Tuesday, June 21, 2011

Security goodness, in Industrial Quantities

Lots going on, all of interest to you.

1. There are a god of fixes in the latest Patch Tuesday from Microsoft.  Run Windows Update to get the security goodness.  Lots of stuff you need here, so don't be tardy.

2. Microsoft has two interesting beta tools available for free: the Safety Scanner to find and clean malware, and the Standalone System Sweeper, which will start even systems infected with rootkits and other advanced nasties, and make you whole again.  Interesting stuff, and recommended.

3. Adobe has a much needed patch available that closes a hole that's being exploited in the wild.  It also adds an auto-update feature for subsequent patches.  Given how much security trouble Adobe has been in lately, this is A Very Good Thing Indeed.  The patches you want are this and this.

4. McAfee to extend their antivirus products to cover Smart Phones (particularly Android):

McAfee on Tuesday said it will extend its wares into smartphones and tablets as mobile security moves to the forefront. Tablets and smartphones apparently are the next growth market for anti-virus protection.

And given Android devices are quickly becoming a popular attack vector, McAfee is doubling down on that platform.
Interesting.  I think that antivirus is locking the barn door after the horse has gotten out, but there's no doubt that iOS and Android have become a major target for the Bad Guys.

And just to harsh everyone's security mellow, this is worth watching:

Stuxnet: Anatomy of a Computer Virus from Patrick Clair on Vimeo.

Other than nobody pays $100k for exploits, it's spot on.  Our infrastructure is terribly vulnerable, as the Slammer Worm showed 8 years ago.

Via American Digest.


SiGraybeard said...

What a video!

I think I just wet myself.

kx59 said...

Pbbght! phooey! You can have the absolute best firewall, antivirus, "I KILL YOU!" protection on the face of the planet, and all it takes is one laptop user that kills his live update because it's "inconvenient" to hose your network. G'head ask me how I know...
I'll be all over those links in the first thing in the morning.

kx59 said...

K, so now I've watched the video. Sunday, after the blogshoot I'm pulling the 5kw generator that's been mothballed since Ike and firing it up. And, filling the legion of 5 gallon gas cans with some very expensive fuel.
So, the douche that gave up the vulnerabilities of Iran's nuke program computer system to Israel and the US turned around and put it on the net? Or, some douche in in the Us or Israel laid it out on the internet for Anonymous?
The irony is that if those highly educated morons don't realize if they manage to bring down civilization they have no skills acquired from blogshoots...and they are screwed. Because, when the power grid goes down, their ups is only going to last so long.

Anonymous said...

The Microsoft Standalone System Sweeper appears to be designed for use only under the direction of an open case with MS tech support. I can't get it to run (won't update) and see a few similar complaints in social.answers.microsoft . Not meant for unsupervised customer use.