Microsoft Statement Regarding Download.Ject Malicious Code Security Issue

Grok Headline matches for Microsoft Statement Regarding Download.Ject Malicious Code Security Issue

Microsoft Statement Regarding
Configuration Change to Windows in
Response to Download.Ject Security Issue

Microsoft Statement Regarding
Configuration Change to Windows in
Response to Download.Ject Security Issue 07/02/2004 01:21 PM
This configuration change to the Windows XP, Windows Server 2003 and Windows 2000 operating systems improves system resiliency to protect against the Download.Ject attack.

Download.Ject Patch Coming From
Microsoft Next Week

Download.Ject Patch Coming From
Microsoft Next Week 07/29/2004 11:49 AM
The Redmondians are promising to deliver next week an Internet Explorer patch for the Download.Ject exploits that hit Windows users in June.

Malicious Code Aimed at Microsoft
Windows CE Surfaces (NewsFactor)

Malicious Code Aimed at Microsoft
Windows CE Surfaces (NewsFactor) 07/20/2004 04:37 PM
NewsFactor - Antivirus companies are reporting that the first malicious code designed for Microsoft (Nasdaq: MSFT) Windows CE has surfaced courtesy of the same proof-of-concept hacker group, 29A VX, that developed the Cabir virus.

Download.Ject: What You Should Know

Download.Ject: What You Should Know 06/25/2004 03:14 PM
Microsoft teams are investigating a report of a security issue affecting customers using Microsoft Internet Information Services 5.0 (IIS) and Microsoft Internet Explorer, components of Windows.

What You Should Know About Download.Ject

What You Should Know About Download.Ject 06/25/2004 03:53 PM

Beware of Download .Ject

Beware of Download .Ject 06/25/2004 03:50 PM
Malicious code planted on some very highly-trafficked Web is plaguing Internet Explorer users across the Web.

New Download.Ject worm

New Download.Ject worm 08/20/2004 07:55 PM

Direct and Related Links for 'New Download.Ject worm'

From the PivX [Unpatched] newsletter: “PivX Labs has discovered a new Download.Ject worm that is currently spreading in the wild. Our investigation is still unfolding as this happened just 2 hours ago [on Thursday]….

IE Download.Ject Exploit Fixed

IE Download.Ject Exploit Fixed 07/02/2004 12:57 PM

Statement to the Media Regarding
Microsoft Source Code Leak

Statement to the Media Regarding
Microsoft Source Code Leak 02/14/2004 09:21 AM
Mainsoft has issued the following statement regarding the Microsoft Windows source code leak:

New Download.Ject worm variant appears

New Download.Ject worm variant appears 08/20/2004 04:36 PM
A new version of the Download.ject worm has begun spreading on the Internet, according to security firm PivX.

Download.Ject-style worm spreads via IM

Download.Ject-style worm spreads via IM 08/20/2004 12:24 PM
Unpatched Windows PCs at risk. Again

Statement from Microsoft Regarding
Illegal Posting of Windows Source Code

Statement from Microsoft Regarding
Illegal Posting of Windows Source Code 02/12/2004 11:41 PM
On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. It’s illegal for third parties to post Microsoft source code, and we take such activity very seriously.

New Download.Ject Attack Can't Penetrate
SP2-Patched Machines

New Download.Ject Attack Can't Penetrate
SP2-Patched Machines 08/20/2004 01:01 PM
While the new version of Download.Jectthat is making the rounds can compromise fully-patched Windows XP machines, systems running Microsoft's new Windows XP Service Pack 2 are not affected

CyberGuard's Webwasher Prevents
Microsoft JPEG Exploit; Content
Management Products Filter Files for
Malicious Code Regardless of File
Extension

CyberGuard's Webwasher Prevents
Microsoft JPEG Exploit; Content
Management Products Filter Files for
Malicious Code Regardless of File
Extension 09/21/2004 10:36 AM

Malware: Fighting Malicious Code

Malware: Fighting Malicious Code 06/11/2004 06:33 AM
A comprehensive guide for defending against viruses, worms, rrotkits and more.

