Gladiator Research and Security

GSA Reference Number: AD100331-01

Microsoft has a released a security update that patches 10 reported vulnerabilities in Internet Explorer.  The reported vulnerabilities could potentially allow attackers to execute remote code by tricking users into viewing specially-crafted web pages.  This security update is rated Critical for all releases of Internet Explorer and it is highly recommended that all users apply the patch immediately.  The Microsoft bulletin can be found here, and the update can be applied through Windows Update.

Microsoft has announced two new patches today to fix vulnerabilities that could allow remote code execution.  Both patches are rated Important by Microsoft and affect Microsoft Windows and Microsoft Office.  Gladiator recommends that users immediately apply the Microsoft Office Excel patch. Detailed information for the patches can be found in Microsoft’s March Security Bulletin. 

GSA Reference Number: AD100302-01

Simply Put: A new Internet Explorer remote code execution exploit has been released.  This vulnerability affects Internet Explorer 6, 7, and 8 running on Windows 2000, Windows XP, and Windows Server 2003.  This vulnerability uses VBScript and Windows Help files to force a victim machine to run remote code.  In order to trigger this vulnerability, a user would have to hit the F1 key while visiting a malicious website.

GSA Reference Number: AD100217-01

Simply Put: Cisco has released an advisory for multiple vulnerabilities with Cisco ASA 5500 devices.  This advisory identifies six new denial of service vulnerabilities and one new authentication bypass vulnerability.  An update from Cisco is available to address these issues and should be applied as soon as possible.  Gladiator will be testing this update for compatibility and stability and will then notify affected clients if an update is necessary.

Microsoft has announced 13 new patches for its February release. One vulnerability causing an elevation of privileges, fixed by MS10-015 and rated Important by Microsoft, already has exploit code available.  Five patches are rated Critical, seven are rated Important, and one is rated Moderate.  Gladiator recommends that users immediately apply all critical updates. Detailed information for these patches can be found in Microsoft’s February Security Bulletin. 

GSA Reference Number: AD100205-01

Simply Put: Gladiator has been alerted to an increased number of phishing scams trying to trick users into installing Zeus Trojans.  These emails are sent using spoofed sender addresses, generally pretending to be from government sources such as the NSA or Pentagon.  The emails also contain text that could  reasonably appear to be from the supposed sender, such as a government advisory or alert.

GSA Reference Number: AD100203-01

Simply Put: A new Internet Explorer (IE) information disclosure vulnerability has been announced by Microsoft.  This vulnerability could allow an attacker to access files in known locations on the victim’s system. For now, no widespread worms or exploit packs are currently using this vulnerability, and Microsoft has stated that they do not know of any attacks currently taking advantage of this vulnerability.  This vulnerability does not affect Internet Explorer running in Protected Mode, which is the default setting on Windows Vista, Windows Server 2008, or Windows 7.  This mode is not available in Windows XP.  A patch has not yet been released by Microsoft.