ID: IRCNE2011101286
Date: 2011-10-12

According to “ZDNet”, cybercriminals are quick to capitalize on the death of Steve Jobs.
Security researchers from M86 Labs have intercepted a currently spreading malware campaign using Steve Jobs as a social engineering theme.
Sample subjects used in the campaign:
Steve Jobs Alive!; Steve Jobs Not Dead!; Steve Jobs: Not Dead Yet!; Is Steve Jobs Really Dead?
Upon clicking on the links the visitors are redirected to a obfuscated malware-serving page, courtesy of a popularweb malware exploitation kit known as the BlackHole exploit kit. The exploit kit attempts to exploit popular client-sidevulnerabilities in installed applications or browserplugins.
Users are advised not to interact with suspicious emails, or spamemails in general.

ID: IRCNE2011101285
Date: 2011-10-12

According to “ZDNet”, Apple has shipped iTunes 10.5 to fix mountains of security problems that expose Windows users to dangerous hacker attacks.
The security patch, available for Windows 7, Windows Vista and Windows XP SP2, fixes a total of 79 documented vulnerabilities. The most serious of these flaws could allow remote code execution attacks via booby-trapped image or movie files.
The bulk of the vulnerabilities affect the open-source WebKit rendering engine that powers the iTunes Store and iTunes LP.
Details on the vulnerabilities can be found in this Apple security advisory.
iTunes 10.5 is being distributed via the Windows software update utility. Alternatively, it can be downloaded directly from the iTunes web page.

ID: IRCNE2011101284
Date: 2011-10-12

Computerworld - Two of the updates were labeled "critical," Microsoft's most-serious threat ranking, while the other six were rated "important," the next-most-severe tag.
All but eight of the vulnerabilities -- which were tagged to IE -- affected one or more editions of Microsoft's client or server versions of Windows. Of the 23 total bugs, nine were rated critical, 13 were pegged important and one was marked "moderate."
The two critical updates -- MS11-081 for IE, and MS11-078 for .Net and Silverlight -- were the two called out by Microsoft and consistently by outside researchers as the pair to apply first.
"It's no surprise that IE is at the top of the list," said Storms. Microsoft typically patches its browser every other month, and last updated IE in August.
One of the eight critical vulnerabilities in the IE update affected just IE9, which shipped last March. Microsoft has patched IE9 before today, but this is the first it's needed to fix a flaw specific to only that edition.
The IE9-only vulnerability is in that edition's version of a JavaScript DLL (dynamic link library) used by that browser.
As usual, the IE vulnerabilities could be exploited by hackers with a classic "drive-by download" style of attack simply by convincing users to steer for a malicious website.
Other researchers agreed that MS11-081 should be deployed immediately. "Every time you see one of these [IE] updates, you need to patch them immediately," said Jason Miller, of VMware's research and development team.
The second consensus top-pick was the update for .Net -- a Windows-centric software framework -- and Silverlight, a Microsoft application framework for content-intensive websites and online applications.
Like the IE update, MS11-078 can be exploited by attackers who dupe users into visiting a malicious website. Worse, the flaw could be exploited by hackers targeting not just IE users, but Mac owners running a browser with the Silverlight plug-in, or Windows users running the plug-in within Apple's Safari, Google's Chrome or Mozilla's Firefox.
"By my reading of the bulletin, it's cross-browser and cross-platform," said Miller.
Microsoft updated its Mac Silverlight plug-in separately; users should immediately download and install the newest version from the Silverlight website.
Storms highlighted MS11-078 if only because of its novelty. "We're used to the IE bugs, but [MS11-078] has three different attack vectors, and the Web hosting one has high potential for exploitation," Storms said.
"If a Web hosting environment allows users to upload custom ASP.NET applications, an attacker could upload a malicious ASP.NET application that uses this vulnerability to break out of the sandbox used to prevent ASP.NET code from performing harmful actions on the server system," said Microsoft in its accompanying bulletin.

شماره: IRCNE2011101283
تاريخ: 17/7/90

اگر شما از مرورگر Google Chrome استفاده مي­كنيد مي­توانيد آسوده باشيد، زيرا گوگل اخيرا يك به روز رساني بي سر و صدا براي 7 آسيب پذيري در مرورگر خود عرضه كرده است.
اكنون نسخه پايدار Chrome 14.0.835.202 براي سيستم­هاي ويندوز، مكينتاش و لينوكس در دسترس بوده و ترميم­هاي امنيتي و پايداري را به همراه يك نسخه جديد Adobe Flash Player 11، به كاربران ارائه مي­دهد. 7 آسيب پذيري امنيتي در اين به روز رساني اصلاح شده اند كه 6 آسيب پذيري در رده امنيتي «خطرناك» و يك آسيب پذيري در رده امنيتي «بسيار خطرناك» قرار دارند.
نقص امنيتي «بسيار خطرناك» اصلاح شده در اين به روز رساني، يك مساله تخريب حافظه معرفي شده است. اين نقص توسط يكي از اعضاي جامعه توسعه دهندگان Chromium كشف شده است.
شش آسيب پذيري «خطرناك» اصلاح شده در اين به روز رساني نيز شامل مسائلي در مديريت گره صوتي، دو مساله استفاده پس از آزادسازي حافظه، يك مساله تخريب حافظه مرتبط با موتور جاوااسكريپت v8، يك مساله در مديريت متن SVG و نيز يك نقص cross origin مي­باشد.
تمامي به روز رساني­هاي Chrome 14.0.835.202 از طريق مكانيزم به روز رساني بي سر و صداي گوگل به كاربران ارائه خواهد شد. اين نوع به روز رساني در پس زمينه انجام شده و و اعمال آن، نيازمند هيچگونه عملي از طرف كاربر نيست. اين روشي است كه باعث مي­شود كاربران Chrome همواره به روز باشند.