Malicious code distributed via bl0gs

Malicious code distributed via bl0gs 04/14/2005 01:42 PM
Computer Weekly Apr 14 2005 4:15PM GMT

Malware - Fighting Malicious Code

Malware - Fighting Malicious Code 04/19/2004 01:50 PM

Malicious Code Planted Via IIS Flaw

Malicious Code Planted Via IIS Flaw 06/25/2004 11:52 AM
Security analysts say that the malicious code that has been infecting some Windows machines was planted via an IIS vulnerability on the Web servers that host some high-traffic sites.

'Survivor' site contains malicious code

'Survivor' site contains malicious code 05/13/2004 09:40 AM

Microsoft Security Bulletin MS03-050:
Vulnerability in Microsoft Word and
Microsoft Excel Could Allow Arbitrary
Code to Run (831527)

Microsoft Security Bulletin MS03-050:
Vulnerability in Microsoft Word and
Microsoft Excel Could Allow Arbitrary
Code to Run (831527) 11/13/2003 12:36 AM
A security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed. If successfully exploited, an attacker could then take the same actions as the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive.

Hardware and software to stop malicious
code

Hardware and software to stop malicious
code 06/04/2004 03:37 PM
With hacker attacks and spam mail inundating users and networks at an alarming rate, Fire Trust, a spam catcher software vendor, will move its MailWasher solution from client to server at the end of the month.

F-Secure Takes On Hidden Malicious Code

F-Secure Takes On Hidden Malicious Code 03/14/2005 05:56 PM

Safari, IE vulnerability allows
execution of malicious code

Safari, IE vulnerability allows
execution of malicious code 05/17/2004 04:22 PM
In what is being described as a "highly critical" vulnerability, security firm Secunia on Monday issued an advisory to all Mac OS X users that surf the Web with Microsoft's Internet Explorer or Apple's Safari Web browsers.

Safari, IE Vulnerability Allows
Executiion Of Malicious Code

Safari, IE Vulnerability Allows
Executiion Of Malicious Code 05/17/2004 06:08 PM
The vulnerability takes advantage of the "help" URI handler and "allows execution of arbitrary local scripts (.scpt) via the classic directory traversal character sequence using 'help:runscript.'" By Jim Dalrymple, MacCentral (via MyAppleMenu)

Safari, IE flaw could allow malicious
code execution

Safari, IE flaw could allow malicious
code execution 05/18/2004 04:39 PM
Security firm Secunia has issued an advisory to all Mac OS X users that surf the Web with the Internet Explorer or Safari Web browsers about a "highly critical" vulnerability..

Microsoft issue security warning

Microsoft issue security warning 02/11/2004 02:43 AM
Herald Sun Feb 11 2004 6:44AM GMT

Safari, IE vulnerability allows
execution of malicious code (MacCentral)

Safari, IE vulnerability allows
execution of malicious code (MacCentral) 05/17/2004 04:23 PM
MacCentral - In what is being described as a "highly critical" vulnerability, security firm Secunia on Monday issued an advisory to all Mac OS X users that surf the Web with Microsoft's Internet Explorer or Apple's Safari Web browsers.

Malicious Code Planted Via IIS Flaw
(Ziff Davis)

Malicious Code Planted Via IIS Flaw
(Ziff Davis) 06/25/2004 12:12 PM
Ziff Davis - Security analysts say that the malicious code that has been infecting some Windows machines was planted via an IIS vulnerability on the Web servers that host some high-traffic sites.

Spam Opt-out Link Triggers Malicious
Code Attack

Spam Opt-out Link Triggers Malicious
Code Attack 09/22/2004 11:53 AM

Microsoft Responds to SP2 Security
Center Issue

Microsoft Responds to SP2 Security
Center Issue 08/27/2004 03:42 PM
Microsoft has responded to Neowin with regard to the XP SP 2 problem story we ran yesterday, as reported by PC Magazine & e-Week. The open letter is an unedited version of what we received early this morning.

