Microsoft Security Bulletin Advance Notification issued: January 20, 2010
Microsoft Security Bulletins to be issued: January 21, 2010

This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on January 21, 2010. The bulletin will be for Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated Critical that are not currently under active attack.

This bulletin advance notification will be replaced with the January bulletin summary on January 21, 2010. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications.

Microsoft will host a webcast to address customer questions on the out-of-band bulletin on January 21, 2010, at 1:00 PM Pacific Time (US & Canada). Register now for the January 21, 1:00 PM Webcast. Afterwards, the Webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcast.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

Source

There are tens of thousands of Hong Ke, or red visitors, as they are known in China. Many are motivated by patriotism, although it is more difficult to establish their relationship with the Chinese government or military, which some experts suspect as being behind the attacks.

The Honker Union, China’s most famous group of Hong Ke, shows the grey area between patriotic hackers and the state. The group has denied involvement in the Google attack.

“The Honker Union … has no interest in getting involved in politics. We work only for the security of Chinese websites,” one of its core members, Lyon, said in a telephone interview. Lyon, his hacker handle, is the head of a department in a major state-owned telecommunications firm and declined to disclose his real name.

Founded in 2001, it was involved in cyber-warfare with U.S. hackers over the Hainan spy plane incident in 2001 and last week attacked Iranian websites in retaliation for the Iranian Cyber Army’s temporary takeover of Chinese search engine Baidu.

“It is pretty clear that many Chinese hackers are motivated by patriotism,” said Trevor T, the pseudonym of an American who helps run Dark Visitor, a U.S.-based blog about Chinese hackers.

“China may not be where the U.S. is militarily, but it clearly has invested a lot of brainpower in developing capabilities that can offset the U.S. advantage in force-on-force conflict,” he said.

Google announced last week that a “sophisticated” attack coming from China resulted in the theft of its intellectual property. It cited the hacking episode, as well as censorship, as reasons it may leave China.

Google did not specify how it knew the attacks came from China, or why it and an estimated 34 other companies were targeted. Cyber experts say source codes may have been the prize.

SO YOU WANT TO BE A HACKER?

The popularity of hacking in China, and hackers’ use of multiple addresses and servers, in Taiwan and elsewhere, makes it hard to prove how or by whom they are coordinated. Would-be hackers in China don’t have to look far to figure out how to do it, thanks to a healthy hacking industry.

For $150, a keen student can buy all the modules online, from programing Trojans to evading anti-virus programs. Tutors are available via instant-messaging and interactive tutorials.

The market for malware in China includes a software known as Grey Pigeon, originally designed to remotely control users’ own computers, that turned out to be an ideal tool for hacking.

Grey Pigeon’s homepage says it was discontinued in 2007, because of rampant misuse for illegal activities, but the 2010 version of Grey Pigeon is easily found for sale online in China.

That market helps hackers quickly exploit any opening.

“Malware groups out of China have been very quick to adopt zero-day exploits,” software flaws for which there is no patch, said Nart Villeneuve, chief research officer at SecDev.cyber.

“They may be operating independently but there may be some sort of market for selling the information that they get.”

Some Chinese hackers train at schools like the Communication Command Academy in Wuhan to get sensitive information, cyber expert James Mulvenon told a congressional commission in 2008.

China now may have up to 50,000 military hackers trained or in training, he said. This could not be independently confirmed.

“Who is most likely to become the leading protagonist … of the next war? The first challenger who has appeared and is the most well known is the computer ‘hacker’,” two People’s Liberation Army (PLA) colonels, Qiao Liang and Wang Xiangsui, wrote in a 1999 book, “Unrestricted Warfare.”

Developing countries can beat more developed countries with war tactics that transcend boundaries, they argued.

“We urgently need to expand our field of vision regarding forces which can be mobilized, in particular non-military forces,” they wrote.

One of the best documented, and coordinated, hacking attacks out of China was reported last year. It took place against exiled Tibetans, an attack that seemed motivated by politics, not profit.

“It’s the political connection that many use to provide the link to the Chinese government,” Villeneuve said.

Similar attacks have targeted foreign reporters in China, and individuals and groups pushing for greater human rights.

(Additional reporting by Benjamin Kang Lim; Editing by Bill Tarrant.)

Source

SEATTLE (Reuters) – Microsoft Corp said it will issue a patch to fix the old version of its Internet Explorer browser that allowed recent attacks on Google Inc’s network in China.

Technology

The patch, due out on Thursday, “addresses the vulnerability related to recent attacks against Google and a small subset of corporations,” said Jerry Bryant, senior security program manager at Microsoft. “Once applied, customers are protected against the known attacks that have been widely publicized.”

Google said last week it had been the target of sophisticated cyber-attacks in China, along with more than 20 other companies. Microsoft acknowledged that the hackers took advantage of a weakness in Internet Explorer 6 to mount the attacks.

Microsoft said it continues to see some attacks, with the only successful attacks against Internet Explorer 6. The most recent version of the software is Internet Explorer 8.

(Reporting by Bill Rigby, editing by Leslie Gevirtz)

Source

This is Serious.

(AFP) – 1 day ago

BEIJING — Google is checking whether any of its China staff helped hackers lead a major cyberattack against the US Internet giant, which is now mulling whether to leave the country, a report said Tuesday. 

The Wall Street Journal, citing unidentified sources, said the internal network access of some of Google’s 700-odd employees in China had been cut off for the duration of the internal investigation. 

It was not immediately clear if Google had found evidence to link any of its China-based staff to either the theft of its intellectual property or alleged attempts to access Gmail accounts of Chinese dissidents. 

Google said Monday it was “business as usual” in China and its employees were at work, after local media reports that some staff had seen their access to Google’s global network cut off and could no longer work. 

The company last week announced it was considering abandoning its Chinese search engine, and could shut its China offices, over theft of its intellectual property by hackers, believed to have been based in China. 

Google says it is no longer willing to bow to Chinese Internet censors by filtering search results on google.cn, but is still seeking talks with Beijing on a solution. 

The United States has asked for an explanation from Beijing over the Google dispute. China says the row will not affect Sino-US ties, but has also insisted that Google and other foreign Internet firms must obey its laws. 

The Foreign Correspondents’ Club of China said Monday that expatriate journalists in a “few” bureaus in Beijing had discovered that their Gmail accounts had been hacked, with messages forwarded to a stranger’s account.

Source