شماره: IRCNE2011101282
تاريخ: 17/7/90

روز پنجشنبه غول جستجوگر جهان، يك سرويس جديد به نام هشدارهاي مرور امن (Safe Browsing Alerts) را براي مديران شبكه ارائه كرد.
اين سرويس اجازه مي­دهد مديران شبكه بتوانند شبكه هاي تحت مديريت خود را در مورد محتواي خرابكارانه نظارت نمايند؛ و نكته بسيار مثبت در مورد اين سرويس اين است كه مرور امن براي مديران شبكه، رايگان است. اين سرويس كه بدوا سال گذشته توسط گوگل معرفي شده بود، اكنون آماده بهره برداري است.
مديران شبكه مي­توانند اين سرويس را از سايت گوگل دريافت نمايند.

ID: IRCNE2011101283
Date: 2011-10-09

If you're running the Google Chrome browser, rest easy, Google just silently updated it for seven security vulnerabilities.
According to “ESecurityPlanet”, Google Chrome stable version 14.0.835.202 is now available for Windows, Mac and Linux providing security and stability fixes as well as a new integrated version of Adobe Flash Player 11. On the security front, there were seven fixes, six rated as being High impact and one rated as Critical.
The critical flaw is identified by Google as being a memory corruption issues in the shader translator. The flaw was discovered by Zhenyao Mo of the Chromium development community.
The other six high impact flaws include a flaw related to Lifetime and threading issues in audio node handling, a pair of use-after-free memory issues, a memory corruption flaw with the v8 JavaScript engine and a stale font issue with SVG text handling. Beyond the memory related issues there is also a high impact cross origin flaw.
All the updates to Chrome 14.0.835.202 are delivered to users by way of Google's silent update mechanism. The silent update occurs in the background and does not require any user action in order to occur. It's a method that keeps Chrome users current.

ID: IRCNE2011101282
Date: 2011-10-09

According to “ZDNet”, on Thursday, the search giant announced the availability of a new service Safe Browsing Alerts for Network Administrators.
Basically, the service allows network administrators to monitor the networks they manage for malicious content. And best of all - the service is free. Originally announced by Google last year, the service is apparently ready for prime time.
Network administrators can claim their AS (Autonomous System) in the Google website.

شماره: IRCNE2011101281
تاريخ: 16/07/90

در يك بازه زماني سه ماهه، محققان CSIS به بررسي و نظارت 50 ابزار سوءاستفاده متفاوت بر روي 44 سرور يكتا پرداختند. آنها در نتيجه تحقيق مذكور دريافتند كه 31.3 درصد آلودگي ها به علت عدم نصب اصلاحيه هاي امنيتي اتفاق افتاده است. در واقع كاربراني بيشتر در معرض خطر بوده اند كه از نسخه هاي قديمي تر برنامه هاي كاربردي و افزونه هاي مرورگرها استفاده مي كرده اند. در بين نرم افزارهاي مورد استفاده كاربران اينترنت، جاوا JRE، 37 درصد بيشترين برنامه هاي كاربردي آسيب پذير را به خود اختصاص داده است و پس از آن Adobe Reader/Acrobat با 32 درصد و Adobe Flash با 16 درصد قرار دارند.
كارشناسان امنيتي به كاربران هشدار مي دهند كه نه تنها از يك آنتي ويروس خوب استفاده كنند بلكه به صورت مرتب و مدارم براي نصب اصلاحيه هاي امنيتي سيتم عامل و نرم افزارهاي كاربردي خود اقدام نمايند.

شماره: IRCNE2011101280
تاريخ: 16/07/90

مايكروسافت طبق روال هميشگي سه شنبه دوم هر ماه ميلادي يك اصلاحيه امنيتي را منتشر ميسازد تا چندين حفره امنيتي را در نرم افزارهايي كه ده ها ميليون كاربر دارند، اصلاح نمايد. در اصلاحيه ماه اكتبر هشت بولتن امنيتي منتشر خواهد شد تا حداقل 23 آسيب پذيري را كه بر روي IE، سيستم عامل ويندوز، .NET ، Silverlight، Forefront UAG و Microsoft Host Integration Server اثر مي گذارند، برطرف نمايند.

دو عدد از هشت بولتن امنيتي كه بر IE، ويندوز و .NET اثر مي گذارند، برچسب "بسيار مهم" را دريافت كرده اند كه بالاترين درجه اهميت در فرهنگ لغات مايكروسافت است. مايكروسافت معمولاً اين برچسب را براي اصلاح آسيب پذيري هاي بسيار خطرناك اختصاص مي دهد كه منجر به حملات اجراي كد از راه دور بدون نياز به دخالت كاربر مي شوند.

شش بولتن امنيتي ديگر برچسب "مهم" را دريافت كرده اند. برخي از اصلاحيه هاي مذكور نيازمند راه اندازي مجدد سيستم بعد از نصب اصلاحيه هستند.

According to the ZDnet Microsoft’s monthly security patch will issue next Tuesday with fixes for gaping security holes in software products used by tens of millions of computer users.
In all, the Redmond, Wash. software maker will ship 8 security bulletins to address at least 23 documented vulnerabilities affecting the Internet Explorer browser, the Microsoft Windows operating system, .NET Framework and Silverlight, Microsoft Forefront UAG, and Microsoft Host Integration Server.
Two of the eight bulletins –affecting IE, Windows and .Net Framework and Silverlight — will be rated “critical,” Microsoft’s highest severity rating. Microsoft typically slaps a “critical” rating on vulnerabilities that can be exploited remotely to launch code execution attacks without any user action.
The other six bulletins will be rated “important,” according to an advance notice from Microsoft.
Some of these patches will require a restart after the affected machine is updated.