Whatever the case: Be prepared

So, this post has nothing to do with our technology, but as any IT Pro knows, you have to be prepared for just about anything. From time to time, I offer other advice that will hopefully ring true, and I think that this is such a case. Following the recent events in New Zealand and…

0

Announcement: Microsoft Security Advisory 2490606: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

This just published on TechNet’s Microsoft Security Advisories and notred on the MSRC Blog: details on Microsoft Security Advisory 2490606, Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution… Microsoft is investigating new public reports of a vulnerability in the Windows Graphics Rendering Engine. An attacker who successfully exploited this vulnerability could run arbitrary code in the…

0

Announcement: security bulletin MS10-087 update for Microsoft Office

The Microsoft Malware Protection Center has a post noting security bulletin MS10-087, which addresses a number of critical vulnerabilities in how Microsoft Office parses various office file formats. This was addressed in November, in the MS10-087 update. One of them is CVE-2010-3333, “RTF Stack Buffer Overflow Vulnerability,” which could lead to remote code execution via specially…

0

Is that really an email from the EFPTS? Don't get caught buy a phishing attempt

 So, you may be asking yourself: why is the EFTPS contacting me? And who the heck is EFTPS? It’s likely a phishing atempt. The EFPTS is a service offered free by the U.S. Department of the Treasury to help business and individual taxpayers conveniently pay all their federal taxes electronically (as noted on their website). This…

0

Did you win £450,000 in a "Microsoft Lottery"? Think again: it's a phishing attempt

I was asked today… I received a message in my email on behalf of Microsoft from the National Lottery International [stating] "A certificate of winning and other certificates including your winning cheque of Four Hundred and Fifty Thousand Great Britain Pound Sterlings has been sent to us by the claims officer of overseas Winner of…

0

Do you have strong passwords on your devices? Here's what to consider

  A friend noted today that their online email account was compromised over the weekend. I thought about my post on creating strong passwords (and passphrases) in six easy steps, which is still relevant today… There’s a good article that was recently posted on on the Microsoft Security At Home web site that outlines how…

0

Announcement: Advance notice for MS10-002 Internet Explorer out-of-band release MS10-002 with Q&A Webcast

Earlier this week, I posted a link to the Security Advisory 979352 Posted: Vulnerability in Internet Explorer Could Allow Remote Code Execution. As noted on the MSRC blog, there’s an advance notification for an out-of-band release for MS10-002… "Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing MS10-002…

0

Announcement: Security Advisory 979682 Released for Elevation of Privilege (EoP) vulnerability in the Windows kernel

Yesterday, Jerry Bryant announced here on the MSRC blog that Security Advisory 979682 Released. Click on the link for the details: essentially Security Advisory 979682 addresses an Elevation of Privilege (EoP) vulnerability in the Windows kernel, affecting all currently supported versions of 32-bit Windows. Please note that 64-bit versions of Windows, including Windows Server 2008…

0

Security Advisory 979352 Posted: Vulnerability in Internet Explorer Could Allow Remote Code Execution

As noted in Mike Reavey’s posts on The Microsoft blog and The Microsoft Security Response Center (MSRC) blog today, we have just released Security Advisory 979352. Here’s the detail from Mike Reavey’s post… Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against…

2