WARNING: Facebook Clickjacking Attack Spreading Through News Feed
A new malware attack is spreading via Facebook’s news feed, according to reports from users on Twitter.
The attack consists of a message starting with the phrase “try not to laugh xD,” followed by this link: “http://www.fbhole.com/omg/allow.php?s=a&r=72306″ (don’t open it).
The attack, which seems to repost the message without your permission, uses the oldest trick in the book. Once you click on the link, you’ll see Facebook greyed out and a weird dialog that looks like a Windows error message, containing the phrase “If I don’t, someone else do it”. If you click anywhere on the page, you’ll repost the link because your click will land on a moving iframe with very low opacity. By clicking on it, you’re actually clicking the “publish” button on Facebook.
Interestingly enough, the root index file of the site in question (www.fbhole.com) contains only the phrase “My Facebook” that links to a nonexistent Facebook profile.
We’ve seen similar Facebook attacks before, and although they may be harmless, clicking on suspicious links is always dangerous. If you’ve seen this (or similar) attack on Facebook, please let us know in the comments.
Reposted from Mashable
Sometimes F1 doesn’t actually help.
Microsoft Security Advisory (981169)
Vulnerability in VBScript Could Allow Remote Code Execution
Version: 1.0
General Information
Executive Summary
Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.
The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user. On systems running Windows Server 2003, Internet Explorer Enhanced Security Configuration is enabled by default, which helps to mitigate against this issue.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
Microsoft is concerned that this new report of a vulnerability was not responsibly disclosed, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone’s best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.
Tech Tip Tuesday: Computer Cleaning
Your computer doesn’t need gas, oil or spring tuneups, but it does need preventive maintenance. Without regular maintenance, your computer may flail, sputter and grind to a halt, leaving you stranded on the soft shoulder of the Information Highway. Dust, dirt and grime can lead to serious problems with your computer. The chips and circuits in your system have two mortal enemies; heat and corrosion. If your system is located in a hermetically sealed, climate controlled office, cleaning once a year may suffice. In dust prone areas however, having your system cleaned every three to six months will add years to the life of your system.
Microsoft patches IE with out of phase critical update.
Microsoft today has released a rare out of phase critical update to Windows 2000, Windows XP, Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008. This update is to patch all versions of internet explorer against the exploit that was used in the hack attacks against Google which were allegedly carried out by the Chinese government. It is recommend that all users update windows as soon as possible.
From Microsoft TechNet:
Executive Summary
This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7, and Internet Explorer 8 (except Internet Explorer 6 for supported editions of Windows Server 2003). For Internet Explorer 6 for supported editions of Windows Server 2003 as listed, this update is rated Moderate. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, validates input parameters, and filters HTML attributes. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.
This security update also addresses the vulnerability first described in Microsoft Security Advisory 979352.
Recommendation. The majority of customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.
For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.
Known Issues. None
Welcome
With the recent updates to our site we have launched a blog. We will post security updates, tips, tricks and anything else that you may find useful here.