Microsoft Vulnerabilities Workaround

The attack code has been made public for two unpatched Microsoft vulnerabilities. The attack code for CVE-2012-1875 integrated into Metasploit targets Internet Explorer 8 on Windows XP with Service Pack 3.

As described in Microsofts' Security Advisory:

The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website.

Microsoft has yet to release a security patch for this vulnerability. However, a Microsoft "Fix it" tool that blocks the attack vector is available for download.

The public availability of exploit code for both of these vulnerabilities increases the chances that they will be exploited in new attacks. Users are advised to install the security patch for CVE-2012-1875 and the Microsoft Fix it tool for CVE-2012-1889 as soon as possible in order to protect themselves.

CVE-2012-1889
Because the link to Microsoft's Knowledgebase article (contained in their security advisory) is a 404 (not to mention the advisory is extremely confusing at best), I'm posting direct links here to Microsofts' FixIt Tool for the benefit of our readers.

Microsoft FixIt
As an interim work-around, Microsoft has provided a Microsoft Fix it solution that blocks the attack vector for this vulnerability. It's suggested that you save both files so that you can disable the solution prior to installing the update when it is released.

To Enable Microsoft Fix it 50897 http://go.microsoft.com/?linkid=9811924

This will download a file, MicrosoftFixit50897.msi to your computer. Double-click on the file to run it, accept the licensing agreement, and allow the Fix to install.

To Disable Microsoft Fix it 50898 http://go.microsoft.com/?linkid=9811925
Do this after a patch is released.

CVE-2012-1875
Microsoft has released a security patch to address CVE-2012-1875, you can install this by visiting Microsoft update. More information about this vulnerability can be found here: Cumulative Security Update for Internet Explorer (2699988).

AtMail Webmail plugin to be removed

AtMail, one of the four webmail plugins we offer, will be discontinuing their open source product and switching to a commercial (paid) licensed product only. cPanel has announced they will be removing AtMail from cPanel as of August 2012. We've decided to disable it on our servers as of July 1, 2012. 

If you're a regular Webmail user, please check out the other three webmail plugins available: Horde, SquirrelMail, and RoundCube. With Webmail you aren't tied to any one application...all three take you to the same email. Each has different features as well as a different look and feel (and different levels of theme customization), but they all take you to the same email. 

I'll admit I'm going to miss AtMail. It had a nice, clean interface...though in my opinion it's in no way worth what they're charging for it. Roundcube is a close second as far as look and feel. Though cPanel has no immediate plans to replace AtMail, we may start looking around at other Webmail application options. 

 

If there's one you've always wanted, please feel free to let us know! We always encourage user feedback, and try to implement as many user suggestions as possible.