Microsoft has issued three critical and three important updates that address several vulnerabilities in Windows and Office.

The 3 critical updates are:

• MS09-071: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if messages received by the Internet Authentication Service server are copied incorrectly into memory when handling PEAP authentication attempts. On Windows Server 2008, the Internet Authentication Service is replaced by Network Policy Server (NPS). An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system. Servers using Internet Authentication Service or Network Policy Server are only affected when using PEAP with MS-CHAP v2 authentication.
• MS09-072: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. An ActiveX control built with Microsoft Active Template Library (ATL) headers could also allow remote code execution; this vulnerability has been described in Microsoft Security Advisory 973882 and Microsoft Security Bulletin MS09-035.
• MS09-074: This security update resolves a privately reported vulnerability in Microsoft Office Project. The vulnerability could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The three important updates are:

• MS09-069: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a remote, authenticated attacker, while communicating through Internet Protocol security (IPsec), sends a specially crafted ISAKMP message to the Local Security Authority Subsystem Service (LSASS) on an affected system.
• MS09-070: This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow remote code execution if an attacker sent a specially crafted HTTP request to an ADFS-enabled Web server. An attacker would need to be an authenticated user in order to exploit either of these vulnerabilities.
• MS09-073: This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office Word. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.Office.

For more details please visit:
Microsoft Security Bulletin Summary for December 2009

Security updates available for Adobe Flash Player

Platform: All Platforms

Summary

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 10.0.32.18 and earlier versions update to Adobe Flash Player 10.0.42.34. Adobe recommends users of Adobe AIR version 1.5.2 and earlier versions update to Adobe AIR 1.5.3.
Affected software versions

Adobe Flash Player 10.0.32.18 and earlier versions
Adobe AIR 1.5.2 and earlier versions

To verify the Adobe Flash Player version number installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
Solution

Adobe Flash Player
Adobe recommends all users of Adobe Flash Player 10.0.32.18 and earlier versions upgrade to the newest version 10.0.42.34 by downloading it from the Flash Player Download Center or by using the auto-update mechanism within the product when prompted.

Adobe AIR
Adobe recommends all users of Adobe AIR version 1.5.2 and earlier update to the newest version 1.5.3 by downloading it from the Adobe AIR Download Center.

Severity rating

Adobe categorizes these as critical issues and recommends affected users update their installations to the newest versions.

Glenn Beck: Cars.gov allows government to takeover your computer.

“This application provides access to the DoT CARS system. When logged on to the CARS system, your computer is considered a Federal computer system and is the property of the U.S. Government.”

DO NOT GO TO THE CARS.GOV WEBSITE!

Darlena Taylor-Bonds, who writes for the Examiner in Detroit, reports on a Facebook I.Q. Scam.

You may have already seen the pop-up add that looks something like this:

“Your friend Matt took a test and got a 135. Can you beat him?”

Darlena reports:

“You have to enter your cell phone number. Worse, the users couldn’t get it to work properly so they entered their number two more times. Bad Idea! When their phone bills arrived, it’s discovered they had subscribed to three different cell phone texting services, for a total of $44 a month!”

You can find Darlena’s full article here:

Facebook IQ quiz found to be scam

There is another attack on Facebook users today. If you receive a message from a Facebook friend with links to Ligromind [dot] com or Killselfz [dot] com, delete the message immediately. Do not click on the links.

Pete Cashmore from Mashable is reporting that some Facebook users are receiving messages with links to goldbase.be and other .be websites with the subject line of “Look at This”.

DO NOT click the links to any of these sites:

goldbase.be
greenbuddy.be
silvertag.be
picoband.be

According to Mashable, if you receive any of these Facebook messages you should delete the message, clear your browser cookies, change your Facebook password and verify that your antivirus software is up to date and run a full system scan.

Also, help spread the word by warning your Facebook friends.

Thanks for the information Pete.

Practice safe computing.

There is a new phishing scam is hitting Facebook users today. Facebook users receive a message from a friend that directs them to a site with an official looking Facebook login. When users login, the site captures the email and password, uploads malware to the computer, and then sends a similar message to all of the user’s friends.

The message has a subject line of “Hello” and a prompt to check out “areps.at”, “brunga.at” or other sites ending in “.at”.

Do NOT click on the link. Delete the message. If you have received the message from a friend, let them know that their Facebook account and computer have been compromised.

Practice safe computing.