Installed Update v9.33 for Adobe Reader. No Reboot for me but the patch is not complete?

On my desktop which is a dual-boot of Vista and 7, I downloaded and installed Adobe Reader v9.33 from ftp://ftp.adobe.com/pub/adobe/reader/win/9.x/9.3.3/misc/AdbeRdrUpd933_all_incr.msp.  No reboot is required after the install.  On the laptop, I decided to try installing v9.33 using Adobe Updater which notified me that an update is available:

 adobereaderupdater

I let it patch and there’s no reboot required as well after the install:

patching

But here’s the issue, a blog post that says its an incomplete fix or patch (Thanks to fellow CNET mod, Carol) because with the v9.33, an execution can still occur.  Someone (not sure if the comment is his own or as Google rep and no, I don’t follow any Twitter account, it was mentioned in another area where I don’t have to have Twitter/FB account) says Microsoft should learn from Adobe Security in patching.  I want to say "No one is perfect but such happens.. patch being patched or fix again and if Adobe will issue a fix again, they still need to learn from MS? They actually imitates how the patches of Adobe is released which is good but still, Adobe learned from MS on how to release patches to help the ITs in scheduling the patches to their 100s, if not 1000s of computers"

World cup threatens more than just your ears;Legitimate websites "outscore" the adult 99:1

Vuvuzelas and hearing problems are not the only issues that excited football fan can encounter at this year’s Football World Cup in South Africa. One month before the opening match between South Africa and Mexico the bad guys were already busy infecting popular related websites in anticipation of increased traffic. Compared to the same period last year, avast! identified a 200% increase in the number of infected web pages and successfully prevented 200 000 fans from visiting them and getting infected. The attached graph illustrates the dramatic increase in the number of infected websites. So, for the competition’s final stages, make sure you have not only good earplugs, but also good antivirus protection.

http://www.avast.com/pr-world-cup-threatens-more-than-just-your-ears

Legitimate websites "outscore" the adult 99:1

AVAST Software released a report today proving wrong the general "feeling" that it is the ‘dodgy’ and ‘adult‘ sites that are virus infected. "We are not recommending people to start searching for erotic content, not at all" says CTO Ondrej Vlcek "but the statistics are clear – for every infected adult domain we identify there are 99 others with perfectly legitimate content that are also infected".

In the UK for example, we see every day more infected domains containing the word "London" (such as the blog section of http://kensington-london-hotels.co.uk/) than any other domain containing the word "sex". The latest discovery of an infected site is the Vodafone UK website. This infection in the smart phones section shows how advanced the bad guys are at finding ways to deliver the malware to the internet users.

The infection of Vodafone, which was confirmed as still present on the morning of Monday 28th of June, 2010, is an HTML:Script-inf and it is an evolution of JS:illRedir and JS:ilIiframe exploits. This type of infection is widespread and accounts for 20% of all infected UK pages. The infection takes advantage of a two week old Microsoft Windows vulnerability. As Ondrej Vlcek explains "The problem is particularly bad because the CVE-2010-1885 vulnerability targets the most widely used version of Windows, and at the present time it is still un-patched. This means that even if a user is running a fully updated Windows XP SP3 with all the security patches, the user is still vulnerable."

http://www.avast.com/pr-legitimate-websites-outscore-the-adult

YouTube backs Flash over HTML5 – YouTube engineers still need Adobe Flash

In the ongoing debate over whether to use Flash or HTML5, Google has weighed in heavily in favor of using HTML5. The engineers at the Google-owned YouTube, however, still prefer Flash, if a company blog item posted Tuesday from the company is any indication.

"While HTML5’s video support enables us to bring most of the content and features of YouTube to computers and other devices that don’t support Flash Player, it does not yet meet all of our needs," said YouTube software engineer John Harding in the post. "Today, Adobe Flash provides the best platform for YouTube’s video distribution requirements."

In short, HTML5 still lacks many of the features needed for video presentation.

http://news.techworld.com/applications/3228802/youtube-backs-flash-over-html5/

FBI fails to decrypt suspect’s hard drives – after 12 months of trying‎

After 12 months of failed attempts to crack the encryption that protects information held on 5 hard drives that belong to a Brazilian banker suspected of money laundering, the FBI has returned the drives to the experts of the Brazilian National Institute of Criminology (INC).

The contents of the drives – protected by a combined use of TrueCrypt (free open-source full-disk encryption software) and an unnamed algorithm though to be base on the 256-bit AES standard – are still a mystery. Both the INC and the FBI tried for months to break the encryption by using various dictionary-based brute-force attacks, since there is no law in Brazil that could be used to compel the suspect banker or the TrueCrypt Foundation to give up the access codes to the discs.

http://www.net-security.org/secworld.php?id=9506

Group to examine cloud standards

OASIS Identity in the Cloud TC will develop profiles of open standards for identity deployment, provisioning and management

Last week I had the opportunity to participate in the "Cloudchasers" series of podcasts hosted by noted raconteur Mathew T. Grant. This one included Ajay Sharma, the product marketing manager for identity management at Novell, and myself talking about "Identity and the enterprise cloud."

