Check Point Software Technologies, maker of ZoneAlarm, on Wednesday said it is working with Microsoft to resolve an issue with one of the patches within the software maker's July 2008 Patch Tuesday release.
At issue is the Microsoft Update KB951748 (MS08-037) from Microsoft, which addresses the flaw in DNS made public on Tuesday by security researcher Dan Kaminsky.
For ZoneAlarm customers who have automatic update selected for Windows Updates, and whose ZoneAlarm Internet security level is set to "high," they will experience a loss of Internet connectivity upon reboot.
ZoneAlarm users without automatic update may wish to wait to install the update until the matter is resolved.
For those who have already installed the patch, Check Point recommends users remove Microsoft Update KB951748 from their systems. Detailed instructions for doing this can be found here. Another option is to lower the ZoneAlarm Internet security setting to "medium," although Check Point doesn't recommend that.
On Monday, Adobe released a security update for a serious vulnerability within Reader and Acrobat. The vulnerability described in CVE-2008-2641 is being circulated on the Internet. Adobe says if exploited the vulnerability could crash applications and could allow an attacker to take control of the affected system.
The update affects Adobe Reader 8.0 through 8.1.2, Adobe Reader 7.0.9 and earlier, Adobe Acrobat Professional, 3D and Standard 8.0 through 8.1.2, Adobe Acrobat Professional, 3D and Standard 7.0.9 and earlier. It does not affect Adobe Reader 7.1.0 and Acrobat 7.1.0.
With its February 12, 2008, Patch Tuesday release, Microsoft has decided, for security reasons, to push out Internet Explorer 7, even to businesses that have previously blocked the automatic upgrade.
According to this Microsoft knowledge base article the software giant will release the Windows Internet Explorer 7 Installation and Availability update to Windows Server Update Services (WSUS) marked as an Update Rollup package. Microsoft says for business customers who have "set WSUS to 'auto-approve' Update Rollup packages (this is not the default configuration), Windows Internet Explorer 7 will be automatically approved for installation." Microsoft introduced the delay feature to give companies a chance to test the browser.
In particular, Microsoft says companies that need to take action before February 12 include those that:
Use WSUS 3.0 to manage updates in their organization Have Windows XP Service Pack 2 (SP2)-based computers or Windows Server 2003 Service Pack 1 (SP1)-based computers that have Internet Explorer 6 installed Do not want to upgrade Internet Explorer 6 machines to Windows Internet Explorer 7 at this time Have configured WSUS to auto-approve Update Rollups for installation
The knowledge base article cited above provides step-by-step instructions for companies wishing to continue to block the automatic installation of Internet Explorer 7.
This February rollup package does not apply to Windows Vista users since that operating system shipped with Internet Explorer 7.
According to security vendor McAfee, one of the profiles on MySpace currently serves up a fraudulent Microsoft security update that, if clicked, attempts to load malicious software. The profile of a 42-year-old woman from Arkansas appears to exist solely for the purpose of infecting visitors. McAfee says that both Microsoft and MySpace have been contacted.
Joris Evers, publicity director at McAfee, says "attackers send unwitting MySpace users a friend request, asking them to become friends with 'Rita.' When the user clicks to see who 'Rita' is they are sent to the profile that serves up malware." The profile page is "overlaid with what looks like a legitimate Windows 'Automatic Updates' pop-up box. Clicking on or near the pop-up results in a request for a file download masked as a Microsoft update called 'updateKB890830.exe' from a server that includes 'winxpupdate.Microsoft' in its name."
As of now the page is still available on the MySpace site. McAfee says its customers are protected. CNET tested ZoneAlarm and a few other security apps that also blocked access to the malicious code.
- prev
- 1
- next
