My Antivirus SolutionsMy Antivirus SolutionsDo your computer infected by computer viruses? Don't panic! You can visit this blog. Here, You can download antivirus, antispyware without paying anything. its free. You can share it with your friends too. Help others to protect their pc. Articles
Virus Found in Some Best Buy Digital Frames
2008-01-27 13:25:00 Barry LevineNews Factor NetworkWebsite: http://www.newsfactor.comYou can add to the growing list of things you need to do to keep your computer safe -- scan the digital picture frame.Best Buy has confirmed that some units of its Insignia 10.4-inch Digital Picture Frame, purchased over the holidays, had a computer virus. Last weekend, the retailer noted an advisory from its private label, Insignia, which stated that "a limited number" of the frames, model number NS-DPF-10A, were "contaminated with a computer virus during the manufacturing process."According to news reports, Best Buy is not recalling the frames, but it has pulled the remaining units. It said this was the only Insignia frame product affected, and the product has been discontinued.Precautionary MeasureThe company said that once it was informed of the contamination, it "immediately" withdrew the product from stores and Web sites "as a precautionary measure to protect our customers." Best Buy did note that "some affected ... More About: Virus
Worm fears shut down Skype video feature
2008-01-27 06:15:00 Robert McMillan InfoWorldWebsite: http://www.infoworld.comSan Francisco - Skype has been forced to turn off a video-sharing feature in its software because it could be misused to launch a self-copying worm attack against Skype users, security researchers said Tuesday.A bug in the software, which was first reported last Thursday by security researcher Aviv Raff, stems from the way Skype uses an Internet Explorer component to render HTML.Skype's video-sharing feature allows users to share videos hosted on two sites -- Dailymotion.com and Metacafe.com -- while chatting with other Skype users.Last week Raff showed how attackers could exploit the bug to run unauthorized software on a Skype user's PC. But on Tuesday, the security researcher said the flaw was more serious than he'd first thought. It can "be triggered by simply visiting a Web site, or clicking on a link from your instant messaging application," he wrote in a blog posting, "Which basically means that this vulnerability is... More About: Video , Feature , Worm , Fears
Apple growth will draw malware attacks
2008-01-27 06:05:00 Matt HinesInfoWorldWebsite: http://www.infoworld.comSan Francisco - As Apple continues to grow its worldwide market share and the company's products find their way into more business environments, attackers are certain to follow and create greater volumes of exploits aimed at vulnerabilities in the company's software, security experts contend.According to industry analyst firm Gartner, Apple shipped just over 1 million Mac OS X-based computers during the fourth quarter of 2007, a gain of 227,000 over the fourth quarter of 2006. The analyst firm reported that Apple's U.S. market share for 2007 jumped by 28 percent compared to 2006, rising to just over 6 percent.And with Apple CEO Steve Jobs stating at last week's Macworld Expo and Conference that the company has already sold 4 million iPhones and 5 million copies of Leopard (Mac OS X 10.5), its latest OS, since launching the products last year, the company's prospects look stronger than ever.However, malware researchers and indu... More About: Malware , Growth , Attacks , Draw
Shell, Rolls Royce reportedly hacked by Chinese spies
2007-12-04 04:56:00 Jeremy KirkInfoWorldWebsite: http://www.infoworld.comSan Francisco - Britain's domestic intelligence agency is warning that cybercrime perpetrated by China is on the rise following hacking attacks against Rolls-Royce and Royal Dutch Shell . The agency, known as MI5, recently sent letters to some 300 banks, accounting and legal firms warning that "state organizations" of China were plying their networks for information, according to the Times of London on Monday. The U.K. government refused on Monday to confirm the letters. However, the reported correspondence comes just a month after the U.K.'s top domestic intelligence officer warned of "high levels" of covert activity by at least 20 foreign intelligence agencies, with Russia and China as the most active. "A number of countries continue to devote considerable time and energy trying to steal our sensitive technology on civilian and military projects, and trying... More About: Chinese , Rolls Royce , Hacked , Spies
McAfee: Vista Likely a Hacker Target in 2008
2007-12-04 04:46:00 Jennifer LeClaireNews Factor NetworkWebsite: http://www.newsfactor.com Windows Vista is being relegated to the doghouse again this week for being slower than XP, and security experts are warning that Vista might face more serious malware in the upcoming year. New tests show that Windows XP, coupled with the forthcoming Service Pack 3, performs twice as well as Vista with SP1. Devil Mountain Software discovered that a preview version of SP3 for Windows XP offered a 10 percent performance boost. The software development firm said that performance gains with SP1 for Vista were negligible. However, slower speed is one issue, security is another. Considering the probability that more businesses will begin migrating to Vista in 2008 , security analysts say that the security of Microsoft's latest operating system might be a larger problem than performance. Vista Migration Mixed with Danger? The release of Service Pack 1 for Windows ... More About: Hacker , Target , Mcafee
Google Purges Malware Sites Targeting Searchers
