Highlighted
ky331
Diamond

Updates 4/10/12 - ''Microsoft/Adobe Tuesday'', Sandboxie

Today is "Microsoft Tuesday" --- the SECOND Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows/critical security updates.   Based on previous history, they should become available at 1 PM [USA - Eastern Daylight Saving Time].

Please use Windows/Automatic updates to determine which updates --- if any --- are applicable to your particular system.

==============================================

Today is also [a quarterly] "Adobe Tuesday":   Adobe is planning to release security updates for Adobe Reader/Acobat X (10.1.2).

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
5 Replies
ky331
Diamond

Re: Updates 4/10/12 - ''Microsoft/Adobe Tuesday''

The following updates are rated CRITICAL:

MS12-023 Cumulative Security Update for Internet Explorer (2675157) 

MS12-024 Vulnerability in Windows Could Allow Remote Code Execution (2653956) 


MS12-025 Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)

MS12-027 Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)

================= ==================

The following updates are rated IMPORTANT:

MS12-026 Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860) 

MS12-028 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185) 



 

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
Diamond

Re: Updates 4/10/12 - ''Microsoft/Adobe Tuesday''

Windows Malicious Software Removal Tool (MSRT) for APRIL, version 4.7

32-bit for Win 7/Vista/XP/Server2003 http://www.microsoft.com/download/en/details.aspx?id=16

x64-bit version http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=9905

 

This month's tool adds detection/removal of:

Win32/Claretore - "a trojan that injects malicious code into Windows processes to interecept web browser communication, and may monitor user activity and send stolen information to a remote website. The trojan could also redirect the web browser to an attacker-specified URL".

Win32/Bocinex - "a family of malware that launches a Bitcoin mining client, detected as Program:Win32/CoinMiner. The client is configured to attribute newly generated Bitcoin digital cash, or "BTC", to an attacker's Bitcoin account".

Win32/Gamarue - "a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user".

EDIT:  for additional information onWin32/Claretore, see  http://blogs.technet.com/b/mmpc/archive/2012/04/10/msrt-april-2012-win32-claretore.aspx

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
Diamond

Re: Updates 4/10/12 - ''Microsoft/Adobe Tuesday''

Adobe Reader X for Windows

Sequential update (from 10.1.x) to 10.1.3  http://www.adobe.com/support/downloads/detail.jsp?ftpID=5358

for details of this update:   http://helpx.adobe.com/content/dam/help/attachments/Acrobat_Reader_ReleaseNote_10.1.3.pdf

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
Diamond

Re: Updates 4/10/12 - ''Microsoft/Adobe Tuesday''

For what it's worth:   Today's Adobe Reader updates its included version of Flash Player ( authplay.dll ) to version 10.3.183.18.   As we are aware, the latest series/version of Flash is 11.2.202.228.   For whatever reason, it seems that some people can't (or don't want to??) upgrade Flash from the older 10.x series to the newer 11.x series, and as such, Adobe doesn't want to force the issue... I've found the following statement in Adobe Security Bulletin apsb12-07:

"For users who cannot update to Flash Player 11.2.202.228, Adobe has developed a patched version of Flash Player 10.3, Flash Player 10.3.183.18"

[See the second paragraph under SOLUTION  http://www.adobe.com/support/security/bulletins/apsb12-07.html ]

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
Diamond

Re: Updates 4/10/12 - ''Microsoft/Adobe Tuesday''

Sandboxie 3.6.8

This bug fix release addresses several issues that were reported shortly after the release of version 3.66.

Use the internal updater... or download the program from http://www.sandboxie.com/index.php?DownloadSandboxie

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent, Secunia PSI.

[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos