WWW.EIMIR.COM – FREE Guide on Malaysia IT Security Threat Landscape

Trend Micro issue a warning today as follows:

Dear All,

Please be advised of another Zero-Day attack affecting Microsoft Office Excel.

Please be careful with following action:

a. Do not open or save email attachment from Unknown or Untrusted sources.

b. Avoid opening or saving MS Excel files that you receive unexpectedly from trusted sources.

c. Practice extreme caution when browsing the internet or clicking on links in emails especially on “Untrusted websites”.

Impact:

An unspecified remote code-execution vulnerability has been identified in Microsoft Office Excel, which could be exploited by remote attackers to take complete control of an affected system, or cause the application to crash.

This issue affects all versions of Microsoft Office Excel, with a potential to allow arbitrary malicious code to run in the context of the user running the application and leads to a crash in Excel.

There is currently NO vendor-released patch available for all affected versions to address this threat.

However, malware containing exploits for this vulnerability will be detected as TROJ_MDROPPER.XR with OPR 5.861.00

Applications under Zero-Day Attack:

1. Microsoft Excel – http://www.microsoft.com/technet/security/advisory/968272.mspx (new)

2. Microsoft WordPad – http://www.microsoft.com/technet/security/advisory/960906.mspx

eimir Trend Micro Alert, AntiVirus, Trend Micro, Trojan

The moment all Trend Micro OfficeScan users are waiting for. Finally the OSCE 10.0 is here for beta testing.
Final Release ETA: 2H 2009

NEW! OfficeScan Client/Server Edition (OSCE) 10.0 Beta Program Stage 3 January 16th – March 12th

Dear Valued Customer,

Trend Micro would like to invite you to be in our OfficeScan 10 Beta III program.

OfficeScan 10.0 is the first Trend Micro product to adopt the innovative Cloud Client File Reputation technology. The Cloud Client architecture offers more immediate protection and eliminates the management burden of pattern deployment. It also significantly reduces the overall client footprint. On top of this innovative Anti-Malware approach, Device Access Control, and OfficeScan Application Protection are also included to combat today’s threat landscape in every aspect.

Apart from Anti-Malware solutions, management improvements and the integration with Enterprise IT-management infrastructure are key elements of this new version. The tight integration with Active Directory permits role based administration and Security Compliance reporting.

Key reasons on why customer should participate

Trend Micro Enterprise Security powered by our Smart Protection Network provides the following to stay ahead of content security threats.

1 Cloud Client File Reputation

· With CCFR technology, the OfficeScan client provides more immediate protection with negligible pattern management effort and a lighter footprint.

· Administrators can decide to use either cloud based scanning or traditional scanning technology

2 Web Reputation configuration improvements

· Added granularity, allowing the assignment of Web Reputation policy at various layers of the OfficeScan client tree.

3 Device Access Control

· Capability to granularly control the access and use of fixed and removable devices, such as USB storage

4 Windows Server 2008 Support

· OfficeScan client and OfficeScan management server are fully supported on Window Server 2008 (excluding server core and Hyper-V for now)

To participate:

If you do not have a beta portal account, register here. After registering, please await approval from the Beta Team (approval is within 24 hrs), after receiving approval via email, login to the beta portal and sign up for the Trend Micro OfficeScan Client/Server (OSCE) 10.0 Beta III Program.

If you have a beta portal account, please login and sign up for the Trend Micro OfficeScan Client/Server (OSCE) 10.0 Beta III Program Beta.

If you have a beta portal account but forgot your ID and PW, request a reminder

Sincerely,
Your Friends at Trend Micro

eimir AntiVirus AntiVirus, Trend Micro