Archive for February, 2011

There are some common myths that may influence your online security
practices. Knowing the truth will allow you to make better decisions about
how to protect yourself.

How are these myths established?

There is no one cause for these myths. They may have been formed because of
a lack of information, an assumption, knowledge of a specific case that was
then generalized, or some other source. As with any myth, they are passed
from one individual to another, usually because they seem legitimate enough
to be true.

Why is it important to know the truth?

While believing these myths may not present a direct threat, they may cause
you to be more lax about your security habits. If you are not diligent about
protecting yourself, you may be more likely to become a victim of an attack.

What are some common myths, and what is the truth behind them?

* Myth: Anti-virus software and firewalls are 100% effective.
Truth: Anti-virus software and firewalls are important elements to
protecting your information (see Understanding Anti-Virus Software and
Understanding Firewalls for more information). However, neither of these
elements are guaranteed to protect you from an attack. Combining these
technologies with good security habits is the best way to reduce your
risk.
* Myth: Once software is installed on your computer, you do not have to
worry about it anymore.
Truth: Vendors may release updated versions of software to address
problems or fix vulnerabilities (see Understanding Patches for more
information). You should install the updates as soon as possible; some
software even offers the option to obtain updates automatically. Making
sure that you have the latest virus definitions for your anti-virus
software is especially important.
* Myth: There is nothing important on your machine, so you do not need to
protect it.
Truth:  Your  opinion  about  what is important may differ from an
attacker’s opinion. If you have personal or financial data on your
computer, attackers may be able to collect it and use it for their own
financial gain. Even if you do not store that kind of information on
your computer, an attacker who can gain control of your computer may be
able  to use it in attacks against other people (see Understanding
Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and
Botnets for more information).
* Myth: Attackers only target people with money.
Truth: Anyone can become a victim of identity theft. Attackers look for
the biggest reward for the least amount of effort, so they typically
target databases that store information about many people. If your
information happens to be in the database, it could be collected and
used for malicious purposes. It is important to pay attention to your
credit information so that you can minimize any potential damage (see
Preventing and Responding to Identity Theft for more information).
* Myth: When computers slow down, it means that they are old and should be
replaced.
Truth: It is possible that running newer or larger software programs on
an older computer could lead to slow performance, but you may just need
to replace or upgrade a particular component (memory, operating system,
CD or DVD drive, etc.). Another possibility is that there are other
processes or programs running in the background. If your computer has
suddenly become slower, it may be compromised by malware or spyware, or
you may be experiencing a denial-of-service attack (see Recognizing and
Avoiding Spyware and Understanding Denial-of-Service Attacks for more
information).
_________________________________________________________________

Author: Mindi McDowell

VMware has released an advisory to alert users of an issue affecting VMware on the Microsoft Windows 7 platform. This issue prevents VMware from connecting from the View Client on Windows 7 to the View Connection Server after installing the Microsoft patches 2482017 and
2467023 from Microsoft Security Bulletin MS11-003.

VMware users on the Windows 7 platform should upgrade to VMware View Client build 353760 prior to applying Microsoft patches 2482017 and 2467023. VMware users who have previously applied these Microsoft patches should upgrade to VMware View Client build 353760 to mitigate the issue.

Additional information can be found in the VMware Knowledge Base advisory.

Relevant Url(s):
<http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1034262>

<http://support.microsoft.com/kb/2467023>

<http://support.microsoft.com/kb/2482017>

Microsoft Updates for Multiple Vulnerabilities

Original release date: February 08, 2011
Last revised: –
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Office

Overview

There are multiple vulnerabilities in Microsoft Windows, Microsoft
Office, and Internet Explorer. Microsoft has released updates to
address these vulnerabilities.

I. Description

The Microsoft Security Bulletin Summary for February 2011 describes
multiple vulnerabilities in Microsoft Windows, Microsoft Office,
and Internet Explorer. Microsoft has released updates to address
the vulnerabilities.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code,
cause a denial of service, or gain unauthorized access to your
files or system.

III. Solution

Apply updates

Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for February 2011. That
bulletin describes any known issues related to the updates.
Administrators are encouraged to note these issues and test for any
potentially adverse effects. In addition, administrators should
consider using an automated update distribution system such as
Windows Server Update Services (WSUS).

IV. References

* Microsoft Security Bulletin Summary for February 2011 -
<http://www.microsoft.com/technet/security/bulletin/ms11-Feb.mspx>

* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>

The popularity of social networking sites continues to increase, especially
among teenagers and young adults. The nature of these sites introduces
security risks, so you should take certain precautions.

What are social networking sites?

Social networking sites, sometimes referred to as “friend-of-a-friend”
sites, build upon the concept of traditional social networks where you are
connected to new people through people you already know. The purpose of some networking  sites  may  be  purely social, allowing users to establish
friendships  or  romantic  relationships,  while  others  may focus on
establishing business connections.

Although the features of social networking sites differ, they all allow you
to provide information about yourself and offer some type of communication
mechanism (forums, chat rooms, email, instant messenger) that enables you to connect with other users. On some sites, you can browse for people based on certain criteria, while other sites require that you be “introduced” to new
people through a connection you share. Many of the sites have communities or subgroups that may be based on a particular interest.

