IE9 Zero Day Vulnerability Fixed

For a week now it has been known that there is an IE9 Zero Day Vulnerability.

Get This Zero Day Vulnerability Fixed

Now Microsoft have published a fix which came to me today in the form of an update as follows (for Windows 7):

Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2744842)

Update type: Important

Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install the update, you may have to restart your computer.

More information: http://go.microsoft.com/fwlink/?LinkId=255505

Help and Support: http://support.microsoft.com

Zero Day Vulnerabilities are those which have already been exploited by the time the software developer finds out about them.

Phishing Email NOT From TESCO Bank

This phishing email proclaims to come from:

Tesco Personal Finance customerservice@consumercardservicing.tescofinance.com.

As you can see from the image of the email content below if you were to click on the link:

http://www.tescobank.co.uk/1/2/TESCOCAM10;&user=% colin.ride@btinternet.com % you will not go to a Tesco website. Look carefully and you will see that the real URL behind the embedded link is displayed above the hand pointer when the hand hovers over the link in the text.

Tesco Bank Phishing Email 1

In the facsimile above the obscured paragraph reads:

During our regularly scheduled account maintenance and verification
procedures, our records show your Tesco Credit Card Account registered
to email user ” < the recipient’s email address > ” has been inactive for some days.
To securely confirm and reactivate your account please click on the link bellow:

You will in fact go to:

http://www.4gamer.es/images/tools/testes/tes1/login4.htm

This is not somewhere I’m going and I wouldn’t advise anyone to go there. You might pick up a nasty cold. It looks like a games website in Spain (the domain is “es”). I presume the page looks like a Tesco Finance log-in page. When you enter your log-in credentials the owner of the page can save them and use them to log-in to your real Tesco Finance account and play a dirty trick on you.

This email was delivered to my MS Outlook Inbox from a btinternet.com account. It wasn’t picked up by them as spam nor was it detected by Norton Internet Security, presumably because it is a new kid on the block.

I have forwarded the email to TESCO Bank for their perusal.

So now you know how to check a suspect email. Good luck and watch out.

Broadband Speed Boost from BT

Broadband Speed Boost from BTA Broadband speed boost from BT Retail will double their broadband speed on their Infinity lines (the ones fed to the cabinet in the street by fibre optic cable.) They are also going to increase their upload speed from 1.9Mbits/sec to 9.5Mbits/sec on these lines. This is good news for those uploading photos to be printed or web pages they’ve written. Read all about it on PC Pro.

PHISHING SPAM ALERT! Purporting to come from Amazon. BEWARE!

Further to my tweets this is the detail of spam I received today. I have unlinked the links (and coloured them orange) so you can’t get caught out:

Your order has been successfully canceled. For your reference, here’s a summary of your order:

You just canceled order #132-138566-4336469 placed on February 3, 2012.

Status: CANCELED

_____________________________________________________________________

1 of The Suburbs.
By: Una Martin

Sold by: Amazon.com LLC

_____________________________________________________________________

Thank you for visiting Amazon.com!

———————————————————————
Amazon.com
Earth’s Biggest Selection
http://www.amazon.com
———————————————————————

The links go to http://mba.lpru.ac.th/panelists.html. Obviously not Amazon. So look out for it and BEWARE! Note the date is today and whenever it comes to you it may be dated on that day. It wasn’t detected by BT spam filters (BT advised) or Norton Internet Security 2012 or MS Outlook junk mail spam detectors. I suspect it is a new kid on the block.