MS Word users warned of ongoing attacks exploiting unpatched bug

Microsoft warns Word users of ongoing attacks exploiting unpatched bug – Computerworld

Biggest worry, says expert, is that exploits are triggered just by previewing malicious messages in Outlook 2007, 2010 and 2013

Microsoft today warned users of Word 2010 that in-the-wild attacks are exploiting an unpatched vulnerability in the software.

The company also published an automated tool to protect customers until it issues a patch.

An attacker could cause remote code execution if someone was convinced to open a specially-crafted Rich Text Format (RTF) file or a specially-crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer,” said Dustin Childs, group manager and spokesman for Microsoft’s Trustworthy Computing group in a blog Monday.

BOLD in the quote is mine.

Microsoft put out a Security Advisory 2953095 as Corrine noted on her Security Garden Blog including Fix it buttons for enabling and disabling reading email messages in plain text format.

This is one of the things for which both Microsoft in Outlook and Apple in Mail have massively fallen down on the job. This would not be happening if you could easily toggle various view options such as HTML or Plain Text for reading emails, as well as allowing and disallowing images inline.

This is something that I am very thankful that Mozilla Thunderbird got right from the very beginning. Mozilla Thunderbird gives very granular control regarding the various ways to Display email messages such as in PLAIN TEXT, SIMPLE HTML (simple html with javascripting disabled), or ORIGINAL HTML.

You also have control over how images are displayed or not in several ways and differentiating between attached images and remote images.

You can also close to enable do not track in emails. There are Security Add-ons like Adblock PlusEnigmail (OpenPGP), more. As well as lots of specialized Add=ons. One of these that I like is QuickText and a few others. It works on Windows, Mac and Linux.

There is also a pay to play $9.95 I think, but also has a free trial. It was originally for Macs and now there is a Windows version as well. It was created by the original developers of Thunderbird called Postbox. It has some but not all the Add-ons that Thunderbird has.

/rant on

I am not saying everyone should move to Mozilla Thunderbird. What I am saying is that Microsoft Outlook and Apple Mail should give their users these types of granular control so people can choose how they wish emails to be viewed. Both do some things but they stop way short of what is really needed in this day and age with emails.

HTML is like a venetian blind. It hides what is behind it. You can’t see what is behind all that HTML. You can’t decide to see HTML only if you trust the email after viewing what is in that email. This makes it way too easy for phishing emails to look like your bank, PayPal, your credit card company, etc. It also allows companies to track you with web beacons, transparent gif images and other remotely loaded images so they know if and when you view their email.

Something needs to be done about all this. Mozilla Thunderbird makes it so easy for folks to be able to toggle images so they can’t track you, use SIMPLE HTML to keep the ‘form’ of an email message without the more dangerous javascripting. Or allows you to totally view the email in plain text so you can see that that link that appears to be going to your bank actually goes to some strange URL that has nothing to do with your bank or a store you may or may not do business with.

People need these tools. Some may or may not realize it, but they really do.

I have heard so many people say that the email look just like it was from their bank and they fell for it. Or a store they frequent and gave up their login credentials by clicking on the link rather than going to the website because it looked like it was the store’s promotion.

Sure, no one should click on links in email, but if it looks legit, many do. Sure, if you like something in a promotion for a store, it might be better to just go to the store’s website but some stores really don’t have a page on their website that is clickable to get you there, unless you click on the link in an email. Also, the links are often obfuscated by third party trackers and campaign tracking sites, etc. This all makes life very difficult for email users to know what’s good and what’s not.

OK, I will get off my soap box now.

/rant off

 

Advertisements

BleepingComputer Mac Rogue Remover Tool

[tweetmeme source=”franscomputerservices” only_single=false]Introducing the BleepingComputer Mac Rogue Remover Tool (BleepingComputer Forums)

BleepingComputer has been a great source for Windows users since 2005 for removal instructions and removal tools for rogue anti-spyware programs. They have helped so many! I often find myself doing research at their site.

