Security

Microsoft's XML 0-day fix expected in July Patch Tuesday

Hack attack smack

John Leyden Fri 6 Jul 2012 // 12:01 UTC

Microsoft is planning to release nine bulletins, three critical, as part of the July edition of its Patch Tuesday monthly update cycle.

One of the three crucial advisories is expected* to offer patches for a serious XML Core Services vulnerability, disclosed but not fixed in June’s Patch Tuesday. This vulnerability has been actively exploited in attacks over recent weeks. The other two crucial bulletins cover unspecified problems in Internet Explorer and Windows.

The remaining six bulletins are rated "important" and grapple with flaws in Windows, Office, Sharepoint and Office for the Mac.

Redmond has also been rolling out an improved version of the Windows Update client over recent weeks, designed to address shortcomings in the patching mechanism abused by the Flame cyber-espionage tool. These improved patching measures will come into play in earnest with next week's update, which is due to arrive on 10 July.

Microsoft's advisory can be found here. Additional commentary from Wolfgang Kandek, CTO at vulnerability scanning firm Qualys, can be found here. ®

Bootnote

* The majority of security watchers expect Redmond to patch the XML flaw next Tuesday but this remains unconfirmed. Paul Henry, security and forensic analyst at Lumension, certainly has his doubts.

"It remains unclear if Microsoft will be issuing a patch this Patch Tuesday for the XML Core Services issue that is currently being actively exploited in IE attacks," Henry writes. "Microsoft normally includes details in their pre-release information if a Day Zero patch is included. However, in the July pre-release, no mention of the issue was included."

Similar topics

Broader topics

Narrower topics

Corrections Send us news

Other stories you might like

Microsoft slows some hiring for Windows, Teams, and Office

'Making sure the right resources are aligned to the right opportunity' ahead of next fiscal year

Richard Speed Fri 27 May 2022 // 13:31 UTC

Microsoft has hit the brakes on hiring in some key product areas as the company prepares for the next fiscal year and all that might bring.
According to reports in the Bloomberg, the unit that develops Windows, Office, and Teams is affected and while headcount remains expected to grow, new hires in that division must first be approved by bosses.
During a talk this week at JP Morgan's Technology, Media and Communications Conference, Rajesh Jha, executive VP for the Office Product Group, noted that within three years he expected approximately two-thirds of CIOs to standardize on Microsoft Teams. 1.4 billion PCs were running Windows. He also remarked: "We have lots of room here to grow the seats with Office 365."

Continue reading
Recession fears only stoking enterprise tech spending for Dell, others

Staving off entropy with digital transformation, hybrid office, and automation projects still being financed

Paul Kunert Fri 27 May 2022 // 13:00 UTC

Enterprises are still kitting out their workforce with the latest computers and refreshing their datacenter hardware despite a growing number of "uncertainties" in the world.
This is according to hardware tech bellwethers including Dell, which turned over $26.1 billion in sales for its Q1 of fiscal 2023 ended 29 April, a year-on-year increase of 16 percent.
"We are seeing a shift in spend from consumer and PCs to datacenter infrastructure," said Jeff Clarke, vice-chairman and co-chief operating officer. "IT demand is currently healthy," he added.

Continue reading
GitHub saved plaintext passwords of npm users in log files, post mortem reveals

Unrelated to the OAuth token attack, but still troubling as org reveals details of around 100,000 users were grabbed by the baddies

Richard Speed Fri 27 May 2022 // 12:15 UTC

GitHub has revealed it stored a "number of plaintext user credentials for the npm registry" in internal logs following the integration of the JavaScript package registry into GitHub's logging systems.
The information came to light when the company today published the results of its investigation into April's unrelated OAuth token theft attack, where it described how an attacker grabbed data including the details of approximately 100,000 npm users.
The code shack went on to assure users that the relevant log files had not been leaked in any data breach; that it had improved the log cleanup; and that it removed the logs in question "prior to the attack on npm."

Continue reading

This Windows malware uses PowerShell to inject malicious extension into Chrome

And that's a bit odd, says Red Canary

Jeff Burt Fri 27 May 2022 // 11:26 UTC

A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.
The makers of the ChromeLoader software nasty ensure their malware is persistent once on a system and is difficult to find and remove, according to threat hunters at cybersecurity shop Red Canary, who have been tracking the strain since early February and have seen a flurry of recent activity.
"We first encountered this threat after detecting encoded PowerShell commands referencing a scheduled task called 'ChromeLoader' – and only later learned that we were catching ChromeLoader in the middle stage of its deployment," Aedan Russell, detection engineer at Red Canary, wrote in a blog post this week.

