RSS Feed
News
Sep
21

We at Vigilant value our customers safety and feel obligated to you to make you aware of two very serious issues:

1) Microsoft has released "Microsoft Security Bulletin" MS12-063-Critical today. It is a vitally important patch if you are running Internet Explorer 6, 7, 8 & 9.

Why this is important:  If you visit or get redirected to a specially crafted web page, it can take advantage of a security hole that would allow an intruder to run programs remotely on your computer as if they were you. These programs can run in the background where you would not be aware of them. 

You can download the patch by running windows update on your machine: (Please be aware that you will be asked to reboot your machine at the end of the installation)

  • Click the start button
  • Click "All Programs"
  • Click on "Windows Update"
  • Click on "Check for updates" on the left pane of the window
  • Click on the "XXX important updates are available" on the right
  • Under the "Windows 7" (or what ever version you are running) section check the box for the item that ends in (KB2744842) and any other updates you wish to add and click "OK"
  • Now click on the button with the  blue and yellow shield & "Install updates"
  • Let it run & reboot

You should now be protected from this vulnerability.

Reference Links:

  • http://technet.microsoft.com/en-us/security/bulletin/ms12-063
  • http://technet.microsoft.com/en-us/security/advisory/2757760

2) The second issue we would like to make you aware of is a "Java" vulnerability. 

Why this is important: virtually every machine that surfs the internet processes "Java" code. It is one of the most common componenets of any web page. If you visit or get redirected to a specially crafted web page, it can take advantage of a similar security hole like the one above that would allow an intruder to run programs remotely on your computer as if they were you. These programs can run in the background where you would not be aware of them. 

This vulnerability is not limited to Internet Explorer it can affect ANY browser on Windows or OSx.

You can download the patch from here: http://www.oracle.com/technetwork/java/javase/downloads/jre7u7-downloads-1836441.html

Good Executive Summary: http://reviews.cnet.com/8301-13727_7-57503787-263/oracle-patches-java-7-vulnerability

Thank you & Safe computing,
Vigilant Staff