Mozilla Foundation has released updates for Firefox
Updates are now available for the Firefox web browser (version 2.x and 3.x) to address a vulnerability that occurs when the browser is launched
from the command line. Updates also address a pair of critical vulnerabilities that have been written about recently. These last two
vulnerabilities were part of the Safari "carpet bomb" bug that created a "blended" threat to Microsoft Windows users who had
both Apple Inc.'s Safari browser and Firefox installed on the same system as well as Internet Explorer.
If you use Firefox, you should immediately update your browser to the latest version.
Opera Patches Their Browser
Opera Software ASA has patched the newest version of their browser software (version 9.5) for the first time to fix several flaws.
The update patches bugs in the Windows, Mac OS X and Linux editions.
If you use Opera, you should immediately update your browser to version 9.5.1.
Apple Issues Security Update for Mac OS X
Apple has released the fourth security update this year for its Mac OS X operating system. This patches 25 vulnerabilities, nearly
half of them considered critical. It also updated Safari for the Mac.
If you are running Mac OS X, you should immediately update to version 10.5.4.
Zone Alarm Update Released
Zone Alarm has released a new version to address an issues in the way the latest Microsoft Security Bulletin affected Zone Alarm.
UPS Warns of Fake E-mails with Real Virus
United Parcel Service (UPS) issued a warning Tuesday about fake UPS e-mails that have a real computer virus attached. The e-mails
claim to be from “UPS Packet Service” and state that the person receiving the e-mail sent a parcel that could not be delivered
because of an incorrect address. The e-mail instructs the reader to open an attachment that contains a copy of the invoice. The
attachment, though, instead contains a virus that can wreak havoc on a computer, according to comments posted on the Yahoo!
Answers Web site.
In a notice posted on its Web site, UPS said it is aware of the fake e-mail and recommends that anyone receiving
it delete it without opening the attachment..
Attackers Target Zero-day Microsoft Word Bug
Microsoft reports a new vulnerablity that affects only Word 2002, Service Pack 3. At this point Microsoft
belives this is not affecting other Word versions but they are still investigating and others could in fact be affected.
For the attack to work a user must open a malicious e-mail attachment or visit a rogue website that hosts the vulnerability.
Successful exploitation could result in remote execution of programs on your computer by the criminals.
Until a patch is released, be careful not to open any Word attachments that you did not expect to receive. If you recieve a
Word document that you think is possibly legitimate, take a moment to contact the sender to verify that they sent it.
New Trojan Targeting Multimedia Files
There is a new Trojan in the wild that targets multimedia files. When you attempt to run one of these infected files you are prompted
to install a new codec (an application to help play the multimedia file). This "codec" is in fact a trojan that embeds malware into
multimedia files on your computer (such as MP3, WMA music files, WMV video files, etc.).
When the user plays any of these infected files, no sign of the compromise will show up so you will not know you've been infected.
This new Trojan is now part of most antivirus application signature files. Make sure your antivirus is actively running
and all signature files are up to date.
Homer Simpson Spreading Malware
A malware research director at FaceTime has reported that a Simpsons screen name is sending auto-reply messages promising a
special exclusive episode of the show available for download. The link in the message leads to an executable file. On launching
the Trojan, the user is presented with a fake error message followed by several real error messages and finally a blank screen. On
restarting, the user’s system will run noticeably slower and be prone to crashes. The malicious payload includes a rootkit and
remote control software which logs the user in a botnet.
Again, make sure your antivirus is running and is up to date. And don't trust email from Homer Simpson!
US Military Actions Used to Spread Malware
We are seeing a new wave of spam messages that announce an alleged attack of the U.S. Army against Iran in order to trick users
into downloading and installing malicious software onto their personal computers. The webpage hosting the piece of malware –
dailydotnews.com – is a simple, yet efficiently designed site with a top banner, a simple picture masquerading as a YouTube player
and three lines of text detailing the U.S. operation in Iran. This spam approach is used on large scale as the spammer relies on a
catchy heading and a link to the piece of malware in order to fuel users’ curiosity and trick them into downloading the piece of
malware. “The new spam wave relies on computer users’ curiosity regarding the conflict between the United States and Iran. Users
are redirected to a fake news website, where they are shown a larger, inciting description accompanied by a movie player,” said a
BitDefender Spam analyst. “However, the alleged flash movie is an image depicting a movie player; when clicked, the image gives
users a ‘Save image as’ option.” Upon clicking on either the “movie” or the top banner, the user starts the download process of a
piece of malware, called “iran_occupation.exe.” The file contains the same malicious code infecting the user with the Storm Worm.
The authors have used timing to their advantage, as the recent tensions in the Middle East between the U.S. and Iran have been
escalating.
We are seeing many new varieties of this type of fraudulent email or website recently. All of them use the same tactics - using current events
or fake headlines to induce users to open a web site or download an attachment.
Be vigilant and skeptical of any of these types of emails or headlines - and remind your vulnerable friends and relations
to be aware of these types of scams.
