Internet Explorer Information Disclosure Vulnerability
GSA Reference Number: AD100203-01
Simply Put: A new Internet Explorer (IE) information disclosure vulnerability has been announced by Microsoft. This vulnerability could allow an attacker to access files in known locations on the victim’s system. For now, no widespread worms or exploit packs are currently using this vulnerability, and Microsoft has stated that they do not know of any attacks currently taking advantage of this vulnerability. This vulnerability does not affect Internet Explorer running in Protected Mode, which is the default setting on Windows Vista, Windows Server 2008, or Windows 7. This mode is not available in Windows XP. A patch has not yet been released by Microsoft. 
Google Job Application Phishing Email
GSA Reference Number: AD100201-01
Simply Put: A fraudulent email is currently circulating that appears to be from Google in response to a job application. The email scam informs recipients that their application has been received and that it is attached in a zip file. The zip file contains a malicious executable that is identified as a Trojan downloader.
Internet Explorer Out-of-Band Patch Released
GSA Reference Number: AD100121-01
Previous GSA Reference Number: AD100119-01
Simply Put: Microsoft has released an out-of-band patch for the Internet Explorer remote code execution exploit referenced above as well as for other security vulnerabilities. There is evidence that this exploit is being used in limited, targeted attacks on the Internet. For now, no widespread worms or exploit packs are currently using this vulnerability. The Microsoft bulletin can be found here, and the update can be downloaded through Windows Update.
Previous Articles
Gladiator Research and Security
This site is here to provide security related information and articles to better protect your financial institutions. We'll be posting advisories, blog entries and trends often so be sure to check back weekly.