Software

Patch now: MS10-002

Earlier today, Microsoft released the out-of-band (OOB) Microsoft Security Bulletin MS10-002 (rated “Critical”) to the public. The cumulative Security Update for Internet Explorer 978207 fixes a couple of serious issues which allow remote code execution through malicious HTML pages, vulnerabilities that are now known to have been used in the Google/Adobe hack.

The bulletin is available here:

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002

To patch, just use Windows Update.

In addition to that, Microsoft created a tool which will opt-in Internet Explorer to Data Execution Prevention (DEP), if your processor has this feature and the operating system is aware of it. DEP is a wonderful technology which makes it much harder for hackers to exploit vulnerabilities such as this one. We recommend that you check it out at:

http://support.microsoft.com/kb/978207

As usual, there are a few other fine alternatives to IE out there that you might want to try. I recommend Chrome (http://www.google.com/chrome), Firefox (http://www.getfirefox.com/) and Opera (http://www.opera.com/download/).

Patch now: MS10-002

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2021

The APT trends reports are based on our threat intelligence research and provide a representative snapshot of what we have discussed in greater detail in our private APT reports. This is our latest installment, focusing on activities that we observed during Q3 2021.

Lyceum group reborn

According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

Subscribe to our weekly e-mails

The hottest research right in your inbox