Archive for December, 2010

IE9 Blocks 99% of Socially-Engineering Malware

Capable of blocking 99% of all socially-engineered malware, Internet Explorer 9 is the best browser to protect users against attacks for which there’s no patch, since there are no actual code vulnerabilities targeted.

Attacks involving social engineering are designed to “exploit” users rather than actual security flaws, through a variety of techniques from offering victims the promise of cash incentives to scaring them into doing an action which will backfire and infect their computers with malicious code.

While there’s no patch for “problems” that actually sit between the chair and the computer monitor, IE9 is the next best thing, a security barrier against socially-engineered malware as close to impassible as possible.

Just 1% of social engineering attacks bypass IE9, with the browser blocking or warning customers for the rest of 99% of socially-engineered malware. Huge compared to Opera 10 for example, which lets all attacks pass.

The statistics come from NSS Labs, information security research and testing organization, which tested browser resilience against malware in the past as well.

“With a unique URL blocking score of 94% and over-time protection rating of 99%, Internet Explorer 9 was by far the best at protecting users against socially-engineered malware,” NSS Labs revealed.

IE9 has quite an advantage over IE8 as well, which block 90% of socially-engineered malware, and Microsoft reveals that responsible is the evolution of security features in Internet Explorer 9.

“Through its SmartScreen technology, Internet Explorer 8 and Internet Explorer 9 Beta help protect customers by detecting and blocking websites that distribute socially-engineered malware and phishing attacks.

“The difference in performance between IE8 and IE9 above comes from the addition of innovative features such as SmartScreen Application Reputation,” explained Roger Capriotti, Director, Internet Explorer Product Marketing.

“This new feature for Internet Explorer 9 adds an additional layer of protection by warning users when they attempt to download a higher risk application.”

Microsoft to boost security of Office 2003, 2007

Microsoft plugged 40 holes with 17 patches today and said it will improve the security of Office 2003 and Office 2007 by adding a feature to the older versions of its productivity software that opens files in Protected View.

Customers should focus on the two critical bulletins that are part of Microsoft’s monthly Patch Tuesday security update, says Jerry Bryant, group manager for response communications in Microsoft’s Trustworthy Computing Group. The first is MS10-090, a cumulative update for Internet Explorer. It fixes seven vulnerabilities in the browser and affects IE 6, 7 and 8. There have been attacks targeting IE 6 on Windows XP, Bryant said.

The other critical bulletin is MS10-091, which fixes several vulnerabilities in the Windows Open Type Font driver. It affects all versions of Windows, primarily on third-party browsers that natively render the Open Type Font, which IE does not, according to Bryant.

The other bulletins are not critical and “could potentially be put off until after Christmas,” he said in an interview with CNET. Windows (all supported versions), Office IE, SharePoint, and Exchange are affected by the bulletins. Details are in the security advisory here and in the Microsoft Security Response Center blog post.

Meanwhile, the company will be porting Office File Validation, which is currently in Office 2010, to Office 2003 and Office 2007 by the first quarter of next year, Bryant said. It will be an optional update.

The move will help protect customers from attacks that target about 80 percent of the Office vulnerabilities, Bryant said. Attackers typically create a document that uses an exploit and e-mail the maliciously crafted document to potential victims or host it on a Web site and prompt people to open it.

Office File Validation checks the file-format binary schema, such as .doc or .xls, and opens the file in a protected view if it detects a problem. “If the user wants to edit or continue to open the document then there are severe warnings about what that might mean” and that it could be dangerous.


AVG Update Keeping Some PCs From Booting

December 3, 2010 1 comment

Users running both the 64-bit edition of Windows 7 and the free AVG 2011 antivirus suite may have had a little trouble booting their PCs after a recent update. The update, which AVG released yesterday, was causing a STOP error, thus preventing PCs from booting into Windows. It’s since been pulled, but, if you’ve been stung by the bug, be prepared to break out that recovery disk.

If you need any help or support with this issue please don’t hesitate to contact us

IT Solutions Support Team 🙂

Categories: Latest News Tags: , , ,