June 2006 - Posts - JD @ myITforum.com

June 2006 - Posts

Wednesday, June 28, 2006 8:29 PM

Voice Phishing

I am never surprised at how far scammers will go in order to get new victims. It seems they are now combining targeted spam with phone numbers that utilize voice recordings that prompt the user to provide account information.

http://www.theregister.co.uk/2006/06/26/voice_phishing/

http://www.websense.com/securitylabs/alerts/alert.php?AlertID=534

How can you protect yourself? Here are three tips that might help:

1) Be suspicious of any email with urgent requests for personal financial information.

2) Don't use the links or phone numbers in any email to contact your online service provider. Instead, keep your online service provider's phone number, address, and website on record. Always verify the number with the one you have on record. In most cases, service providers never ask for account passwords.

3) Familiarize yourself with your online services provider (I.E. Banking, ISP, Utilities) and their methods of operation and privacy policies.

Posted by Anonymous | with no comments

Filed under: Antivirus and Security Best practices

Tuesday, June 13, 2006 7:23 PM

Microsoft Security Updates 13JUN06

Bulletin Identifier	Microsoft Security Bulletin MS06-021
Bulletin Title	Cumulative Security Update for Internet Explorer (916281)
Executive Summary	This update resolves several vulnerabilities in Internet Explorer that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows, Internet Explorer. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-022
Bulletin Title	Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)
Executive Summary	This update resolves a vulnerability that could allow remote code execution when using Internet Explorer.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows, Internet Explorer. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-023
Bulletin Title	Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344)
Executive Summary	This update resolves a vulnerability in JScript that could allow remote code execution when using Internet Explorer.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows, JScript. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-024
Bulletin Title	Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734)
Executive Summary	This update resolves a vulnerability in Windows Media Player that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows, Windows Media Player. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-025
Bulletin Title	Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280)
Executive Summary	This update resolves vulnerabilities in Windows that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-026
Bulletin Title	Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)
Executive Summary	This update resolves a vulnerability in Windows that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-027
Bulletin Title	Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)
Executive Summary	This update resolves a vulnerability in Word that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	Office, Works. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-028
Bulletin Title	Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768)
Executive Summary	This update resolves a vulnerability in PowerPoint that could allow remote code execution.
Maximum Severity Rating	Critical
Impact of Vulnerability	Remote Code Execution
Affected Software	PowerPoint. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-029
Bulletin Title	Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)
Executive Summary	This update resolves a vulnerability in Outlook Web Access that could allow script execution. User interaction is required for an attacker to exploit this vulnerability.
Maximum Severity Rating	Important
Impact of Vulnerability	Remote Code Execution
Affected Software	Exchange. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-030
Bulletin Title	Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389)
Executive Summary	This update resolves several vulnerabilities in Windows. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Maximum Severity Rating	Important
Impact of Vulnerability	Elevation of Privilege
Affected Software	Windows. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-032
Bulletin Title	Vulnerability in TCP/IP Could Allow Remote Code Execution (917953)
Executive Summary	This update resolves a vulnerability in Windows. By default, the Routing and Remote Access Service is disabled on any affected operating system version.
Maximum Severity Rating	Important
Impact of Vulnerability	Remote Code Execution
Affected Software	Windows. For more information, see the Affected Software and Download Locations section.

Bulletin Identifier	Microsoft Security Bulletin MS06-031
Bulletin Title	Vulnerability in RPC Mutual Authentication Could Allow Spoofing (917736)
Executive Summary	This update resolves a vulnerability in Windows. A user would need to connect to a malicious RPC server for any spoofing to occur. An attacker would have no way to force users to connect to a malicious RPC server. Windows 2000 Service Pack 4 is the only affected version.
Maximum Severity Rating	Moderate
Impact of Vulnerability	Spoofing
Affected Software	Windows. For more information, see the Affected Software and Download Locations section.

Posted by Anonymous | with no comments

JD @ myITforum.com

This Blog

Syndication

Search

Tags

News

Navigation

Archives

Software, Tools, and Utilities

June 2006 - Posts

Voice Phishing

Microsoft Security Updates 13JUN06