Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 


Symantec Security Response

05/12/14 Symantec Security Response

Today, Microsoft issued information on two new security bulletins. Of these two bulletins, Symantec Security Response identified the Microsoft Security Bulletin (MS05-054) Cumulative Internet Explorer update to be critical. Within the cumulative (MS05-054) update, Symantec has identified the vulnerabilities below in Internet Explorer to be most critical. As a result of these bulletins, Symantec has raised the Symantec ThreatCon to a Level 2 (on a rating scale of 1-4 with 4 being the most severe).

Mismatched Document Object Model Objects Memory Corruption Vulnerability

This is an Internet Explorer vulnerability that was originally uncovered in May 2005 and classified as a denial-of-service vulnerability. However, new exploit code available in the wild is capable of using this vulnerability to remotely run code on the local system resulting in complete control of the affected computer. An attacker could exploit this vulnerability by luring users to malicious Web pages. Symantec Security Response has rated this threat as critical.

COM Object Instantiation Memory Corruption Vulnerability

This update prevents buffer overflows in COM objects that are not intended to be invoked through Internet Explorer. An attacker could exploit this vulnerability through luring users to malicious Web pages and running code on the local system resulting in complete control of the affected computer. One of the objects that will be disabled is an ActiveX control associated with Sony BMG’s removal program for their XCP software. Symantec Security Response has rated this threat as critical.

“These vulnerabilities are increasingly being used to facilitate online fraud through the installation of malicious software on vulnerable computers. Symantec continues to see the threat landscape evolving with a growing trend indicating that cybercrime is on the rise,” said Oliver Friedrichs, senior manager, Symantec Security Response. “Symantec has already seen exploits for some of these vulnerabilities in the wild and recommends that users apply the updates as quickly as possible.”

Symantec recommends the following actions for enterprises:

- Evaluate the possible impact of these vulnerabilities to critical systems.

- Plan for required responses including patch deployment and implementation of security best practices using the appropriate security solutions.

- Take proactive steps to protect the integrity of networks and information.

- Verify that appropriate data backup processes and safeguards are in place and effective.

- Remind users to exercise caution in opening all unknown or unexpected e-mail attachments and in following Web links from unknown or unverified sources.

Symantec recommends the following actions for consumers:

- Regularly run Windows Update and install the latest security updates to keep software up to date.

- Avoid opening unknown or unexpected e-mail attachments or following Web links from unknown or unverified sources.

- Consider using an Internet security solution such as Norton Internet Security to protect against today's known and tomorrow's unknown threats.


Additional information can be found at: http://www.microsoft.com/technet/security/bulletin/ms05-dec.mspx

Symantec’s security experts will closely monitor further information related to these vulnerabilities and will provide updates and security content as necessary.

ENDS

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>

ALSO:

Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>

Earlier:

Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>

ALSO:

Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>

ALSO:

Half A Billion Accounts, Including Xtra: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>

ALSO:

Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>

ALSO:

Get More From Scoop

 
 
 
 
 
 
 
 
 
Sci-Tech
Search Scoop  
 
 
Powered by Vodafone
NZ independent news