Clear Belief Systems Blog » Bugs

IE Exploit Used in Google Attacks

Don Fosen — Wed, 20 Jan 2010 20:26:30 +0000

A bug in Internet Explorer was used by what appears to be Chinese government sponsored hackers to access the email accounts of Chinese dissidents. Microsoft has stated that this problem exists mainly in Internet Explorer 6 but there is some question in the industry about how this issue affects the more recent iterations of IE. Some reports claim that the bug exists but it would only crash IE, not allow access to protected data. Microsoft is expected to release a patch by February 9th at the latest.

This is a great example of why it is so critical to keep current on Windows updates, many of the updates Microsoft is releasing now are fixing serious security problems, not just for Internet Explorer but all of Microsoft’s products. I also highly recommend Firefox (download here) for those of you who have not tried it. It has an occasional security problem as well but overall appears to be more secure than Internet Explorer.

Additional Information:

Google Blog Post About Incident
Microsoft Security Response
Hacking Code Made Public
Hackers Wield Newest IE Exploit

Update: Yesterday (Thursday January 21st) Microsoft released an emergency patch for this bug. Please make sure you are current on Windows Updates.

Unpatched Adobe PDF bug results in large-scale attacks

Don Fosen — Thu, 07 Jan 2010 19:50:14 +0000

Adobe has acknowledged a bug in their Reader and Acrobat software that is being used to conduct large-scale attacks against users. The bug was acknowledged on December 14th but Adobe decided not to fix it until January 12th at the earliest. Please be very careful about opening PDF files from unknown sources until this is resolved. I highly recommend that you disable Javascript in Reader, click here for detailed instructions on how to do this. If you running Adobe Reader 9 you should get the update automatically when it is released, if you are not running version 9 you should install it. You can also consider alternative PDF Reader software, Foxit Reader has been well reviewed. Download it here.

Additional Information:
New Adobe Reader and Acrobat Vulnerability
Large-scale attacks exploit unpatched PDF bug
Adobe probes new in-the-wild PDF bug

Symantec Endpoint Protection Bug

Don Fosen — Sat, 02 Jan 2010 17:40:43 +0000

Symantec has reported a problem with Symantec Endpoint Protection where anti-virus update files received after 12-31-2009 are not dated properly. This means that the ant-virus definition files can appear to be out of date even though they are current. Symantec has implemented a short term fix to ensure that definitions are received until the bug is fixed. If you are running Symantec Endpoint do not be alarmed if the definitions appear out of date even after an update has been run.

Additional Information:
Symantec Support Site