What security implications do these sites present?

Social networking sites rely on connections and communication, so they
encourage you to provide a certain amount of personal information. When
deciding how much information to reveal, people may not exercise the same
amount of caution as they would when meeting someone in person because
* the internet provides a sense of anonymity * the lack of physical interaction provides a false sense of security * they tailor the information for their friends to read, forgetting that others may see it * they want to offer insights to impress potential friends or associates

While  the  majority of people using these sites do not pose a threat,
malicious people may be drawn to them because of the accessibility and
amount  of personal information that’s available. The more information
malicious people have about you, the easier it is for them to take advantage
of  you.  Predators  may  form  relationships online and then convince
unsuspecting  individuals to meet them in person. That could lead to a
dangerous situation. The personal information can also be used to conduct a
social engineering attack (see Avoiding Social Engineering and Phishing
Attacks for more information). Using information that you provide about your location,  hobbies,  interests,  and friends, a malicious person could
impersonate a trusted friend or convince you that they have the authority to
access other personal or financial data.

Additionally, because of the popularity of these sites, attackers may use
them to distribute malicious code. Sites that offer applications developed
by third parties are particularly susceptible. Attackers may be able to
create customized applications that appear to be innocent while infecting
your computer or sharing your information without your knowledge.

How can you protect yourself?

* Limit  the  amount  of personal information you post – Do not post
information that would make you vulnerable, such as your address or
information about your schedule or routine. If your connections post
information about you, make sure the combined information is not more
than  you  would  be  comfortable  with strangers knowing. Also be
considerate when posting information, including photos, about your
connections.
* Remember that the internet is a public resource – Only post information
you are comfortable with anyone seeing. This includes information and
photos in your profile and in blogs and other forums. Also, once you
post information online, you can’t retract it. Even if you remove the
information from a site, saved or cached versions may still exist on
other people’s machines (see Guidelines for Publishing Information
Online for more information).
* Be  wary  of  strangers – The internet makes it easy for people to
misrepresent their identities and motives (see Using Instant Messaging
and Chat Rooms Safely for more information). Consider limiting the
people who are allowed to contact you on these sites. If you interact
with people you do not know, be cautious about the amount of information
you reveal or agreeing to meet them in person.
* Be skeptical – Don’t believe everything you read online. People may post
false or misleading information about various topics, including their
own identities. This is not necessarily done with malicious intent; it
could be unintentional, an exaggeration, or a joke. Take appropriate
precautions,  though,  and  try  to verify the authenticity of any
information before taking any action.
* Evaluate your settings – Take advantage of a site’s privacy settings.
The  default  settings for some sites may allow anyone to see your
profile, but you can customize your settings to restrict access to only
certain people. There is still a risk that private information could be
exposed despite these restrictions, so don’t post anything that you
wouldn’t  want  the  public to see. Sites may change their options
periodically, so review your security and privacy settings regularly to
make sure that your choices are still appropriate.
* Be wary of third-party applications – Third-party applications may
provide entertainment or functionality, but use caution when deciding
which applications to enable. Avoid applications that seem suspicious,
and  modify  your  settings to limit the amount of information the
applications can access.
* Use strong passwords – Protect your account with passwords that cannot
easily  be guessed (see Choosing and Protecting Passwords for more
information). If your password is compromised, someone else may be able
to access your account and pretend to be you.
* Check privacy policies – Some sites may share information such as email
addresses or user preferences with other companies. This may lead to an
increase in spam (see Reducing Spam for more information). Also, try to
locate the policy for handling referrals to make sure that you do not
unintentionally sign your friends up for spam. Some sites will continue
to send email messages to anyone you refer until they join.
* Keep software, particularly your web browser, up to date – Install
software  updates so that attackers cannot take advantage of known
problems  or  vulnerabilities  (see Understanding Patches for more
information). Many operating systems offer automatic updates. If this
option is available, you should enable it.
* Use and maintain anti-virus software – Anti-virus software helps protect
your computer against known viruses, so you may be able to detect and
remove  the  virus  before it can do any damage (see Understanding
Anti-Virus  Software  for more information). Because attackers are
continually  writing  new  viruses,  it  is important to keep your
definitions up to date.

Children are especially susceptible to the threats that social networking
sites present. Although many of these sites have age restrictions, children
may misrepresent their ages so that they can join. By teaching children
about internet safety, being aware of their online habits, and guiding them
to appropriate sites, parents can make sure that the children become safe
and  responsible  users  (see  Keeping  Children  Safe Online for more
information).

_________________________________________________________________

Author: Mindi McDowell

RealNetworks, Inc. has released an update for Windows RealPlayer
14.0.1 and prior to address a vulnerability. Exploitation of this
vulnerability may allow an attacker to execute arbitrary code.

VideoLAN has released a security advisory to address a vulnerability
in VLC Media Player. This vulnerability may allow an attacker to
execute arbitrary code.

US-CERT encourages users and administrators to review VideoLAN
security advisory VideoLAN-SA-1102 and apply any necessary updates or
workarounds to help mitigate the risks.