As part of its monthly "Patch Tuesday" schedule, Microsoft has issued a number of bulletins about six security vulnerabilities in its software, says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"The list of affected software includes Microsoft Office (both Windows and Mac versions), Microsoft Windows, and Microsoft's security products Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront Security," he says.
Four of the vulnerabilities, which appear in Microsoft's Jet Database Engine and in nearly every edition of Microsoft Office, have been tagged as "critical", and could allow a hacker to gain remote control over a user's computer or install malicious code, he explains.
"As can be seen by this month's bunch of updates, Microsoft security patches aren't just important for Windows users. Apple business users would be wise to take heed of them, too," he says.
"As Internet criminals become increasingly organised and financially-motivated, it is more important than ever to ensure your business is properly defended with the latest patches."
Malevolent malware
This week also saw a number of low to medium prevalence Trojans and worms, says Myroff.
"Troj/Dloadr-BLR, affecting Windows users, installs itself in the registry, and changes the registry value," he says.
Troj/Iframe-AD, another Trojan for Windows, is spreading via Web browsing. "It is an iframe with a src= attribute pointing to a malicious script or an html file containing malicious script," Myroff explains.
Troj/RPExpl-A, also spreading via Web browsing and affecting the Windows OS, uses an exploit in Windows RealPlayer to cause the download and execution of files from a remote site, Myroff says.
Troj/Zlob-AKU installs itself in the registry and creates a toolbar in Internet Explorer with the following buttons: remove pop-ups, scan spyware, security test and spam protection.
Troj/Zlob-AKU displays a message in the Internet Explorer window with the following text: "Warning: possible spyware or adware infection! Click here to scan your computer for spyware and adware..."
Finally, Myroff says, the W32/Autorun-EA worm has also been noted and is affecting Windows users. It is spreading via removable storage devices and installs itself in the registry.
"Network access control is crucial to identifying managed, unmanaged and guest computers that do not comply with your security policy, and acts as a vital tool when dealing with newly reported security vulnerabilities.
"It is possible to quickly assess, for instance, which computers are incorrectly patched or have their firewall disabled. You may then choose to automatically fix vulnerabilities before allowing the PCs to access your network, or simply block non-compliant computers."
Share
Editorial contacts