One issue that came up, and which we mostly danced around, was the issue of standards. Now we all know that there are lots of standards in identity (SAML, WS-Federation, OpenID, CardSpace, etc.) but — so far — none are perfect for the cloud. Still, work is going on.

The Organization for the Advancement of Structured Information Standards (OASIS) has recently formed a technical committee (TC) to examine this issue, called the "Identity in the Cloud" TC.

Written by: Dave Kearns, Network World

Security glitch exposes WellPoint data again

WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer’s records.

The Indianapolis company said the problem stemmed from an online program customers can use to track the progress of their application for coverage. It was fixed in March.

Spokeswoman Cynthia Sanders said an outside vendor had upgraded the insurer’s application tracker last October and told the insurer all security measures were back in place.

But a California customer discovered that she could call up confidential information of other customers by manipulating Web addresses used in the program. Customers use a Web site and password to track their applications.

WellPoint learned about the problem when the customer filed a lawsuit about it against the company in March.

"Within 12 hours of knowing the problem existed, we fixed it," said Sanders, who declined to identify the outside vendor.

http://news.yahoo.com/s/ap/20100629/ap_on_bi_ge/us_wellpoint_security_breach

Online Armor sold to EmsiSoft

Mike Nash wrote today in his blog that he sold Online Armor Firewall to EmsiSoft, the maker of EmsiSoft Anti-Malware which is formerly known as A-squared Anti-Malware.  He also provided some information about the decision of selling the popular software firewall and why he chose EmsiSoft.

Read more about it in http://onlinearmorpersonalfirewall.blogspot.com/2010/06/online-armor-sold-to-emsisoft.html

To Mike:  Thank you for being part of the security community.  I’m sure you will still be around to.. you know, be informed and to interact to people you’ve met. You’ll be missed for sure if you won’t be around the forums you enjoy visiting! and thanks for the free firewall that many users are enjoying without having to deal with unneeded toolbar during the install process. 

Congratulations to Christian of EmsiSoft on your new acquisition. martini

Divorce lawyers: Facebook tops in online evidence

heart_broken  heart_broken heart_broken

Oversharing on social networks has led to an overabundance of evidence in divorce cases. The American Academy of Matrimonial Lawyers says 81 percent of its members have used or faced evidence plucked from Facebook, MySpace, Twitter and other social networking sites, including YouTube and LinkedIn, over the last five years.

"Oh, I’ve had some fun ones," said Linda Lea Viken, president-elect of the 1,600-member group. "It’s very, very common in my new cases."

Facebook is the unrivaled leader for turning virtual reality into real-life divorce drama, Viken said. Sixty-six percent of the lawyers surveyed cited Facebook foibles as the source of online evidence, she said. MySpace followed with 15 percent, followed by Twitter at 5 percent.

http://news.yahoo.com/s/ap/20100628/ap_on_hi_te/us_fea_lifestyles_facebook_divorce

Notorious Kraken botnet rises from the ashes

With help from Eboc gang

The Kraken botnet, believed by many to be the single biggest zombie network until it was dismantled last year, is staging a comeback that has claimed almost 320,000 PCs, a security researcher said.

Since April, this son-of-Kraken botnet has infected an estimated 318,058 machines – about half as big as the original Kraken was at its height in the middle of 2008, according to Paul Royal, a research scientist at the Georgia Tech Information Security Center.

Like its predecessor, the new botnet is a prodigious generator of spam, with a single machine with average bandwidth able to send more than 600,000 junk mails per hour.  Curiously, the malware spawning the new zombie network is being spread by a separate botnet that uses the Butterfly framework, a for-hire software kit for infecting Windows PCs. The collaboration between operators of the two networks is generating some head-scratching among researchers. […]

The group performing the mass installations has been dubbed Eboc because that’s the user name they use to sign into a copy-protection system designed to curb the pirating of the botnet software according to Pedro Bustamante, a senior research advisor at anti-virus provider Panda Security. To evade detection, they use as many as 1,200 unique malware variants. One widely used strain was flagged by just 50 per cent of AV last week, according to this VirusTotal analysis.

http://www.theregister.co.uk/2010/06/29/kraken_botnet_resurgence/

Save the last dance…for Adware

From Sunbelt Blog:

Not so long ago, I wrote about something called the Tango Toolbar. While digging around for more information, I actually came across another toolbar called “Tango” which is entirely unrelated (this one is about the dance, not…er…whatever the other one was about) yet also manages to raise some red flags:

tangocnet0_thumb[1]

Turns out it was a file on Download.com [..]

It’s been available since 2006. Here’s a VirusTotal report from the 18th of June, with 21/41 vendors flagging it. Here’s an updated report from the 20th, and now 34 vendors are saying “Boom, headshot”. If you want to get into the technical side of things, a ThreatExpert summary from the 6th can be found here. […]

I reported this on the 20th, and they took it offline the next day while mentioning their Product Management Team would “temporarily remove the product from our library and notify the publisher of the problem”. My support ticket is now flagged as “Solved” and the download is still MIA, so I’m guessing that’s the last dance for the Tango Toolbar.

http://sunbeltblog.blogspot.com/2010/06/save-last-dancefor-adware.html