Symantec Corporation
Microsoft on Tuesday released two security bulletins to fix eight bugs in its Windows and Microsoft Office software. Both bulletins are rated important, but analysts said many of the vulnerabilities could potentially be more severe if exploited.
Joshua Talbot, security intelligence manager at Symantec Security Response, is concerned that in many enterprise environments, Windows XP is still common, and these vulnerabilities are more serious on XP and older systems.
Older versions of Internet Explorer are under attack. Microsoft warned Tuesday afternoon that cybercriminals are actively exploiting a security vulnerability that lets attackers execute malicious code from remote locations.
Microsoft's internal investigation reveals that the latest version of the browser, Internet Explorer 8, is not affected. Likewise, Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected.
Some Windows PC users may hope the Energizer bunny didn't keep going and going. It turns out the Energizer DUO USB battery charger is a vehicle for attacks on PCs, according to the Department of Homeland Security's Computer Emergency Readiness Team.
US-CERT researchers said Friday that the software that installs with the Energizer charger contains a Trojan horse that gives malicious hackers a back door into Windows machines.
Data security issues dominated the CeBIT trade fair, which began a five-day run in Germany Tuesday with its main focus on business software to run banks, laboratories, warehouses and other enterprises.
Anti-virus company Symantec warned that malware -- software designed to cause damage -- was now mounting 8 million attacks daily against Internet users, while 13,000 new Web sites went online every day with spyware waiting to catch out visitors.
Microsoft on Tuesday patched 26 vulnerabilities in 13 security bulletins. Eleven bulletins affect Windows and two affect older versions of Microsoft Office.
Although there's plenty of attention to a critical vulnerability in DirectShow, the SMB pathname overflow vulnerability tops Joshua Talbot's list this month. Talbot is a security intelligence manager at Symantec Security Response.
Tech-security companies are poised to become Wall Street darlings this year, thanks in part to Google's tiff with China.
Last month, the search giant threatened to pull out of China because of censorship and a distinctive cyberespionage attack on itself and some two dozen other tech, financial and media companies.
The Google-China affair has reinforced an already positive outlook for 2010 stock price performance of major security vendors, such as McAfee, Symantec and Check Point, says Daniel Ives, analyst at FBR Capital Markets.
- Login to post comments
- Read more
- Freenewsfeed
- Source
- analyst
- Brent Thill
- Check Point
- Check Point Holding (Singapore) Pte Ltd
- China
- Daniel Ives
- FBR Capital Markets
- FBR Capital Markets Corporation
- federal agencies
- Google Inc.
- I.D.C. Holding a.s.
- IDC
- information-technology
- market researcher
- McAfee
- McAfee, Inc.
- media
- Mike Carpenter
- search giant
- Symantec
- Symantec Corporation
- UBS
- UBS AG
- USD
Just when you thought it was safe to go back into the Internet Explorer browser waters, a new threat has emerged despite Microsoft's speedy out-of-band security patch. Symantec has confirmed a new exploit for the security hole used in the recent high-profile attacks against Google and other companies. The new exploit is in the wild and IT administrators who haven't applied Thursday's emergency patch are at risk.
The new threat is not the same Trojan.Hydraq malware that was used in the recent attacks against Google.
- Login to post comments
- Read more
- Freenewsfeed
- Source
- Adobe Systems
- Adobe Systems Inc
- Andrew Storms
- API
- czar
- director of security operations
- director of security operations at nCircle: Breaches like the ones
- Google Inc.
- HTML
- HTML
- Internet community
- Internet Explorer process
- Josh Talbot
- Obama Administration
- security intelligence manager
- security products
- Symantec
- Symantec Corporation
Microsoft released a rare out-of-band patch Thursday morning. The emergency patch fixes the Internet Explorer zero-day security vulnerability that hackers have used in several high-profile targeted attacks, including the recent Trojan.Hydraq cyberattacks waged against Google and other large U.S. companies.
- Login to post comments
- Read more
- Freenewsfeed
- Source
- director of Business Development at Lumension
- Don Leatham
- Internet Explorer
- Joshua Talbot
- Microsoft
- Microsoft Corporation
- security intelligence manager
- senior director of Business Development
- Sennheiser IE 6 Headphone/Headset
- Sennheiser IE 6 Headphone/Headset
- Symantec
- Symantec Corporation
- Windows 7
- Windows Vista
- Windows XP
Microsoft released a rare out-of-band patch Thursday morning. The emergency patch fixes the Internet Explorer 6 zero-day security vulnerability that hackers have used in several high-profile targeted attacks, including the recent Trojan.Hydraq cyberattacks waged against Google and other large U.S. companies.
- Login to post comments
- Read more
- Freenewsfeed
- Source
- director of Business Development at Lumension
- Don Leatham
- Internet Explorer
- Joshua Talbot
- Microsoft
- Microsoft Corporation
- security intelligence manager
- senior director of Business Development
- Sennheiser IE 6 Headphone/Headset
- Sennheiser IE 6 Headphone/Headset
- Symantec
- Symantec Corporation
- Windows 7
- Windows Vista
- Windows XP
Do-it-yourself cybercrime kits are driving a surge in Internet-borne computer infections.
DIY kits have been a staple in the cyberunderground for some time. But now they've dropped in price and become more user-friendly.
"If you know how to download music or a movie you have the necessary experience to begin using one of these kits," says Gunter Ollman, senior researcher at security firm Damballa.
- Login to post comments
- Read more
- Freenewsfeed
- Source