Microsoft Security Updates for August 2015

This week on Patch Tuesday, Microsoft released fourteen security bulletins, four of which are considered critical.

Systems affected include Windows, Internet Explorer, Office, Silverlight, Microsoft .NET Framework, Microsoft Lync, and Microsoft Server Software. Some of the fixes are for Windows 10, including its newest browser Microsoft Edge. An attacker could run malicious code on an affected machine if a user visits a specially-crafted webpage, allowing access at the logged-in user level.

Be sure to accept the updates as they occur, or go to the Windows Update site. You may need to restart your machine after installing patches.

Read the story in the news.

Microsoft Security Updates for June 2015

On Patch Tuesday last week, Microsoft released eight security bulletins (MS15-056 through MS15-064). Two are labeled critical, but four address remote code execution vulnerabilities that an attacker could use to take control of a user’s machine.

Systems affected include Microsoft Windows, Internet Explorer, Microsoft Office and Microsoft Exchange Server. The security update for Internet Explorer fixes 24 vulnerabilities in the browser.

Be sure to accept the updates as they occur, or go to the Windows Update site. You may need to restart your machine after installing patches.   

Read the story in the news.

Phishing Attack List: Windows Live ID Scam

Kaspersky Lab experts are warning of a new scam that uses Windows Live ID as bait to catch personal information stored in user profiles on services like Xbox LIVE, Zune, Hotmail, Outlook, MSN, Messenger and OneDrive.

What appears to be a typical phishing email contains a link that goes to the actual Windows Live website, with no apparent attempt to get the victims’ logins and passwords. So what’s the trick?

  • After following the link and authorizing the account, users receive a prompt: an application requests permission to automatically log into the account, view the profile information and contact list, and access a list of the users’ email addresses.
  • Users who click “Yes” don’t give away their login and password credentials, but they do provide their personal information, the email addresses of their contacts and the nicknames and real names of their friends.

Scammers gained access to this technique through security flaws in the open protocol for authorization, OAuth. The collected information can be used for fraudulent purposes, such as sending spam to the contacts in the victim’s address book or launching spear phishing attacks.

Read the full story.

Microsoft Security Updates for April 2015

On Patch Tuesday this week, Microsoft released eleven security bulletins (MS15-032 through MS15-042). Four bulletins are labeled as critical and the remaining seven as important.

Systems affected include Windows client and server operating systems as well as various Office products and Internet Explorer. One of the bulletins, MS15-033, addresses a zero-day vulnerability in Microsoft Office which is currently under limited attacks on Word 2010. The bulletin also fixes two critical RCE (remote code execution) flaws that could be exploited in Office 2007 and 2010 if a user looks at an email in the Outlook preview pane.

Be sure to accept the updates as they occur, or go to the Windows Update site. You may need to restart your machine after installing patches.

Read the story in the news.

The Simda Botnet

The Simda botnet (a botnet is a network of computers infected with self-propagating malware) has compromised more than 770,000 computers worldwide in the past six months. The botnet has recently been taken down by law enforcement groups and private security companies by seizing 14 command-and-control servers located in various countries, including the US.

Simda malware takes advantage of Windows computers with unpatched software to re-route a user’s Internet traffic to websites under control by the criminals. The infected computers can also be used to install additional malware, give criminals access to harvest user credentials, or cause other malware attacks.

Read a full report on this threat in the alert released by the DHS and FBI: TA15-105A, which includes the recommended actions users can take:

  • Use and maintaining anti-virus software
  • Change your passwords
  • Keep your operating system and software up to date
  • Do a manual check of your system (or ask for assistance to do so) to see if it is infected. Microsoft has developed a free cleaning agent for Simda. If you have been infected by Simda.AT, run a comprehensive scan of your environment using Microsoft Safety Scanner, Microsoft Security Essentials or Windows Defender.

Read the story in the news here and here.

Microsoft Security Updates for March

On Patch Tuesday, Microsoft released the highest number of security bulletins in recent history with 14 bulletins containing 46 updates for March (MS15-018 through MS15-031). Systems affected are Windows and Office (whose patches are rated critical), Exchange and Internet Explorer. Not all of the updates were security-related. A break-down of what was contained in this month’s batch of updates can be found here.

Good news is that Microsoft has covered many issues, including all the open issues from the Google Project Zero list; they addressed the “FREAK” vulnerability in Windows, which can be exploited to intercept communications and downgrade encryption strength; and issued a patch to fix a flaw exploited by Stuxnet that was incompletely patched in 2010.

Be sure to accept the updates as they occur, or go to the Windows Update site. You may need to restart your machine after installing patches.

Read the story in the news.

Microsoft Security Updates for February

As mentioned in the previous article, Microsoft has updated Windows to detect the Superfish software that comes preinstalled on Lenovo computers. Windows Defender is now actively removing the software and will reset any SSL certificates that were circumvented by Superfish, restoring the system to proper working order. Users should update their version of Windows Defender and scan as soon as possible. Learn more.

Microsoft released nine bulletins for February on Patch Tuesday (MS15-009 through MS15-017). Systems affected are Microsoft Windows, Office, Internet Explorer and Server Software.

The security update for Internet Explorer patches 41 vulnerabilities. Be sure to accept the updates as they occur, or go to the Windows Update site.