Continue reading
Spam is back with a vengeance. Luckily we can't read any of it

It's a shame still nothing can be done about all the false positives, though

Alistair Dabbs Fri 27 May 2022 // 10:44 UTC

Something for the Weekend WE BRING ENGLISH TO YOUR FEET! reads the email.
That's nice. I knew I was lacking something in the footwear department. A fine pair of bobby dazzlers, no doubt.
No, that can't be right. Let me run it through another translation app. Ah, how about this?

Continue reading
Clonezilla 3: Copy and clone disk images to your heart's content

Even non-sysadmins may find this Linux live ISO handy

Liam Proven in Prague Fri 27 May 2022 // 10:02 UTC

Clonezilla 3 is a new version of an (almost) universal disk-imaging and duplication tool which can copy, or image, almost any mass storage device.
Remember Norton Ghost? It was discontinued nearly a decade ago now, in 2013. There are lots of alternatives to it out there, including commercial ones, but Clonezilla is handy because it can handle almost any disk format, and it's totally free. Version 3 just appeared and it's got a bunch of new features, including support for Apple APFS, ChromeOS Flex, and Linux drives encrypted with LUKS.
Clonezilla is not a general-purpose tool, or a graphical live desktop for general disk work. If you want that, try SystemRescue 9, which we looked at earlier this year.

Continue reading

BOFH: Where do you think you are going with that toner cartridge?

Did that printer service person just sell you 10 overpriced boxes of the wrong paper?

Simon Travaglia Fri 27 May 2022 // 09:15 UTC

Episode 10 It is a great morning! The phone has not rung once (and not because the PFY has rebooted the phone server with a DBAN USB stick in it again), the aircon and security system are behaving, and outside the sun is shini-
"What's he doing here?" I ask the PFY.
"Who?" the PFY asks, getting up off his chair as he senses a hint of urgency in my tone. "What's who doing... SH*T!"

Continue reading
When management went nuclear on an innocent software engineer

It says 'Do Not Touch,' not 'Rip Out My Guts'

Richard Speed Fri 27 May 2022 // 08:30 UTC

On Call Sure, you might use words like "boom" and "explode" when it comes to errors with your system. But could a whoopsie have the potential to render a chunk of a country uninhabitable? Welcome to On Call.
Our story comes from a reader Regomized as "Ellen" who spent the early part of the 1980s toiling away in the IT department of a company producing software responsible (in part) for running nuclear power stations.
A brand new system was in the process of being rolled out, which would keep track of which stations were online, how much power they could provide, and so on.

Continue reading
Lenovo infrastructure group and Alibaba Cloud both make first annual profits

Chinese giants' enterprise businesses do well despite lockdowns. Other segments? Strap in for a bumpy ride

Simon Sharwood, APAC Editor Fri 27 May 2022 // 07:57 UTC

Ever since Lenovo acquired IBM’s x86 server business in 2014, one thing has proven elusive: profit.
Now the company can point to a pair of consecutive quarters, and a full year, in the black.
The Chinese kit-maker yesterday reported Q4 and FY 2022 results, with quarterly revenue of $16.7 billion representing seven percent year on year growth. Annual revenue reached $71.6 billion, an increase of 18 percent. Annual net income topped $2 billion.

Continue reading
Let's play everyone's favorite game: REvil? Or Not REvil?

Another day, another DDoS attack that tries to scare the victim into paying up with mention of dreaded gang

Jessica Lyons Hardcastle Fri 27 May 2022 // 07:33 UTC

Akamai has spoken of a distributed denial of service (DDoS) assault against one of its customers during which the attackers astonishingly claimed to be associated with REvil, the notorious ransomware-as-a-service gang.
REvil was behind the JBS and Kaseya malware infections last year. In January, Russia reportedly dismantled REvil's networks and arrested 14 of its alleged members, theoretically putting an end to the criminal operation.
Beginning in late April, however, the same group of miscreants — or some copycats — appeared to resume their regularly scheduled ransomware activities with a new website for leaking data stolen from victims, and fresh malicious code.

Continue reading
World’s smallest remote-controlled robots are smaller than a flea

So small, you can't feel it crawl

Laura Dobberstein Fri 27 May 2022 // 07:15 UTC

Video Robot boffins have revealed they've created a half-millimeter wide remote-controlled walking robot that resembles a crab, and hope it will one day perform tasks in tiny crevices.
In a paper published in the journal Science Robotics , the boffins said they had in mind applications like minimally invasive surgery or manipulation of cells or tissue in biological research.
With a round tick-like body and 10 protruding legs, the smaller-than-a-flea robot crab can bend, twist, crawl, walk, turn and even jump. The machines can move at an average speed of half their body length per second - a huge challenge at such a small scale, said the boffins.

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs