Spyware, Viruses, & Security forum


NEWS - June 10, 2014

by Carol~ Moderator / June 10, 2014 5:43 AM PDT
Adobe, Microsoft Push Critical Security Fixes

Adobe and Microsoft today each released updates to fix critical security vulnerabilities in their software. Adobe issued patches for Flash Player and AIR, while Microsoft's Patch Tuesday batch includes seven update bundles to address a whopping 66 distinct security holes in Windows and related products.

The vast majority of the vulnerabilities addressed by Microsoft today are in Internet Explorer, the default browser on Windows machines. A single patch for IE this month (MS14-035) shores up at least 59 separate security issues scattered across virtually every supported version of IE. Other patches fix flaws in Microsoft Word, as well as other components of the Windows operating system itself.

Most of the vulnerabilities Microsoft fixed today earned its "critical" rating, meaning malware or bad guys could exploit the flaws to seize control over vulnerable systems without any help from users, save perhaps for having the Windows or IE user visit a hacked or booby-trapped Web site.

Continued : http://krebsonsecurity.com/2014/06/adobe-microsoft-push-critical-security-fixes-4/

Also See:
Microsoft Security Bulletin Summary for June 2014
Adobe Flash Player Security Updates (APSB14-16)
Discussion is locked
You are posting a reply to: NEWS - June 10, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 10, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Windows 8.1 patches won't install without April update
by Carol~ Moderator / June 10, 2014 10:01 AM PDT
In reply to: NEWS - June 10, 2014

"To snag Microsoft's June patches and later ones, Windows 8.1 users better make sure they've installed the April update."

Windows 8.1 users who have not yet installed the major update rolled out in April will not be able to install future patches and bug fixes for the OS.

That requirement was first revealed when Microsoft launched the so-dubbed Windows 8.1 Update in early April. But a Microsoft spokewoman confirmed to CNET that the requirement is now in place starting with the June Patch Tuesday updates rolling out today.

"The majority of Windows 8.1 customers have installed the Windows 8.1 update," Microsoft spokeswoman Jill Lovato told CNET in an email on Monday. "For those who have not yet made the transition, those newer updates offered with this month's Update Tuesday will be considered 'not applicable.' Customers' infrastructure will continue to function; however, it should be noted that they can't consume any further updates until they apply the Windows 8.1 Update."

Continued : http://www.cnet.com/news/windows-8-1-patches-wont-install-without-april-update/

Related : Black Tuesday toll: Microsoft drops Windows 8.1 support

See thread titled: Regarding the Need to Install Windows 8.1 Update

Collapse -
New Pandemiya Banking Trojan Written From Scratch
by Carol~ Moderator / June 10, 2014 10:02 AM PDT
In reply to: NEWS - June 10, 2014

Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get started. These three in particular have been adapted over and over, fortifying the illicit reputations of banking Trojans.

That makes the recent discovery of a new banking Trojan all the more noteworthy. RSA Security's FraudAction team released a report on Pandemiya, a Trojan that's being promoted in hacker forums as an alternative to the Zeus banking Trojan and its many variants.

The Trojan is being sold for as much as $2,000 and provides many of the same features that well-known banking malware provides, including encrypted communication with command and control servers in order to hamper detection and analysis. The Trojan also has a modular design; its ability to load external plug-ins, RSA said, allows hackers to add new features simply by writing a new DLL. The plug-ins easily add capabilities to the Trojan's core functionality.

Continued : http://threatpost.com/new-pandemiya-banking-trojan-written-from-scratch/106554

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!