Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution – Version: 13.0
Revision Note: V13.0 (December 13, 2011): Added the following Microsoft Security Bulletins to the Updates relating to Insecure Library Loading section: MS11-099, “Cumulative Security Update for Internet Explorer;” and MS11-094, “Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution.”
Summary: Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries.
Microsoft Security Advisory (2639658): Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege – Version: 2.0
Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-087. The vulnerability addressed is the TrueType Font Parsing Vulnerability – CVE-2011-3402.
Could targeted attacks be avoided?
This could be a long blog post, but I’ll try to make it short. However, for those of you that are lazy, here you can read the answer to the question, and the ones interested on the whole story (I will make it short, I promise) just follow the * mark: NO (*) (*): One [...]—
read the article
Fake Cloud AV 2012
There is a new friend in the village. Many people thought that the fake antivirus (aka rogueware) business had decreased, and it was true that for a few months rogueware infections were not that prevalent, mainly due to the efforts made by law enforcement with the help of security companies, but it was a matter [...]—
read the article
Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing – Version: 2.0
Revision Note: V2.0 (November 16, 2011): Revised to announce the rerelease of the KB261690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary.
Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when broken, could allow an attacker to use the certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.