update somewhere today or tomorrow.

Adobe very quietly delivered upgrade for Adobe Reader to version 8.1.2. It is security fix and addresses a number of customer workflow issues and security vulnerabilities while providing more stability. The update includes several important security fixes, among them a few of critical severity that could be remotely exploitable. Adobe recommends users of Acrobat and Adobe Reader 8.x install the update to protect themselves.

Popular blogging platform WordPress released new version 2.3.3, patching security flaw that would allow a specially crafted request to edit posts of other users on that blog. This fix patches a hole in xmlrpc.php file so upgrade can be done by simple copying over existing xmlrpc.php file.

Yesterday Apple released new QuickTime patch to fix a arbitrary code execution vulnerability. This small vulnerability could lead to unexpected application termination or arbitrary code execution if user visits a malicious Web site. It is advised for QuickTime users to upgrade to latest 7.4.1 version.

One of most known types of Internet frauds in recent years are Advance Fee Frauds. This type of scams try to use good will of victims and persuade them to advance relatively small sums of money in the hope of realizing a much larger gain. Most common type of scam are the Nigerian Letter or 419 fraud.

The number “419″ refers to the article of the Nigerian Criminal Code dealing with the fraud and The American Dialect Society has traced the term “419 fraud” way back to 1992. So, as you can see this problem is not new.

One of earliest types of this scams are called the Spanish Prisoner fraud, back in early 1900s, where the fictional prisoner promise to share non-existent treasure with the person who would send them money to bribe their guards.

In modern variant of this scam a self-proclaimed relative of a deposed African dictator offers to transfer millions of dollars into the bank account of the mark in return for small initial payments to cover bribes and other expenses.
Read the rest of this entry »

Symantec reported about six buffer-overflow vulnerabilities that affect a number of widely distributed ActiveX controls. These issues can be used to execute code or crash the vulnerable applications. So far following applications are vulnerable: Aurigma ImageUploader4 and ImageUploader5, Yahoo! MediaGrid and Yahoo! DataGrid. Users are advised to be aware of those Active X vulnerabilities and safe browsing.

StopBadware.org the company largely funded by Google ranked RealPlayer 10.5 and 11 as a badware product because it fails to accurately and completely disclose the fact that it installs advertising software on the user’s computer. Along with RealPlayer software such as Jessica Simpson Screensaver, Fake-Mailer, Drive Cleaner 2006 and WinAntiVirus 2006 are ranked as badware. Users are advised not to install install the versions of RealPlayer software that StopBadware.org tested unless you are fine with ads and unpredictable software behaviors.