Posts Tagged ‘Malware’
July 14th, 2009 | 
Author: According to Microsoft Security Advisory – 973472, a zero-day hole in Office Web Components ActiveX Controls could allow an attacker to execute malicious code remotely. This happens on Internet Explorer that has the ActiveX Control enabled.
The ActiveX is used to display and publish spreadsheets, charts and databases to websites. There is no patch yet issued for this hole. However, Microsoft recommends certain manual steps to prevent the attack.
Microsoft recommends defaults settings of IE in Windows Server 2003 and Windows Server 2008 as it will prevent the an IE user on such servers from downloading such malicious contents.
Users of Microsoft Outlook and Outlook Express are safe if they are operated in the Restricted Sites Zone.
The web based attacked is not possible unless an IE user is forced to use a website infected with the malicious content. So beware of spams and phishing emails.
Once compromised, the IE user machine provides local admin rights to the remote attacker. Users with few local admin rights on the computer will have low impact.
Posted in 
Tags: 
Its vacation in North America; so is the case in many other parts of the world. Some are travelling while others take short breaks from work to enjoy the summer treats. In travel, we may be forced to use public internet kiosk or WIFI.
During this time, school goers are spending more time on the internet, movies and TV during this time. It’s that time of the year when we have more visitors at home and may end up using our computers.
So what’s the problem? Well, Fortinet – a threat management vendor issued a report stating that June 2009 marks the highest rate of phishing attack to date. Isn’t that obvious considering this time of the year and the economic conditions? Those who are out of work may adopt jobs for the phishers and spammers; while others are looking for the best deals on the internet.
Most of the Trojans are hosted on gaming sites that many visit more often during this time of the year. Get a personal firewall and anti virus software for computers used for such purpose. Your ISP may provide you these softwares for free. Ensure that they are up to date with signatures. Some browsers have the capability to subscribe to blacklists, which when subscribed blocks access to such websites.
You may get flaky deals by email phishing for your personal information. In this economic downturn, people are desperate to take on any good deals available on the internet – good target for phishers and spammers. Some emails are designed in such a way they are authentic coming from your bank requesting you to update your information. How did strangers get your email in the first place? Remember your honorable posts on the internet with your powerful email address at the end. Turn on your email spam guards to avoid such phishing attacks.
When you are travelling, try to avoid public kiosks and WIFI – they could be hosting such malicious software and could be part of a large botnet. Do not access your financial accounts from such places. If possible always keep a small netbook for such use in travel.
At home, try to have a separate secure computer that you can use for accessing financial accounts. Or it could be the other way around – keep a separate computer for your entertainment and gaming access which will not be used for accessing financial accounts. Not many are fortunate to have multiple computers at home. So, as I mentioned earlier, try to have anti virus and anti malware software with a personal firewall on your computer.
It’s reported 22 percent of the reported activity comes from south of my border – the US; while there is significant proportion of attacks originating from Singapore, Japan and China.
I think the trend is expected to grow until this economic condition gets better.