Microsoft made a couple of big announcements today, first that the 2010 Beta is available and anyone can participate. The second big announcement was the Social Media Connector included in Office 2010. If you’re interested in learning more check out this article on Microsoft’s MSDN blog. If you’d like to skip the article and jump to the goods go download the beta from Microsoft’s 2010 site.
Microsoft is implementing a Social Media component dubbed Outlook Social Connector to Office (Outlook/Sharepoint) 2010. While most people probably believed that they had been investing most of their development capital in shoring up security, the truth is you can always believe that companies like Microsoft have big plans. While not every big thing from Microsoft is a hit, it definitely seems like they are at least making some nice in-roads with Windows 7 and Office 2010. Competition is good, Google Docs and Social Media have really put the pressure on Microsoft and this is part of the response.
Check out the article on Microsofts MSDN Blog.
Update 7/15/2009 – the link to “Disable” below will now take you to a page with a link to the security update for this issue. Not long ago an exploitable flaw with ActiveX control for streaming video was discovered and is being exploited. The flaw itself has not been patched and there are only work-arounds that involve disabling the controls. For this reason we are advising the following until a patch is available:
1. Use an alternative browser such as Mozilla Firefox.
2. Disable the vulnerable Active X controls.
3. Be extremely cautious about what links are clicked/web pages are visited. (Only recommend to very experienced users)
If you have questions about this vulnerability feel free to contact us.
Just yesterday I answered a question on LinkedIn related to new scams that are circulating on the Internet. Not less than 24 hours later I saw something that was new, creative and likely to cause some damage as it actually harbors the payload Win32/Kryptik.TL – a Trojan Horse Virus that as of 6/24/2009 is not circulating much. While the format they sent has the Microsoft look and feel (Top Image), it does not duplicate the email format of Microsoft notices (Bottom Image).
We have received a notice from US-CERT about a security flaw involving Internet Explorer 7 and Adobe Acrobat. The flaw only affects windows based machines that have Internet Explorer 7 and Adobe Acrobat products. If you have both of these products installed your system could be compromised if you opened a pdf file that was crafted to exploit this flaw. This flaw has been labelled critical, and we are prioritizing addressing this flaw with our customers.
Who should be concerned?
- Anyone with both Internet Explorer version 7 and Adobe Acrobat installed.
- Anyone using Adobe Acrobat products version 8.1 or earlier in conjunction with Internet Explorer 7.
If I meet the criteria that makes me vulnerable, what should I do?
- You should avoid opening PDF files from untrusted sources.
- You should apply an update for your Adobe Acrobat as soon as possible.
- If unable to install an update, you should disable the mailto: URI handler on your Adobe Product (See Adobe Security Bulletin APSB07-18 for details on how to do this).
Where can I get more information about this problem?