8 Microsoft fixes coming in tomorrow's December Patch Tuesday

Patches from Madriva, Debian, Ubuntu Facebook worm refuses to die Adobe admits new PDF password protection is weaker, and other interesting reading

By Jason Meserve, Network World
December 08, 2008 10:35 AM ET

Eight Microsoft fixes coming in tomorrow's December Patch Tuesday
Microsoft will deliver eight security updates next week, six of them marked "critical," to plug holes in Windows, Internet Explorer, Office and other products. Two of the eight updates will patch Windows, another two are aimed at Office, while the remaining four target Internet Explorer (IE), SharePoint, Windows Media Player, and Visual Basic and Visual Studio, Microsoft said Thursday in its monthly advance warning of what to expect next Tuesday. Computerworld, 12/04/2008.

Microsoft's December advance advisory
**********

Five new patches from Mandriva:

ClamAV (denial of service)

Related Content

libsamplerate (buffer overflow, code execution)

Apache2 (denial of service)

vim (multiple flaws)

Mozilla Thunderbird (multiple flaws)
**********

Two new updates from Debian:

linux-2.6.24 (denial of service, privilege escalation)

ClamAV (multiple flaws)
**********

Two new fixes from Ubuntu:

nfs-utils (security bypass)

AWStats (cross scripting attack)
**********

Today's malware news:

Facebook worm refuses to die
A worm program that has been tricking Facebook users into downloading malicious software since July has resurfaced. Criminals have released a new variation of the worm, known as Koobface, Facebook said Friday. The program is spreading via Facebook messages that look as if they're videos. IDG News Service, 12/05/2008.

Also: Koobface On The Prowl Again

Creating MS08-067 Exploits
We are seeing fair amounts of infections using the MS08-067 vulnerability. Most of these belong to a worm family that goes by the names Downadup, Conficker, or Kido. We have also discovered several Chinese tools that are being used by the underground to create files that exploit this vulnerability. F-Secure, 12/05/2008.

Firefox users targeted by rare piece of malware
Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users. The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started. IDG News Service, 12/04/2008.

Classmates dot com Fast Flux Malware
The Gozi infostealer is running around, this time using new domains and a new lure: a "video invitation from your classmates". This has been going on all week, too. In an email purporting to be from Classmates.com, you're told to go look at a web page and join up. To view the video you need to .. you guessed it, download a new Flash player. Don't worry, they’ll help you out. Security to the Core, 12/05/2008.
**********

From the interesting reading department:

Adobe admits new PDF password protection is weaker
Adobe made a critical change to the algorithm used to password-protect PDF documents in Acrobat 9, making it much easier to recover a password and raising concern over the safety of documents, according to Russian security firm Elcomsoft. IDG News Service, 12/05/2008.

FTC has a message for vishing victims
The e-mail looks important: "National 1st Credit Union temporarily suspended your account. Reason: Billing failure." Further down, it tells you to call this number to reactivate: 201.... The e-mail is a scam, sent by criminals who are trying to trick you into divulging sensitive information such as your bank account number and password. But in this case, victims have caught a break. Instead of reaching scammers, people who dial this number get a message from the U.S. Federal Trade Commission. IDG News Service, 12/06/2008.