Erez Benari's Blog
-
Microsoft Releases Security Advisory 2896666
Today we released Security Advisory 2896666 regarding an issue that affects customers using Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync. We are aware of targeted attacks, largely in the Middle East and South Asia. The current versions of Microsoft Windows and Office are not affected by this issue. The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment. If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user.
While we are actively working to develop a security update to address this issue, we encourage our customers concerned with the risk associated with this vulnerability, to deploy the following Fix it from the advisory: -
Updates: RAMMap v1.32, Sigcheck v2.01
RAMMap v1.32: This fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.
-
Upatre: Emerging Up(d)at(er) in the wild
The MMPC is constantly monitoring emerging threats that are impacting our customers the most.
-
System Center User Group: Netherlands – Update & Announcement
Greatness of a small country: Client, Data, and Cloud Management
-
New infection rate data for unprotected computers
In the previous Microsoft Security Intelligence Report, SIRv14, we introduced a new metric to measure the infection rate for computers protected with real-time antimalware software (protected computers) in comparison to computers that were not protected with up-to-date security software (unprotected computers). Using this new data, we wrote a feature story about the risks of running unprotected. Our customers told us that providing this data really helped measure the value of running real-time antimalware software. It clearly showed that security software can provide a significant contribution to a computer’s protection level.
-
Service Manager 2012 R2 – Fixes included
Thomas Ellermann posted a great breakdown on the updates in R2 for Service Manager 2012. The focus in R2 for Service Manager was to tackle some of the critical customer and MVP collected bugs. Service Managers R2 release saw no major performance improvements but we are targeting Console and Portal performance in the next update (UR) cycles. With that in mind a few of the R2 fixes are associated to improving console and workflow stability, and that can help a great deal with performance.
-
Infection rates and end of support for Windows XP
In the newly released Volume 15 of the Microsoft Security Intelligence Report (SIRv15), one of the key findings to surface relates to new insight on the Windows XP operating system as it inches toward end of support on April 8, 2014.
-
RSA Europe 2013: Operational Security for Online Services
By Mike Reavey, General Manager, Trustworthy Computing
-
New Security Intelligence Report, new data, new perspectives
Today, Microsoft released volume 15 of the Microsoft Security Intelligence Report (SIRv15). The report analyzes malware, exploits and more based on data from more than a billion systems worldwide and some of the Internet’s busiest online services.
-
Update: RAMMap v1.31
RAMMap v1.31: This update fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.