January 2011 Patch Tuesday Pre-release
This upcoming Tuesday Microsoft is releasing two bulletins addressing three vulnerabilities in Windows. Detailed information can be found in the advance notification bulletin.
- The first bulletin affects Windows Vista and has been classified as Important
- The second bulletin affects all supported versions of Windows and has an aggregate of Critical
Microsoft indicated it will not be releasing a fix for the vulnerability affecting Windows Graphics Rendering Engine (Security Advisory 2490606) or the vulnerability affecting Internet Explorer (Security Advisory 2488013).
[1] http://blogs.technet.com/b/msrc/archive/2011/01/06/advance-notification-service-for-the-january-2011-security-bulletin-release.aspx
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
PandaLabs 2010 Annual Report
According to PandaLabs 2010 Annual Report, "In 2010, have created and distributed one third of all viruses that exist. These means that 34% of all malware ever created has appeared -and been classified by our company- in the last twelve months." [1]
They have noticed a rise in malware distributed via popular social media like Facebook and Twitter as well as Linkedln and Fotolog. Activist attacks have been on the rise as well including coordinated DDoS against popular websites in support of Wikileaks. PandaLabs believe that most of the trends of 2010 will continue in 2011 including "[...] an increase in the threats to Mac users, new efforts to attack 64-bits systems and new zero-day exploits." [1]
[1] http://press.pandasecurity.com/wp-content/uploads/2010/05/PandaLabs-Annual-Report-2010.pdf
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Comments