In keeping with their past dedication and commitment in helping Windows users get rid of this malware plague with removal guides and removal tools, they have also started posting removal instructions for Mac Defender, Mac Security, Mac Protector, and even the new more nasty MacGuard which doesn’t need a password to install like the others that was just released into the wild (at least if you are using Safari configured to Open “safe” files after downloading).

Grinler, an Admin at BleepingComputer forums posted an excellent summary of the history of these rogue anti-spyware programs on Windows PCs, and now on the Mac. This summary is also where you can find the updated removal guides and Mac Rogue Remover Tool.

Currently, BleepingComputer’s Mac Rogue Remover Tool will remove the following:

Mac SecurityMac Security Removal Guide
Mac DefenderMac Defender Removal Guide
Mac ProtectorMac Protector Removal Guide
Mac GuardMac Guard Removal Guide

If you have any questions on these guides and tools, Grinler ask that you post in their forums here.

Thanks to Corrine (Security Garden) for posting this information at Scot’s Newsletter Forums.

New Flash Player Zero Day

[tweetmeme source=”franscomputerservices” only_single=false]ZDNet reports, Adobe warns of new Flash Player zero-day attack:

Hackers are embedding malicious Flash Player files in Microsoft Word documents to launch targeted attacks against select businesses, according to a warning from Adobe.

These are being used to steal secrets from corporations, likely through downloaded and emailed MS Word documents such as Excel.

Adobe is working on patches for Flash 10.2.x and for earlier versions as well, for just about every OS out there.

Adobe Reader X protected mode will “prevent an exploit of this kind from executing.” The actual fix won’t come till their normal patch cycle in June for Adobe Reader. So be sure to get the latest version (Adobe Reader X)!

Much more in the article including information and links to Adobe’s security release.

Scot’s Newsletter Forums Celebrating their 8th Year!

[tweetmeme source=”franscomputerservices” only_single=false]Hard to believe that it has been 8 years since Scot Finnie — who is now the Editor in Chief of Computerworld — started a little experimental forum, Scot’s Newsletter Forums! Eight years later, it is still going strong.

I remember when the forums first started. Many of us were there from the beginning, or very nearly so. We were subscribers of Scot’s Newsletter when Scot announced to his subscribers.

I had been reading Scot Finnie’s articles since the old, now defunct WinMag days, and was saddened when they no longer published it. I lost track of Scot Finnie and a host of other writers for a time. I was very excited to hear about Scot Finnie and others who used to write for WinMag going on to have their own online/email newsletters and websites and finding them all over the place on the Internet.

The Scot’s Newsletter Forums has turned out to be a great place to gather, and help each other with various computer related issues, problems.

It’s a place where we SNF (Scot’s Newsletter Forums) “Highlanders” share our joys of success, and get help and understanding for our computer woes, and we have gained a level of friendship and community that is quite special, even among forums. I know that the SNF community literally reached out after the devastation of Hurricane Isabel, and physically and monetarily, as well as just emotional encouragement, helped us fix our roof — And I do mean physically. Some of the members who lived ‘near by’ actually traveled to our house with tools, materials and a willing spirit to help us put our roof back together. For those that wanted to help, but couldn’t come, they helped with providing funds to buy materials. It was a great blessing to us! And showed that even an Internet based community can be as real as any other community of neighbors, friends and family.

And all this while we work together with our various operating system situations whether it be Windows (ATW), Mac (ATM), and Linux (BATL) and other areas.

To help us celebrate the 8th year of Scot’s Newsletter Forums, ESET and WinPatrol have teamed up to help make the celebration all the more special by offering licenses to their great products in two different contests!

We really appreciate their generosity!!

Check out Corrine’s Security Garden posting about SNF 8th Anniversary as well; with even more information.

Happy 8th Anniversary Scot’s Newsletter Forums! It has been a wonderful thing to be a part of such a great ‘experiment’. 🙂

Java 6 Update 24 Plugs 21 Securty Holes

[tweetmeme source=”franscomputerservices” only_single=false]Java 6 Update 24 Plugs 21 Securty Holes (Krebs On Security)

A new version of Java fixes at least 21 security flaws in the widely-distributed software bundle. Updates are available for Windows, Linux and Solaris users.

