Security Watch

Security Watch

MS Excel Vulnerabilities
The Problem
After studying reported problems, Microsoft has admitted that a vulnerability in MS Excel could allow remote execution of harmful code. As per the official release by Microsoft, an attacker could take complete control of a system by successfully exploiting these vulnerabilities, through a specially crafted Excel sheet. Once, the attacker manages to send the corrupted file to the intended prey, he/she can install programs, create new accounts with full user rights or even view or modify data on the system. This security update is labelled as Critical for Microsoft Office Excel 2000 SP 3 and rated Important for subsequent versions of Excel.
The Solution
Patches specific to the version of MS Excel are available on Microsoft’s Web site. Go to http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx and download the patch available according to the MS Excel version you are using. If you do not find your version, chances are that you are not affected.



Vulnerabilities in Flash Player
The problem
Adobe recently found critical vulnerabilities in Adobe Flash Player version 9.0.115.0 and 8.0.39.0 and previous versions. If Web sites carrying malware in an SWF file, e-mails or links leading to SWF source files are accessed, then it invites the arbitrarily malicious code to reside on the computer and run remotely.
Solution
Similar to Adobe Reader and Acrobat, vulnerabilities in Adobe products are announced with a solution by Adobe. Well, that’s all secondary—what you need to do is to download and install the latest version of Adobe Flash Player from http://lin.cr/ac. The player must be updated to the latest version 9.0.124.0 either by fresh download or using auto-update. With this update, the potential issues of DNS rebinding attack can be mitigated. The code parameters for the cross-domain policy will be updated from ‘always’ to ‘sameDomain’ for all SWF players from version 7 and earlier. Thus, the process of cross-domain policy files becomes stricter.


Adobe Reader might be infected
The Problem
According to iDefense Labs, in January banner ads have actively been delivering malicious files, and Adobe’s Reader and Acrobat services might have been the prime target of malicious code. Symantec’s security experts have commented that the banners might’ve redirected the users to potentially harmful Web sites by these files. On opening these files, the Zonebac Trojan gets installed on to the system. This trojan, then disables the system’s antivirus software and downloads additional malware. So banner ads can be dangerous, since the hacker might’ve corrupted them with malicious code by exploiting Adobe’s Flash technology.
The Solution
Adobe has issued patches by addressing the vulnerabilities as critical. Update to version 8.1.2 to prevent any malicious code from adversely affecting them. The update is available at http://tinyurl.com/28z9qs. Avoid clicking banner ads and do not open any PDF documents if you’re not sure about its authenticity.