Symantec Security Response has found a new threat that spreads through Renren.com, which is a very popular Social Networking Site in China ala Facebook. The threat comes in a form of a Flash video, which pretends to be a famous Pink Floyd promotional video clip "Wish you were here."
Viewing the Flash video results in concealed JavaScript being executed while the video is playing.
The video is hosted on a legitimate site. The threat exploits an authentication cookie of a currently logged-in user in order to send out the same link (for the Flash file) to users on the Friends list.
Hello and welcome to this month’s blog on the Microsoft patch releases. This is a fairly heavy month—the vendor is releasing nine bulletins covering a total of 19 vulnerabilities.
Fifteen of the issues are rated “Critical” and affect Active Template Library (ATL), Office Web Components, Remote Desktop Connection, WINS, and Windows AVI file handling. The ATL issues are a continuation of the vulnerabilities addressed in the out-of-band bulletins Microsoft released last month. The two WINS issues, primarily affecting Enterprise...