Dear Neowin,

We wanted to alert you to some misguided press reports that may cause Microsoft customers undue concern. Some articles have posted that claim there is a highly critical vulnerability that would allow a malicious user to spoof the Windows Security Center in Windows XP SP2 however this claim is not accurate. we don’t know how closely you have been following this issue, but we wanted to make sure you had the facts from Microsoft.

As you know Windows Security Center, found in the Windows XP Control panel, provides customers the ability to easily check the status of essential security functionalities such as firewalls, automatic updates and antivirus. Windows Security Center will inform users whether key security capabilities are turned on and up to date and will notify users if it appears that updates need to be made or if additional action steps may need to be taken to help them get more secure.

To clarify, there is not a vulnerability in the Windows Security Center. In order for an attacker to spoof the Windows Security Center, he or she would have to have local administrator rights on the computer (ed. XP Homes default user is 'Admin', and many XP Pro users set their account to admin status for a hassle free life). If an attacker were granted access to a user’s system, either by being granted them or attaining them by enticing a user to open a malicious attachment, the criminal actions the attacker could pursue include many that are far more serious than just spoofing the Windows Security Center. In Windows XP SP2, we have added functionality to reduce the likelihood of unknown applications from running on the user’s system including turning Windows Firewall on by default, Data Execution Prevention and Attachment Manager in Outlook Express, to name a few.

All the best,
Windows Community Team

View: Neowin: Win XP Sp2 Problem?

Read full story...

Microsoft: security now key issue in
browser market

Microsoft: security now key issue in
browser market 09/17/2004 02:32 AM
DMeurope.com Sep 17 2004 6:44AM GMT

Use more than one operating system to
limit the impact of malicious code
attacks

Use more than one operating system to
limit the impact of malicious code
attacks 11/04/2003 06:30 AM
Computer Weekly Nov 4 2003 5:35AM ET

Motorola And Nextel Issue Joint
Statement Regarding A-GPS Services

Motorola And Nextel Issue Joint
Statement Regarding A-GPS Services 07/21/2004 04:35 AM
Space Daily Jul 21 2004 8:54AM GMT

Microsoft conference declares security
an issue of trust

Microsoft conference declares security
an issue of trust 07/29/2004 02:51 AM
Silicon Republic Jul 29 2004 6:45AM GMT

Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360)

Microsoft Security Bulletin MS03-051:
Buffer Overrun in Microsoft FrontPage
Server Extensions Could Allow Code
Execution (813360) 11/13/2003 12:36 AM
This bulletin addresses two new security vulnerabilities in Microsoft FrontPage Server Extensions, the most serious of which could enable an attacker to run arbitrary code on a user's system.

[AppSecInc Security Alert] Microsoft
Active Server Pages Cookie Retrieval
Issue

[AppSecInc Security Alert] Microsoft
Active Server Pages Cookie Retrieval
Issue 05/06/2004 12:58 PM
Aaron C. Newman (Application Security, Inc.) (May 05 2004)

BugTraq: [AppSecInc Security Alert]
Microsoft Active Server Pages Cookie
Retrieval Issue

BugTraq: [AppSecInc Security Alert]
Microsoft Active Server Pages Cookie
Retrieval Issue 05/07/2004 01:59 AM
SecurityFocus May 7 2004 4:58AM GMT

Statement Regarding Illegal Posting of
Windows Source Code

Statement Regarding Illegal Posting of
Windows Source Code 02/19/2004 02:52 AM

More Attack Code Surfaces For Recent
Microsoft Security Holes

More Attack Code Surfaces For Recent
Microsoft Security Holes 04/26/2004 06:53 PM
Just days after Microsoft warned its customers about the release of code that can exploit a hole in its Secure Sockets Layer (SSL) library, new code that claims to exploit another recently disclosed hole surfaced on a French language Web site. By Paul Roberts, IDG News Service (via MyAppleMenu)
Grok Description matches for Microsoft Statement Regarding Download.Ject Malicious Code Security Issue
GrokA matches for Microsoft Statement Regarding Download.Ject Malicious Code Security Issue

Microsoft Statement Regarding Download.Ject Malicious Code Security Issue

The following phrases have been identified by the grok system as matching this entry: