PC-Armor Computer Security News Blog

If you use RealPlayer 10.5 or RealPlayer 11 beta, patch it immediately!

A patch for RealPlayer 10.5 and 11 Beta with a rating of “extremely critical” has been released to address a security flaw that has been recently targeted for attacks.

When a victim visits malicious Web sites using Microsoft’s Internet Explorer Web browser, the perpetrators could exploit a buffer overflow vulnerability in RealPlayer and run malicious code on the targeted machine.

You can download the patch and read more details about this attack on the RealPlayer web site at:

http://service.real.com/realplayer/security/191007_player/en/

Keep those patches coming…

Microsoft will be releasing a number of patches this coming Tuesday, August 14, 2007.  If you do not have “Automatic Updates” enabled, you should make sure you download and install all available security patches from the Microsoft Windows Update site.

Here is a detailed list of the patches that will be released:

http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx

While you’re at it, you might want to check Adobe.com for Acrobat Reader and Macromedia Flash updates; Java updates from http://www.java.com/en/download/index.jsp; Apple QuickTime; and any other applications you use.

It is important to regularly check for security updates and if they are available…don’t wait!

Stay Safe!

Tomorrow is Patch Tuesday

Microsoft will be releasing a number of patches for Windows, Office, and a couple of server products tomorrow, Tuesday, May 8, 2007.

Since many of these patches fix Zero-day vulnerabilities, everyone should download and install them immediately!

As always, your best move would be to install them as soon as you can.

If you haven’t yet installed the Microsoft Security updates, now is the time

Microsoft released 6 security updates today, three of which patch Zero-day vulnerabilities and exploit code available to those with malicious intent willing to use it to their benefit.

Do yourself a favor and install all available Windows Security updates now!

Make sure your Microsoft Patches are up-to-date

The Microsoft security patches released in February 2007 patched a flaw in Internet Explorer that would allow attackers to exploit a flaw in the ADODB.Connection ActiveX Control.  Websense security disclosed Monday, March 26, 2007 that code has been published to exploit the flawed ADODB.Connection ActiveX control in Microsoft Data Access Components (MDAC); which if patched, would not be vulnerable to this attack.  You can read the details at:

http://www.websense.com/securitylabs/alerts/alert.php?AlertID=758

As always, keeping your system patched regularly is not only prudent now days…it is absolutely critical in minimizing your risk to attacks!

Also, you may have read about the ANI Cursor vulnerability and the damage it is already causing to Internet-connected computers.  Well, Microsoft is releasing a security patch tomorrow and according to the SANS Internet Storm Center, this patch will address the ANI Cursor vulnerability.  The Microsoft Security Response Center Blog discloses more information about this unscheduled release and you can read it here:

This patch has a “Critical” rating and is an “out-of-cycle” release; which is not part of the scheduled “Patch Tuesday” release - that will occur next week.

Protect yourself and make sure you download and install the security update from the Microsoft Windows Update site tomorrow!

Apple Released 8 Patches for QuickTime

If you use Apple’s QuickTime Player, you should make sure to download and install all 8 newly-released Security patches from Apple’s website or by using the Apple Update feature.

You can download and install the latest version from:

http://www.apple.com/quicktime/download/

You would be well advised to apply the latest version as quickly as possible to minimize your risk of being exploited!

Patch Tuesday is Upon Us Again…

It’s that magical time of the month when Microsoft releases security updates to patch vulnerabilities within their products.  This month’s release is quite significant with 8 updates for Windows XP SP2, 1 update for Internet Explorer 7, and 7 updates for the Office 2003 Professional products.

If you do not have “Automatic Updates” enabled, you can go to the Microsoft Update site and download all necessary updates from:

http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us

Don’t forget about the Office products; you can find them at:

http://office.microsoft.com/en-us/downloads/maincatalog.aspx

Do yourself a favor and install all of the Microsoft updates immediately.

Microsoft will be Releasing 12 Security Updates

Next Tuesday is “Patch Tuesday” for Microsoft products and it looks like the software giant will be releasing 12 updates.  With all of the “Zero-day” vulnerabilities and exploits lately, it is highly advisable to download and install the Microsoft Security updates immediately!

You can read an advanced summary of the scheduled release at:

http://www.microsoft.com/technet/security/bulletin/advance.mspx

Microsoft is Releasing an Optional Update to Adjust Computer Clocks for the New Daylight Saving Time Change

In compliance with this provision in the Energy Policy Act of 2005, Daylight Saving Time dates in the United States and Canada will start three weeks earlier (2:00 AM on the second Sunday in March) and will end one week later (2:00 AM on the first Sunday in November).  Continue reading Microsoft is Releasing an Optional Update to Adjust Computer Clocks for the New Daylight Saving Time Change…

Microsoft Releases a New Patch for Excel 2000

Do you have Microsoft Excel 2000 installed on your computer?  If so, Microsoft released an updated security update to replace an update that was released earlier.

This is a critical update and should be downloaded and installed immediately.  You can find it here:

http://www.microsoft.com/technet/security/Bulletin/MS07-002.mspx