By Stefanie Hoffman, ChannelWeb   Microsoft (NSDQ:MSFT) released two “important” patches for its March PatchTuesday release, plugging eight vulnerabilities in Windows and Office, while warning users about another zero-day attack in Internet Explorer.Microsoft patched one vulnerability in Windows Movie Maker, affecting XP and Vista, which could be exploited by remote hackers to launch malicious code onto users’ PCs. During an attack, a hacker could create and send a malicious Movie Maker or Producer media file to a victim — typically delivered via e-mail. The victim would become infected with malicious code once he or she opened the file.

In the patch, Microsoft also called out Microsoft Producer 2003 in the affected products list, but failed to update the application, downplaying Producer 2003 as “a free download with limited distribution.”

“Our standard approach is to produce updates that can be deployed automatically for all affected products at the same time but Producer 2003 does not offer a means for automatic update,” said Jerry Bryant, Microsoft senior security communications manager, in a blog post Tuesday. “Based on our investigation, we determined that the best way to protect the vast majority of customers was to release an update addressing the components that shipped with Windows.”

Bryant said that Microsoft continues to investigate security vulnerabilities in Producer 2003, but recommended that customers either uninstall the application or disassociate the project file type from the application via Microsoft Fix It, to further protect themselves from attack.

In addition, Microsoft also issued another “important” patch fixing seven security flaws in all versions of Excel, including Office 2004, Office 2008 for Mac, Open XML File Format Converter for Mac, and supported versions of Excel viewer and SharePoint 2007, which enabled hackers to launch malicious attacks if a victim opened an infected Excel file.

“As with most Office vulnerabilities, a user would have to open a specially crafted file in order to be exploited,” Microsoft said.

Microsoft researchers recommend that users apply the patches as soon as possible, although this month’s patch load repaired flaws giving the slightly less severe threat ranking of “important,” contending that the vulnerabilities can still be exploited remotely by hackers.

Additionally, Microsoft issued a security advisory warning users of a zero-day vulnerability affecting IE 6 and IE 7 which are already being exploited in the wild.

Vulnerable systems include Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7. However, Microsoft said that so far, Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected.

Specifically, vulnerability occurs because of an invalid pointer reference within Internet Explorer, which could allow hackers to launch malware when the pointer reference is accessed after an object is deleted.

So far, Microsoft said that attacks exploiting the IE flaw appear to be “targeted.”

“At this time, we are aware of targeted attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes,” Microsoft said in its advisory.

Down the road, Microsoft will either release a fix during a monthly patch update or as an out-of-band security update, in order to address the flaw.

By Stefanie Hoffman, ChannelWeb   FBI Director FBI Robert Mueller called on the U.S. law enforcement and the security community to minimize disclosure, collaborate with international governments and pursue investigations farther in order to combat what appears to be a losing arms race with cyber criminals.

“We are playing the cyber equivalent of cat and mouse,” Mueller told thousands of IT professionals in a keynote during the RSA Conference Thursday. “We must make the cost of doing business more than they are willing to bear,”

As part of his call to arms, Mueller pledged minimal disruption to business with protective orders and increased privacy for U.S. corporations who suffered data breaches, in order to avoid loss of reputation and brand–despite the momentum of federal and state data breach disclosure laws.

“Notifying the authorities may harm your competitive position. We will minimize the disruption into your business,” he said. “Together we work together to limit the breadth and scope of this attack. For every investigation in the news, there are hundreds that will never make the headlines. Disclosure is the exception not the rule.”

Also as part of the cyber crime effort, Mueller said that the U.S. needed to work collaboratively with international governments to resolve the problems and follow through with investigations to put cyber criminals behind bars.

Meanwhile, the threats are indeed numerous, Mueller said. During his presentation, Mueller underscored that cyber attacks were becoming more sophisticated, stealthy and prevalent. Cyber crime gangs and terrorist organizations are increasingly using malware to further their financial and political aims and “incite terrorism,” he said.

“A cyber attack could have the same impact as a well-placed bomb,” he said. “Countless extremists have taken this to heart. We believe the cyber terrorism threat is real and rapidly expanding.”

To underscore his point, Mueller said that terrorist camps now incorporated cyber terror into their training regimen, combining physical attacks with cyber attacks. Additionally, Mueller said that malware was increasingly being used to conduct cyber espionage against U.S. networks.

“These hackers actively target our government networks, intellectual property, even our military weapons in strategy,” he said. “They have everything to gain and we have great deal to lose.”

In addition to politically motivated attacks, Mueller said that — as with theGoogle Aurora attacks — cyber spies were increasingly targeting corporate networks in an effort to steal intellectual property and other financial assets. Spear phishing attacks that targeted high-level administrators were becoming the primary vector, and were “too realistic to ignore. Just one breach is all the need to open the floodgates.”

“We are bleeding data,” he said. “In some cases, terabyte by terabyte,’ Mueller said. “The risks are no longer a distant possibility. They are right there on the doorstep and in some cases already inside the house.”

The Brookfield Group offers a wide variety of Cloud, Co-located or Hosted Computing.

