Microsoft released ten security advisories yesterday to address at least 31 vulnerability issues in its various Windows operating system (OS) versions and other software. This broke the company’s December 2008 record of releasing patches for 28 vulnerabilities. Six of the said vulnerabilities were categorized as critical, three were important, and one was moderate. This means that attackers can exploit these flaws to remotely execute malicious codes in vulnerable systems.

The following list summarizes the above-mentioned vulnerabilities Microsoft OS and software users should patch:

• (MS09-018) Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055)
• (MS09-019) Cumulative Security Update for Internet Explorer (969897)
• (MS09-020) Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)
• (MS09-021) Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
• (MS09-022) Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)
  
• (MS09-023) Vulnerability in Windows Search Could Allow Information Disclosure (963093)
• (MS09-024) Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
• (MS09-025) Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (968537)
• (MS09-026) Vulnerability in RPC Could Allow Elevation of Privilege (970238)
• (MS09-027) Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514)

The most noteworthy of the above-mentioned vulnerabilities is a flaw in Internet Explorer (IE), particularly in version 8, which was first exploited in a hacking competition held earlier in March. Microsoft also released an update that repairs at least seven bugs in Office Excel. It also shipped a single patch to fix around 16 security issues in various versions of PowerPoint.

Adobe also released its first-ever quarterly patch for its Reader and Acrobat product lines the same day Microsoft did. Adobe categorized its release as critical and recommends that users apply the update for their product installations. The updated patched up holes which could cause the applications to crash and potentially allow an attacker to take control of an affected system.

To avoid becoming the victims of these vulnerabilities, users are advised to download the latest security updates from the Microsoft and Adobe websites using the links in this blog entry.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!

HijackThis™ is one of the well-known free utilities of Trend Micro that quickly scans a user’s Windows computer to find settings that may have been changed by spyware, malware, or other unwanted programs. By itself, it does not determine what is good or bad but it lists registry keys and files system of the scanned system where unwanted programs could potentially reside.

Only experienced users and IT experts with outstanding practice in HijackThis could use the initial text information without community help. Almost all users of this tool rely on the online evaluation and analysis of the report provided by several HijackThis communities. A list of some of these communities can be found here.

Edgardo Diaz, Jr., Trend Micro Escalation Engineer,  found a certain executable program (Loaris Trojan Remover) that contained the HijackThis program repackaged using Delphi-based packager InnoSetup. Upon extraction, the user interface (UI) gives the user the option of running HijackThis from an external source.

The application really does install HijackThis on the user’s computer. Unlike the real version, however, Loaris’s repackaged version sells its own antivirus solution using HijackThis as a come-on.

Users who are really interested in using HijackThis may thus be tricked into buying the antivirus by accepting the end-user license agreement (EULA) below that comes with the installer.

Beware, Trend Micro does NOT sell nor intend to sell HijackThis.  Trend Micro supports its communities by providing information and updates to registry keys and the validity of system or BHO (browser helper object) files.

Details and free downloads are available at the TrendSecure website.

This is not the first, not the only, and not the last software used in illicit schemes. Users are strongly advised to download software only from the official vendor sites or highly trusted communities.

Updated on June 10 at 7:47 PM (UTC-7): Loaris Trojan Remover version 1.1.6.8 no longer carries HijackThis in its UI.