Microsoft Windows Malicious Software Removal Tool (MSRT) January ’12 Update Cleans Win32/Sefnit
Microsoft has released the first security bulletin of January on Jan 10, 2012 monthly to resolve critical problem vulnerabilities. You can view the Jan 2012 update overview video in our blog post titled “January 2012 Patch Tuesday Update Overview Video.”
Microsoft also released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center.
The January 2012 edition of the MSRT includes detection and removal of the Win32/Sefnit family of trojans. This trojan family moderates and redirects web browser search engine results for Bing, Yahoo! and Google.
“Variants of Sefnit employ the use of a Nullsoft Scriptable Install System (NSIS) dropper to install an obfuscated a dynamic link library (DLL) component. The component is executed by the dropper by using “rundll32.exe” and also will execute during Windows logon.
The obfuscation technique used has changed from the “spaghetti-style” of numerous unconditional branches between small islands of code to one that is “in plain sight”.
Once this component of Sefnit is installed, it attempts to perform browser search result redirection for Bing, Yahoo and Google search engines. Win32/Sefnit is often installed by different exploit kits including such as “Blackhole” (detected as Blacole), or distributed on file sharing networks with enticing “keygen” or “crack” styled file names,” MSRT explains.
You can download and get more information on the Microsoft Windows Malicious Software Removal Tool here.
Microsoft released the following seven new security bulletins for newly discovered vulnerabilities:
- MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615) – Important – Security Feature Bypass – Requires restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. - MS12-002 : Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381) – Important – Remote Code Execution – May require restart
Microsoft Windows XP and Windows Server 2003. - MS12-003: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524) – Important – Elevation of Privilege – Requires restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. - MS12-004: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) – Critical – Remote Code Execution – Requires restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. - MS12-005: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146) – Important – Remote Code Execution – May require restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. - MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) – Important – Information Disclosure – Requires restart
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. - MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664) – Important – Information Disclosure – May require restart
Microsoft Developer Tools and Software
The January Public Update released for Office is now live and available for download. This release contains 4 non-security updates, and provide current definitions to the Junk Email Filter in Microsoft Office Outlook 2007, 2010 and 2003:
- Update for Microsoft Office 2007 suites (KB 2596686) 32-Bit Edition
- Definition Update for Microsoft Office 2010 (KB 982726) 32-Bit Edition
- Definition Update for Microsoft Office 2010 (KB 982726) 64-Bit Edition
- Update for Microsoft Office Outlook 2003 Junk Email Filter (KB 2597098)
Source:
Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.
"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.
Please Help Support BeforeitsNews by trying our Natural Health Products below!
Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST
Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST
Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!
HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.
Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.
MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)
Oxy Powder - Natural Colon Cleanser! Cleans out toxic buildup with oxygen!
Nascent Iodine - Promotes detoxification, mental focus and thyroid health.
Smart Meter Cover - Reduces Smart Meter radiation by 96%! (See Video).