Microsoft Security Alert: Vulnerability in Internet Explorer Could Allow Remote Code Execution

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer.

Here is what Microsoft has to say:

Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.

The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.

At this time, we are aware only of limited attacks that attempt to use this vulnerability against Windows Internet Explorer 7. Our investigation of these attacks so far has verified that they are not successful against customers who have applied the workarounds listed in this advisory. Additionally, there are mitigations that increase the difficulty of exploiting this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) programs to provide information that they can use to provide broader protections to customers. In addition, we’re actively working with partners to monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability.

We are actively investigating the vulnerability these attacks attempt to exploit. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Microsoft continues to encourage customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at Security at home.

Mitigating Factors:

• Protected Mode in Internet Explorer 7 and Internet Explorer 8 in Windows Vista limits the impact of the vulnerability.

• By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.

•An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

•Currently known attacks cannot exploit this issue automatically through e-mail.

Click Here For The Advisory Statement.

Utility SCE Completes Massive Installation Of Solar Rooftop Project, Will The Rest Of U.S. Follow?

Rosemead, Calif. - Southern California Edison (SCE) announced Monday that it has completed the first of its proposed 150 solar photovoltaic installations on Southern California commercial rooftops.

The project could eventually cover two square miles of existing commercial roofs with 250 million watts of peak generating capacity – equivalent to building several utility-scale solar power plants.

During recent months, the 600,000-square-foot Fontana, Calif., distribution warehouse roof selected as the first installation site has been fitted with 33,700 advanced thin-film solar panels making it the largest single rooftop solar photovoltaic array in California. The facility now generates enough power during peak output conditions to meet the needs of approximately 1,300 Inland Empire homes.

SCE officials also announced today the choice of their next solar installation site. The utility will begin construction soon atop a 458,000-square-foot industrial building in Chino, Calif., owned by the Multi-Employer Property Trust, and advised by Kennedy Associates.

Additionally, the utility announced that the solar panel supplier for the Fontana installation – First Solar of Tempe, Ariz. – is once again the winning bidder for the utility’s second installation. Decisions have not been made on other building sites.

SCE’s renewable energy project, being called a solar power game changer because of its unprecedented scope and consumer price benefits, was prompted by advances in solar technology that reduce the cost of installed photovoltaic generation to approximately half that of current similar installations.

Additionally, the utility hopes to fill a gap it has observed in current rooftop solar projects in the state – mid-range one- to two-megawatt installations.

SCE anticipates its solar power project will create new jobs in Southern California in the solar industry. The International Brotherhood of Electrical Workers, one of SCE’s project partners, is supporting the project through the expansion of its solar installation apprentice training program.

The utility received its first regulatory response to the project on Sept. 18, 2008, when the California Public Utilities Commission authorized the recording of costs for the first three installations while SCE awaits regulatory review and response to the entire $875 million project due in March 2009.

An Edison International (NYSE:EIX) company, Southern California Edison is the largest electric utility in California, serving a population of more than 13 million via 4.8 million customer accounts in a 50,000-square-mile service area within Central, Coastal and Southern California.

How it Works?

Solar panels are made of materials that convert sunlight directly into electricity through a chemical process. Thin semiconductor layers form an electric field, positive on one side and negative on the other side. When sunlight strikes the semiconductor, electrons are knocked loose from the atoms of the material creating the current. Wires are attached to the positive and negative sides to carry the electricity from the cell to the device to be powered. (Source: SCE)


Click Here For Press Release.

Sharp, Enel To Invest In $1Bln Italy Solar Power Venture

Tokyo, Japan - Sharp Corp. announced Thursday that it is planning to initiate the world’s first “solar business model” by joining with a power company. Under the business model, the companies are expected to manufacture of thin-film solar cells to IPP activities. Sharp is working towards becoming a company providing total solutions based on solar cells.

The statement from the company said that Japan's Sharp and Italy’s largest power company, Enel SpA, will establish a joint venture in the spring of 2009 to operate as an independent power producer and will develop a number of photovoltaic power plants with a total capacity of 189 MW by the end of 2012.

A number of photovoltaic power plants will be set up mainly in southern Italy and will utilize thin-film solar cells, which offer superior power generating efficiency in hot-climate regions. The two companies are looking into expanding their IPP business in the future to cover countries of the Mediterranean region other than Italy with a view toward further strengthening their cooperative relationship.

Regarding cooperation in the production of thin-film solar cells, the plan is for Sharp, Enel, and a third un-named European manufacturing company to construct a thin-film solar cell plant in Italy with the potential to expand annual production capacity to around 1 GW in the future.

The initial phase of development will put in place a production system having an annual capacity of 480 MW, with the aim of starting operations around the middle of 2010. The amount of investment would be approximately 100 billion yen ($1 billion), which would be spend between 2009 and 2012.

The three companies are working out the details of establishing the joint venture to manufacture thin-film solar cells in Italy, and plan to sign a MoU in December.

Geographically, Italy lies at the heart of a project adopted at the Union for the Mediterranean summit held in July 2008, namely, a “Mediterranean solar plan” that aims to develop power generating facilities with a capacity of 20 GW by 2020.

The Osaka-based manufacturer said, Sharp and Enel will work together in the future with the goal of strategically expanding renewable energy in Europe, including in the Mediterranean region.

Click Here for Press Release.

Google May Be Quietly Laying Off At Least 10,000 Employees: Report

Washington, D.C. - Google may be handing out pink slips to several thousands of workers, according to a report citing un-named sources. Based on WebGuild's report, Google Inc (GOOG) may be quietly laying off up to 10,000 employees as a part of its efforts to streamline its operations and cost reduction.

"Since August, hundreds of employees have been laid off and there are reports that about 500 of them were recruiters for Google," the report posted on Nov. 23 claims. As of September 30, 2008, we had 20,123 employees located around the world.