By Stefanie Hoffman, ChannelWeb 1:38 PM EST Tue. Mar. 02, 2010

The inevitable transition to the cloud presents copious security challenges but myriad opportunities to find new ways to collaborate, innovate and keep end users secure, Art Coviello, president of RSA, the security division of EMC, said Tuesday in a kickoff keynote at RSA Conference 2010.Coviello told thousands of security professionals at the conference that the cloud transition would open the door for the industry to “turn security inside out” by creating new partnerships and devising technologies to make the cloud more secure and efficient.

“Cloud computing is the security industry’s way to change the way we deliver security,” he said. “We have a rare opportunity for a do-over.”

The march toward the cloud is inevitable and is in no small part driven by the state of the economy, Coviello said. Businesses today are slashing budgets and IT staff while simultaneously attempting to be more productive and efficient, he added, citing a statistic indicating that companies are spending as much as two-thirds of their IT budgets on maintenance, facilitating the proliferation of cloud technologies.

“Cloud computing can dramatically alter ratios. More innovation can be directed to innovation and competitive advantage,” he said.

Coviello went on to predict that the journey initially would be driven by virtualization of non-mission-critical infrastructure and evolve to virtualization of critical applications, adoption of internal private clouds and then the outsourcing of infrastructure to external systems.

“Organizations will demand it. We must get better returns on IT investment. We must play an essential role in making cloud computing a reality.”

However, one of the biggest factors preventing companies from widespread cloud adoption is the security of data stored in the cloud, Coviello said.

“Because cloud computing represents a challenge as well as an opportunity, we have to be careful we don’t end up in security hell,” Coviello said.

For the cloud to be secure, providers will need to enable visibility, assess security, establish trust and prove compliance, he said.

To that end, RSA unveiled a partnership with VMware and Intel that aims to strengthen security controls, enforce compliance policies and increase visibility in private cloud infrastructure.

“It’s not just theoretical. We announced collaboration and proof of concept with VMWare demonstrating how this visibility can be accomplished,” Coviello said.

RSA executives say that the partnership ultimately will enable it to provide cloud offerings for all current physical and software versions of its products, starting with DLP and then extending to other security technologies such as access management, which are tentatively slated to be released sometime in 2011.

“This means we can deliver new waves of efficiency, agility and collaboration for organizations of all sizes,” said Coviello.

For those of you that have a small or medium size business this is something you should watch and consider. A disaster can happen to you!  If you have questions, please let us know so we can address your needs and concerns.

By Steven Burke, ChannelWeb Microsoft has stopped serving a security patch that has apparently triggered the infamous Microsoft Blue Screen of Death for a number of Windows XP users.

“We are still investigating this but I wanted to provide some additional clarity on what I mean when I said we stopped offering the update via Windows Update,” said Jerry Bryant, senior security communications manager lead in a post inThe Microsoft Security Response Center. “To be more precise, we basically turned off the Automatic Update system for this bulletin. This means that computers that have our recommended setting to automatically look for, download, and install high priority updates, will not pull this update down.”

The Windows XP Blue Screen of Death issues surfaced after Microsoft released a record 13-patch security update for its February Patch Tuesday repairing what it called 26 vulnerabilities in its Windows operating system and Office productivity software.

The decision to stop serving the suspected patch came after a flurry of complaints from Windows XP users that had updated their systems.

“When my wife downloaded Windows update it shut the Acer Aspire down and only the blue screen comes up,” complained a user on the Microsoft Answers forum. “We can only see the Safemode screen and thats (sic) about all. We tried to reboot with the proper disk and nothing happens when we hit Enter. HELP!!!!!!!!!!!!!!!!! Jack.”

“I am glad to see that I am not the only one having the same problem,” wrote another frustrated user. “I had to go to work and use my MACINTOSH (sic) to get on line to find out what is going on with the XP updates last night. I got the exact same page fault error!!! I am this much closer to switching over to a MACINTOSH for good.”

At least one user that had his system crippled is considering moving to Windows 7.

“Impossible to get it to boot by any means,” wrote the user. “Have turned off Auto Update on all other PCs - fortunately only the one (my main one) is effected (sic). I’ll be really annoyed if I have to do a clean install (as I have so much software and updates and patches on it). If I have to do that I may as well go for Win 7 :-(.”

Kevin Hau, a moderator in the Microsoft Answer forum, advised users that the patch that needs to be uninstalled to resolve the Blue Screen issue is KB977165.

“We have found that there is only one patch that requires un-installation to resolve the blue screen issue,” wrote Hau. “KB977165 is the patch in question, the other patches do not seem to cause the blue screen behaviour and do not need to be uninstalled.”

Hau advised users to:

1. Boot from your Windows XP CD or DVD and start the recovery console.

2. Once you are in the Repair Screen, type this command: CHDIR $NtUninstallKB977165$\spuninst.

3. Type this command: BATCH spuninst.txt.

4. When complete, type this command: exit.

One user this morning was still having problems after attempting the fix.

“Since my first restart after performing the recent Microsoft update, I can’t boot up–so pretty sure I have the bug attributed to KB977165 in the update,” wrote the user. “I’ve gotten to my recovery screen, but when I type in– CHDIR $NtUninstallKB977165$\spuninst — it responds “path or file directory not valid”. I’ve tried all the KBs that came w/ the update and I’m getting the same response. What could I be doing wrong?”