Windows users that have Java installed should update as soon as possible. Usually Windows users will see the orange Java update icon in the System Tray (by the clock in the lower right side). When the Java update icon is presented, click on it and follow instructions. Be sure to unclick extra installs for Google Chrome, toolbars, etc. if you don’t want them.

If you haven’t been presented with the Java update icon, go to the Java.com site to download the Java update for Windows.

If you use a Mac, you will have to wait till Apple does the update and hope they do it quickly. Soon Mac users will also be updating through the Oracle Java website like Windows, Linux and Solaris users do now. But not yet.

Microsoft Office for Mac 2011 and it has Outlook

[tweetmeme source=”franscomputerservices” only_single=false]PCMag has a great review of Microsoft Office for Mac 2011:

PROS: Fast, flexible office application suite. Most powerful Mac office software. Highly compatible with Office for Windows. Well-integrated with OS X. Visual Basic for Applications recorded and programmed macros fully supported. Newly-designed Outlook replaces Entourage as mail/calendar/contact app.

CONS: No calendar synching with iCal. Outlook won’t synch with or retrieve mail from Exchange Server 2003 or earlier.

BOTTOM LINE: Office for the Mac roars back with fast, powerful application suite the best of its kind for the OS X platform.

Outlook returns to make moving between Windows and Mac easier for email.

However, it might still be dicey for those moving from Entourage to Outlook on the Mac, unless Microsoft has, for once, thought through the upgrade from Entourage to Outlook — unlike they did when they moved from Outlook to Entourage on the Mac years ago.

For those who have made the move from Outlook Express on Windows XP to Outlook on Windows 7 — you will remember that Microsoft did away with Outlook Express in favor of Windows Live Mail. So there was no straight path to Outlook if you prefer to move to Outlook instead of the cra… Windows Live Mail (unless you moved to Windows 7 before your Windows XP computer died). It is a three step process: copy the entire Identity folder from Application Data, and export the .wab addressbook to an external hard drive…

Or if your computer is still working properly, without any suspected malware or corruption, so you don’t bring any oddities or unwelcome visitors with you from your Windows XP, you may be able to use “Files and Settings Transfer Wizard” to get to Windows Live Mail when you go from Windows XP with Outlook Express.

But then you must still export from Windows Live Mail to Exchange (which really means Outlook OR Exchange) after you have added an email address to your new Outlook account.

Then you have to import the .wab file into Windows Live Mail, and export it as a .csv file to import into Contacts in Outlook.

Works great, but it can take some time if you have a lot of folders in your Outlook Express, but at least it can be done. Much harder than moving from Outlook to Outlook on a new Windows 7 computer, or even a Mac now, where you take your backup of your .pst file and import it into Outlook after creating an email account.

Anyway, the reason I mention the difficulties with moving from Outlook Express to Apple Mail or Outlook (or Entourage — now that’s a real nightmare), is that for some reason, Microsoft has seemed to always leave people with no clear, easy way when moving from one of their own email clients, to another of even their own email client on the Mac (at that time Entourage). So moving from Outlook on Windows to Outlook on the Mac will be a breeze, by comparison, as long as you get Microsoft Office for Mac 2011 with your new Mac.

Some clients have been waiting to move to the Mac until Microsoft came out with Microsoft Office for Mac 2011 for this very reason.

So if you are looking at moving to a Mac, and you use Outlook on Windows XP, now might be a good time to do that. If you are on Windows XP using Outlook, and moving to Windows 7, again, this is a good time to go that route too.

If you are using Outlook Express on Windows XP, now would be a good time to start thinking of moving to Outlook to make your move to Windows 7 or a Mac easier.

UPDATE: Mr. Anderson has installed Microsoft Office for Mac 2011 and has a huge 4GB Entourage database that was successfully imported to the new Outlook in the package.