Microsoft Certified Small Business Specialist

Be warned of a very authentic looking email claiming to be from Microsoft saying you need to install an update patch for Outlook. Microsoft DOES NOT send out such notices. Do not click links in emails just because they look valid. Below is a copy of the email:

Microsoft has announced it will no longer be selling MS Money.

http://www.microsoft.com/money/default.mspx

Read that post carefully because it has something in it that I think is going to be an issue in the near future with XP. Even if you own MS Money they will not activate it after January 31,  2011. Intuit already does this with QuickBooks in that they will not activate unsupported versions. I am very curious to see what happens when millions of people who own a valid license to a software application or OS can no longer reinstall it because the vendor won’t support activation.

Finally something worth listening to coming from the Government. This is from the Internet Crime Complaint Center (IC3) which a joint office of the enforcement of the FBI and the outside non-enforcement of folks like the National White Collar Crime Center (NW3C).

• Do you visit websites by clicking on links within an email?
• Do you reply to emails from companies or persons you are not familiar with?
• Have you received packages to hold or ship to someone you met on the Internet?
• Have you been asked to cash checks and wire funds to an employer you met online?
• Would you cash checks or money orders received through an online transaction without first confirming their legitimacy?
• Would you provide your personal/banking information as a result of an email notification?

So if you read my post way back in January and even earlier post you would already have known what Microsoft released as "news" today.

Zero Day Vulnerability in Microsoft DirectX 9

Severity: High

28 May, 2009

Summary:

§ This vulnerability affects: Microsoft DirectX 9.0 and earlier versions (does not affect DirectX 10)  

§ How an attacker exploits it: By enticing your users into downloading and playing a malicious Quicktime movie, or into visiting a malicious web page

§ Impact: An attacker can execute code on your computer, potentially gaining control of it

§ What to do: Implement the workarounds described in the Solution Path section of this alert

Exposure:

Today, Microsoft released a security advisory warning of a serious unpatched DirectX vulnerability, which attackers have already begun exploiting on the Internet. The vulnerability affects DirectX 9.0 (and earlier versions) running on Windows 2000, XP and Server 2003 computers. It does not seem to affect DirectX 10 running on Windows Vista or Server 2008 computers.

Since Microsoft just learned about this flaw, they don't describe it in much technical detail. They only say the flaw involves the way DirectShow (a component of DirectX) handles specially crafted Quicktime files. However, the advisory does tell how attackers can leverage the flaw. By enticing one of your users into downloading and opening a malicious Quicktime movie, or into visiting a malicious web page, an attacker can exploit this vulnerability to execute code on a victim's computer, inheriting that user's level of privileges and permissions. If your user has local administrative privileges, the attacker gains full control of the user's machine. 

With attackers actively exploiting this vulnerability in the wild, it poses a significant threat to Windows 2000, XP, and Server 2003 users. We recommend you implement the workarounds described below to mitigate the risk of this dangerous zero day attack.

Solution Path:

Microsoft has not had time to release a full patch for this zero day vulnerability. However, they have released a "Fix it" workaround that will disable DirectX's ability to handle Quicktime files. If you don't mind disabling Quicktime file handling in Windows, we recommend you apply this "Fix it" workaround until Microsoft releases their final patch. The workarounds described below can also help mitigate the risk of this zero day vulnerability:

1. Inform your users of this vulnerability. Advise them to remain wary of unsolicited Quicktime (.mov) movies. If they don't absolutely need to view a Quicktime movie, and don't fully trust the entity it came from, they should avoid watching it until Microsoft releases a patch.

2. Use up-to-date antivirus (AV) software. AV companies are sure to release signatures that detect these malicious Quicktime files. Make sure to update your AV regularly.

3. Use a gateway device, like your Firebox, to block Quicktime files. If your users can't download Quicktime files, this exploit won't affect them. Unfortunately, doing this blocks legitimate Quicktime files as well. Nonetheless, depending on your business needs, you may still consider blocking Quicktime files until Microsoft releases a patch.

We will update this alert when Microsoft releases a patch.

Courtesy of WatchGuard