Microsoft Security Advisory (2488013): Vulnerability in Internet Explorer Could Allow Remote Code Execution – 2/8/2011
Revision Note: V2.0 (February 8, 2011): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-003 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-003. The vulnerability addressed is the CSS Memory Corruption Vulnerability – CVE-2010-3971.
Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution – 2/8/2011
Revision Note: V2.0 (February 8, 2011): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-006 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-006. The vulnerability addressed is the Windows Shell Graphics Processing Overrun Vulnerability – CVE-2010-3970.
Microsoft Security Advisory (967940): Update for Windows Autorun – 2/8/2011
Revision Note: V2.0 (February 8, 2011): Summary and update FAQ revised to notify users that the 971029 update to Autorun that restricts AutoPlay functionality to CD and DVD media will be offered via automatic updating. Advisory Summary:Microsoft is announcing the availability of updates to the Autorun feature that help to restrict AutoPlay functionality to only CD and DVD media on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Restricting AutoPlay functionality to only CD and DVD media can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a USB flash drive, network shares, or other non-CD and non-DVD media containing a file system with an Autorun.inf file.
Microsoft Security Advisory (2501696): Vulnerability in MHTML Could Allow Information Disclosure – 1/28/2011
Revision Note: V1.0 (January 28, 2011): Advisory published. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities. Microsoft is aware of published information and proof-of-concept code that attempts to exploit this vulnerability. At this time, Microsoft has not seen any indications of active exploitation of the vulnerability.
Cyber-crime black market undercovered
The first time I performed a somehow deep research on the black market was back in 2007. At that time, most of it was about selling-buying Trojans, infection kits, and of course stolen data, such as bank and credit card details stolen from users around the world. A few years later I thought it was [...]—
read the article