Insecure Applications: We Are The 84 Percent!

You only have to glance at the headlines to know that the
state of computer application security is bad. But a new
report from Veracode makes clear how bad: just 16 percent of
almost 10,000 applications tested in the last six months
received a passing security grade on their first attempt.

קבצים מצורפים:

 

Security Patches

MS11-087/KB2639417 - Critical (XP, Vista, W7, 2003, 2008,
2008R2): This patch fixes an issue with TrueType font
handling that could allow remote code execution attacks.
Not only can this be triggered through documents, but also
Web pages, so you should install the patch immediately.
Warning: there are known issues with this patch, and one
of them indicates that Office won’t be able to generate
PDFs anymore, as will a number of other applications!

MS11-088/KB2652016 - Important (Office 2010): If you use
the Chinese version of Office or the Pinyin input system,
there is a way to use it to escalate privileges. You
should install this patch if you use these Office
products.

MS11-089/KB2590602 - Important (Office 2007, Office 2010,
Office for Mac 2011): Opening a Word document can lead to
remove code execution attacks with the logged on user’s
privileges. Because of the commonality of Word documents,
I suggest that you treat this as critical and install the
patch as soon as you can.

MS11-090/KB2618451 - Critical (XP, 2003): This is a
cumulative update for the ActiveX Kill Bits system.
Install it when you normally would.

MS11-091/KB2607702 - Important (Office 2003, Office 2007):
Microsoft Publisher files can be used to exploit a remote
code execution vulnerability, and this patch closes the
hole. If you use Publisher, install this patch.

MS11-092/KB2648048 - Critical (XP, Vista, W7): The Windows
Media Player and Media Center applications are vulnerable
to remote code execution attacks when opening up Microsoft
Digital Video Recording files. You should install this
patch as soon as you can.

MS11-093/KB2624667 - Important (XP, 2003): Attacks can be
made with the OLE system to perform remote code execution
attacks. Since OLE is easily done with Office files, I
suggest that you install this patch immediately.

MS11-094/KB2639142 - Important (Office 2007, Office 2010,
Office 2008 for Mac, Office 2007 Compatibility Pack,
PowerPoint Viewer 2007): More remote code execution
vulnerabilities, this time with PowerPoint. Again, patch
ASAP since PowerPoint is so common.

MS11-095/KB2640045 - Important (XP, 2003, Vista, W7, 2003,
2008, 2008 R2): A variety of Active Directory related
technologies (Active Directory itself, AGAM, and AD LDS)
have vulnerabilities with how they handle data, allowing
an attacker to access them with an application that can
perform remote code execution attacks. The attacker needs
to be able to log on to Active Directory, which reduces
the impact a good bit. You should install this patch on
your normal patch cycle.

MS11-096/KB2640241 - Important (Office 2003, Office 2004
for Mac): More remote code execution vulnerabilities, this
time with Excel files. Install this patch as soon as you
can.

MS11-097/KB2620712 - Important (XP, Vista, W7, 2003, 2008,
2008 R2): An issue with the Windows client/server run-time
can allow a logged on user to run an attack application to
escalate privileges locally. This is a lower priority
issue and the patch can wait until your normal time.

MS11-098/KB2633171 - Important (XP, Vista, W7, 2003,
2008): This bug is a bit unique, in that it only affects
32-bit versions of Windows. In this case, a vulnerability
allows a locally logged on user to run an application and
get higher level privileges. Install the patch on your
usual cycle.

MS11-099/KB2618444 - Low to Important (IE6, IE7, IE8,
IE9): This is a cumulative update for Internet Explorer,
fixing three vulnerabilities. None of the exploits it
fixes are absolutely horrible, but you will want to patch
it immediately since you can be sure that folks will try
to exploit them as soon as they can. Warning: There is a
known issue with this patch, where doing a “Select All” in
one page and then trying to paste back into IE will cause
it to not work.

Other Updates

KB2633952 - Daylight Savings Time update.

“The Usual Suspects”: Updates to the Malicious Software
Removal Tool (14.7 - 15.1MB) and the Junk Email Filter
(2.1MB).

Changed, but not significantly: None.

Updates since the last Patch Tuesday

There were no security updates released out-of-band.

Minor items added or updated since the last Patch Tuesday:

KB931125 - Root certificate update

KB2641690 - Update to prevent spoofing through fraudulent
certificates

Microsoft says:

We may change or discontinue certain apps or content offered
in the Windows Store at any time, for any reason. Sometimes,
we do so to respond to legal or contractual requirements. In
cases where your security is at risk, or where we’re
required to do so for legal reasons, you may not be able to
run apps or access content that you previously acquired or
purchased a license for.

http://www.mcafee.com/us/downloads/free-tools/getsusp.aspx

GetSusp

McAfee GetSusp is intended for users who suspect
undetected malware on their computer. GetSusp eliminates
the need for deep technical knowledge of computer systems
to isolate undetected malware. It does this by using a
combination of heuristics and querying the McAfee Global
Threat Intelligence (GTI) file reputation database to
gather suspicious files.

GetSusp is recommended as a first tool of choice when
analyzing a suspect computer. However, one must follow the
existing McAfee support process for escalating suspicious
files it finds.

Allowing acceptable ads in Adblock Plus

What is this about?

Starting with Adblock Plus 2.0 you can allow some of the
advertising that is considered not annoying. By doing this
you support websites that rely on advertising but choose
to do it in a non-intrusive way. And you give these
websites an advantage over their competition which
encourages other websites to use non-intrusive advertising
as well. In the long term the web will become a better
place for everybody, not only Adblock Plus users. Without
this feature we run the danger that increasing Adblock
Plus usage will make small websites unsustainable.

Why is this feature enabled by default?

Because that's unfortunately the only way to reach the
goals outlined above. If we ask users to enable this
feature then most of them won't do it — simply because
they never change any settings unless absolutely
necessary. However, advertisers will only be interested in
switching to better ways of advertising if the majority of
Adblock Plus users has this feature enabled.

But I hate all ads!

No problem, you can disable this feature at any time.
Click the Adblock Plus icon and choose "Filter
Preferences" from the menu. Uncheck "Allow non-intrusive
advertising" and you are done.

Which ads are "acceptable"?

We currently have the following requirements:
Static advertisements only (no animations, sounds or
similar)
Preferably text only, no attention-grabbing images
At most one script that will delay page load (in
particular, only a single DNS request)
These criteria are not final, we are working on improving
them. In particular, we want to require that user's
privacy is respected (mandatory Do Not Track support).
However, we are not yet in a position to enforce that
requirement......

https://adblockplus.org/en/acceptable-ads