Hardware 2.0 reports that a virus definition update for AVG 2011 Free edition seems to be causing problems for Windows 7 64-bit users
Threatpost reports that creators of some exploit kits are beginning to include less well-known, underground malware-checking services as part of their offerings to buyers of their kits
Threatpost reports that a new version of the GpCode ransomware popped up
PC World reports that a security firm claims a Windows kernel bug lets attackers evade Windows UAC security.
InformationWeek posted a news story that the Alureon malware has been updated to compromise Microsoft's 64-bit operating systems by defeating driver-signing security.
InformationWeek reports that a developer has released a free software development kit for a new Trojan horse considered to be similar to the Zeus banking Trojan
Threatpost reports that Adobe has released an emergency patch for several critical vulnerabilities in Adobe Reader, including the recent Adobe Flash bug and a separate flaw that was disclosed earlier this month
Threatpost posted a news story that the TDL4 rootkit bypasses the Windows code-signing protection
PC World reports that Trend Micro has released a tool that administrators can use to scan dozens of computers for Stuxnet
PC World posted a news story that BitDefender is warning about a new software spy that seeks and shares data.
Microsoft updated the following security bulletin:
- MS10-086 - Moderate: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255) - Version:1.1
- MS10-086 - Moderate: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255) - Version:1.1
Ars Technica reports that an exploit kit for Internet Explorer has been released
Microsoft published the following security bulletins:
- MS10-089 - Important: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074) - Version:1.0
- MS10-088 - Important: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386) - Version:1.0
- MS10-087 - Critical: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930) - Version:1.0
- MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) - Version:1.3
- MS10-089 - Important: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074) - Version:1.0
- MS10-088 - Important: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386) - Version:1.0
- MS10-087 - Critical: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930) - Version:1.0
- MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) - Version:1.3
PC World posted a news story that Malware spreads by taking advantage of the Windows AutoRun function in 1 out of 8 attacks, according to security software firm Avast.
Microsoft published the Microsoft Security Bulletin Advance Notification for November 2010
Microsoft published the following security bulletin updates:
- MS10-079 - Important: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) - Version:1.2
- MS10-070 - Important: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) - Version:2.2
- Microsoft Security Advisory (2458511): Vulnerability in Internet Explorer Could Allow Remote Code Execution
- MS10-079 - Important: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) - Version:1.2
- MS10-070 - Important: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) - Version:2.2
- Microsoft Security Advisory (2458511): Vulnerability in Internet Explorer Could Allow Remote Code Execution
PC World reports that Microsoft has issued a warning and guidance to guard against a newly-discovered exploit that impacts Internet Explorer 6, 7, and 8.
Thread Post reports that Mozilla is working on a patch for the recently disclosed critical bug in Firefox
Microsoft has published the following security bulletin update:
- MS10-077 - Critical: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) - Version:1.2
- MS10-077 - Critical: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) - Version:1.2
Microsoft updated the following security bulletin:
- MS10-085 - Important: Vulnerability in SChannel Could Allow Denial of Service (2207566) - Version:2.0
- MS10-085 - Important: Vulnerability in SChannel Could Allow Denial of Service (2207566) - Version:2.0