The company is supposed to report layofffs. The report said that Google has categorized as many as 10,000 of the employees as "temporary operational expenses."

WebGuild President Daya Baran says, "Google has hundreds of lawyers figuring out how not to get caught. One of them is by moving workers from job to job every few months so that their status remains temporary. That is why you probably have never spoken to the same person twice at Google and that is also why there is somebody new on the job and most times you know more about their job than they do."

In the third quarter, Google reported revenues of $5.54 billion for the quarter ended September 30, 2008, an increase of 31% compared to the third quarter of 2007 and an increase of 3% compared to the second quarter of 2008.

"We had a good third quarter with strong traffic and revenue growth across all of our major geographies thanks to the underlying strength of our core search and ads business. The measurability and ROI of search-based advertising remain key assets for Google," Eric Schmidt, CEO of Google, said in a statement.

Click Here for WebGuild's Report.

Microsoft & McAfee Warn Of New Round of Attacks

New York, NY - Security researchers at Microsoft Corp. (MSFT) late yesterday issued a warning on significant rise in exploits of a Windows bug that the software vendor patched with an emergency fix last month. Similar reports were posted by Symantec Corp. and McAfee Inc.

Microsoft says:

As expected, we are seeing another wave of attacks exploiting the vulnerability detailed in security bulletin MS08-067.

Early last week we blogged about MS08-067 exploits. At that time, the number of exploits in the wild was still low and they were mostly targeted attacks. However, during the weekend we started receiving customer reports for new malware that exploits this vulnerability.

During the last two days that malware gained momentum and as a result we see an increased support call volume. The SHA1 hash of the malware is 0x5815B13044FC9248BF7C2DBA771F0E6496D9E536 and we detect it as Worm:Win32/Conficker.A. This malware mostly spreads within corporations but also was reported by several hundred home users. It opens a random port between port 1024 and 10000 and acts like a web server. It propagates to random computers on the network by exploiting MS08-067.

Once the remote computer is exploited, that computer will download a copy of the worm via HTTP using the random port opened by the worm. The worm often uses a .JPG extension when copied over and then it is saved to the local system folder as a random named dll. It is also interesting to note that the worm patches the vulnerable API in memory so the machine will not be vulnerable anymore.

It is not that the malware authors care so much about the computer as they want to make sure that other malware will not take it over too... More details are available in our encyclopedia write up.

Most of the reports come from users in the United States, but we also received reports from other countries/regions such as Germany, Spain, France, Italy, Taiwan, Japan, Brazil, Turkey, China, Mexico, Canada, Argentina and Chile.

On the other hand, Worm:Win32/Conficker.A avoids infecting Ukrainian computers and indeed we received no reports from there. We have also found several bots that exploit MS08-067. We detect them as Backdoor:Win32/IRCbot.BH. We continue to urge all our customers to install MS08-067. If you have installed this update, you’re already protected from this malware.

I'll continue to monitor the situation and will post updates as necessary.

Click here is McAfee's report.

TiVo Posts Profit In Q3 With $103M From Settlement

TiVo received compensation in the amount of approximately $105 million in initial litigation damages from EchoStar.

"Though we are pleased with our results this quarter, we recognize that no business is immune to the challenges of the current economic climate, which we expect will impact overall consumer electronics sales during the holiday season," Tom Rogers, President and CEO of TiVo said in a statement.

He added, "Like most companies, we are taking steps to further reduce and more effectively manage our spending across all areas of the company as evidenced by our recently announced reduction in workforce in order to maintain our strong financial position."

Net Income for the third quarter was $100.6 million compared to a loss of ($8.3) million in the year-ago quarter. Excluding the EchoStar damages award net loss would have been ($0.9) million.

Adjusted EBITDA for the third quarter was $95.3 million, compared to $0.2 million in the year-ago quarter. Excluding the EchoStar damages award Adjusted EBITDA would have been $7.5 million.

TiVo partners with Netflix to stream its library of over 12,000 videos directly to the TV
Comcast announces roll out of TiVo service to additional markets

TiVo extends distribution agreement with DIRECTV; TiVo is now partnered with three of the top five television distributors in the U.S.

Partnership with Nero brings TiVo to the PC viewing experience

For more: Click Here

Message From Facebook: Making Facebook Safe Against Spam

Last Friday [Nov. 21], Facebook won an important victory for our users – and against spam and those who create it.

We've all experienced spam – those unwanted and, sometimes, inappropriate marketing messages. The bad guys behind those messages are always looking to find new ways to annoy people and Facebook's users have been among those targeted. We don't take this affront to our users lying down.

In a court in San Jose, after a legal proceeding lasting four months, federal Judge Jeremy Fogel awarded Facebook $873 million in damages against Adam Guerbuez and Atlantis Blue Capital for sending sleazy messages to our users. The award is the largest judgment in history for an action brought under Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM).

Does Facebook expect to quickly collect $873 million and share the proceeds in some way with our users? Alas, no. It's unlikely that Geurbez and Atlantis Blue Capital could ever honor the judgment rendered against them (though we will certainly collect everything we can). But we are confident that this award represents a powerful deterrent to anyone and everyone who would seek to abuse Facebook and its users.

This judgment is the result of the tireless effort of our security experts, legal team and the other significant resources we've devoted to finding, exposing and prosecuting the sources of spam attacks. These efforts complement the sophisticated technical systems we continue to develop to limit the impact of these attacks or to block them altogether.

Everyone who participates constructively in Facebook should feel confident that we are fighting hard to protect you against spam and other online nuisances. We will continue to invest in this area by improving our technical safeguards and devoting significant resources to finding, exposing and prosecuting the sources of spam attacks.

by Max Kelly, Facebook's Director of Security.