Microsoft has released security bulletin MS10-046 to address a critical vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for shortcut files. By convincing a user to display a specially crafted shortcut file, a remote attacker may be able to execute arbitrary code.

Network Logix strongly encourages users and administrators to review Microsoft security bulletin MS10-046 and apply any necessary updates to mitigate the risks.

Additional information regarding this vulnerability can be found in the following:

• Microsoft Security Bulletin MS10-046
• Microsoft Security Advisory 2286198
• US-CERT Current Activity Entry “Microsoft Windows .LNK Vulnerability“
• US-CERT Vulnerability Note VU#940193

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, and Visual Basic for Applications as part of the Microsoft Security Bulletin Summary for May 2010. These vulnerabilities may allow an attacker to execute arbitrary code.

Network Logix encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Microsoft has issued a Security Bulletin Advance Notification, indicating that its April release cycle will contain 11 bulletins. Five of them will have the severity rating of critical and will be for Microsoft Windows. The remaining six bulletins will have the severity rating of important or moderate and will be for Microsoft Windows, Office, and Exchange. Release of these bulletins is scheduled for Tuesday, April 13, 2010.

Network Logix will provide additional information as it becomes available.

In the past, Network Logix has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, Network Logix reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include the following: information that refers to a tax refund, warnings about unreported or under-reported income, offers to assist in filing for a refund, or details about fake e-file websites. These messages, which appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

At this time, Network Logix is aware of public reports indicating that there is active circulation of a tax season malware campaign. This malware campaign may be using malicious code commonly known as Zeus or Zbot.

Network Logix encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns:

• Do not follow unsolicited web links in email messages.
• Maintain up-to-date antivirus software.
• Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010.

Network Logix will provide additional information as it becomes available.

On January 21, 2010, Microsoft released the Out-of-Band Security Bulletin, MS10-002 (KB978207), which resolves one publically reported and seven privately reported vulnerabilities in Internet Explorer. The more severe vulnerabilities could allow Remote Code Execution, if a user views a specially designed webpage using Internet Explorer. This Security Update is rated Critical for all supported releases of Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7 and Internet Explorer 8.

This patch has been whitelisted by the NOC and will be installed on Servers and Desktops through our Automatic Patch deployment.  The patch will be deployed in the current patch cycle.  This patch requires a reboot for the patch to take effect.

For more information or to download the security patch, please browse to the webpage Microsoft Security Bulletin MS10-002 – Critical Cumulative Security Update for Internet Explorer (978207) http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx

Microsoft has issued a Security Bulletin Advance Notification indicating that its December release cycle will contain six bulletins, three of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Microsoft Office, and Internet Explorer. There will also be three important bulletins for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, December 8.

Network Logix will provide additional information as it becomes available.

Network Logix is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that these email messages are noted as having subject lines such as: “Governmental registration program on the H1N1 vaccination” and “Your personal vaccination profile.” Please note that subject lines may change at any time.

Network Logix encourages users to take the following precautions to help mitigate the risks:

• Install antivirus software, and keep the signature files up to date.
• Do not follow unsolicited links and do not open unsolicited email messages.
• Use caution when visiting untrusted websites.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering attacks.

Microsoft has issued a Security Bulletin Advance Notification indicating that its November release cycle will contain six bulletins, three of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows. There will also be three important bulletins for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, November 10.

Network Logix will provide additional information as it becomes available.

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release cycle will contain thirteen bulletins, eight of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, Office, Silverlight, SQL Server, Developer Tools, and Forefront. There will also be five important bulletins for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 13.

Network Logix will provide additional information as it becomes available.