Well..Sorry for the long gap. Was stuck with some work as usual

First of all wish you all a happy New Year!! A bit late to wish but better late than never

The recent (stale) news much around about the Google/Adobe hack a.k.a “Operation Aurora” is suspected to be executed successfully using a zero-day IE exploit.  The exploit code is publicly available & Metasploit has also released a module for the same. So now you can expect lotta script-kiddies out in action attacking your corporate/home network.

Microsoft had suggested a workaround for the same earlier this week. But the exploit had been much in wild that it had to release an out-of-band patch for the same. We strongly recommend to implement this patch on higher priority. This vulnerability could allow remote code execution if a user simply views a specially crafted Web page using Internet Explorer.

Read more »

This is in continuation of advanced notification released by Microsoft few days back. It has now released MS09-34 and MS09-35 out-of-band patches yesterday. Well we would recommend having MS09-34 (Internet Explorer related bulletin) on your top list.

MS09-35 (Visual Studio active template library) is basically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin. Developers who have built components and controls using ATL should download this update and recompile their components and controls following the guidance provided in the following MSDN article.

Read more »

Well, as always, Microsoft has vowed to keep as busy by releasing critical patches. The list this tuesday is as follows:

MS09-018

Read more »