2007-12-04 04:42:00 InformationWeek Website: http://www.informationweek.com In response to a concerted effort by cybercriminals to infect the computers of Google users with malware and make them unwitting partners in crime, Google apparently has purged tens of thousands of malicious Web pages from its index. In a blog post on Monday, Alex Eckelberry, CEO of Sunbelt Software, noted that many search results on Google led to malicious Web pages that expose visitors to exploits that can compromise vulnerable systems. "We're seeing a large amount of seeded search results which lead to malware sites," said Eckelberry. "These are using common, innocent terms -- one researcher landed on a malware site through searching for alternate firmware for a router." Sunbelt published a list of search terms that returned malicious pages, the result of search engine optimization campaigns by c... More About: Malware , Sites , Targeting , Urge
Virus Definition Updates 22/11/2007
2007-11-22 14:20:00 AVG Anti-Virus Free Edition 7.5Download AVG AVI:269.16.4.1Download AVG AVI:269.164.2Download AVG AVI:269.16.4.3Download AVG IAVI:1145Version: -Date: 22/11/2007AntiVir PersonalEdition ClassicDownload AntiVir IVDFVersion: 7.00.00.248Date: 22/11/2007Avast! 4 Home EditionDownload Avast VPSVersion: 071121-0Date: 21/11/2007SymantecDownload Norton VDUVersion: 91121bDate: 21/11/2007Supports the following versions of Symantec antivirus software:Norton AntiVirus 2003 Professional EditionNorton AntiVirus 2003 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2004 Professional EditionNorton AntiVirus 2004 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2005 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2006 for Windows 2000/XP Home/XP ProNorton AntiVirus 2007 for Windows XP Home/XP Pro/VistaNorton AntiVirus for Microsoft Exchange (Intel)Norton SystemWorks (all versions)Norton Utilities for Windows 95/98 (all versions)Symantec AntiVirus 3.0 for CacheFlow Security GatewaySymante... More About: Updates , Definition
Firefox 2 Security Update Coming
2007-11-22 14:16:00 InformationWeek 21/11/2007Website: http://www.informationweek.com Even as Firefox 3 moves into beta, Firefox 2 is getting a security makeover. The Mozilla Quality Assurance Community has called for volunteers to help test Release Candidate Builds of Firefox 2.0.0.10, which is expected to be released next week, following the Thanksgiving holiday. Firefox 2.0.0.10 addresses a Java Archive handling bug that was first reported back in February. The vulnerability allows a malicious attacker to conduct a cross-site scripting attack by hiding exploit code in a Java Archive (.jar) file. This is because the .jar protocol is not restricted to .jar files and will open .zip files, which can be malicious. "In simple terms, [this] means that any application which allows upload of .jar/.zip files is potentially vulnerable to a persistent cross-site scripting," said Petko Petkov, founder of security ... More About: Security , Update
MySpace Hacker Tells His Story
2007-11-22 14:12:00 PC World 20/11/2007Website: http://www.pcworld.com If Samy Kamkar plays his cards right, he may be allowed to visit MySpace again in just a few months. For the time being, however, he's not even allowed to touch a computer, following a January 2007 guilty plea for creating what many consider to be the first Web 2.0 worm: the Samy worm.Samy's worm wasn't malicious, but it did force News Corp.'s MySpace social-networking site to shut down in late 2005 after forcing more than 1 million users to declare Samy a "hero" on their profile pages. Last week, Samy, who is now 21, made his first public appearance since his conviction, attending the OWASP App Sec 2007 conference, hosted by eBay, in San Jose, California. He was treated like a celebrity at the show, but there were some complications. Under the terms of his plea agreement, he can only use computers for work, so he was forced to show slides that he'd dictated to a friend on a computer that was operated by a conference staffer. ... More About: Story , Myspace , Hacker , Tells
MySpace Still Denies Security Holes
2007-11-13 06:50:00 News Factor Network 12/11/2007Website: http://www.newsfactor.com Alicia Keys' MySpace page isn't the only profile to be hacked with malware. Some 8,000 band profiles have been hacked in the exact same way -- and many of those profiles are still linked to malware sites, according to security researcher Chris Boyd, who first posted information about the attack on October 31.MySpace has denied that there is a security problem with the social-networking site, saying that the bands that were hacked fell victim to phishing attacks, which compromised their profile passwords. Writing on his VitalSecurity blog, Boyd said MySpace's explanation defies rational thinking. "This is patently nonsense," Boyd wrote. "What -- an endless stream of bands, record labels, music newspapers, and producers all woke up yesterday and forgot what the real MySpace Web site looks like? Give me a break." 'Bubbling Scum of Malware' The fact that Keys' profile was rehacked after... More About: Myspace , Holes
Some Ad Networks Are Bad News
2007-11-13 06:46:00 By Larry Seltzer - eWEEK You wouldn't go surfing to just any site. You're careful about where you go. You only go to sites you trust. But who are you trusting? A series of recent attacks has resulted in seemingly respectable news sites serving malware and redirecting users to sites that serve malware. The problem is in the ads on those news sites. The ads are served by advertising networks that weren't careful enough with their own security. When you trust a Web site you have to trust everyone it's in bed with.The first one I became aware of was YNet, an Israeli news site. Don't go to that site just yet. The Ynetnews.com site I read is in English. The Hebrew site at ynet.co.il is far more popular, in fact the most popular news site in Israel. It is the Internet site for Yedioth Ahronoth, a very large Israeli newspaper. About two weeks ago I noticed that after going to the page from a bookmark that had only the domain ... More About: News , Networks , Bad News , Some
Hacker Pleads Guilty to Spreading Botnets
2007-11-10 15:59:00 PCWorld 10/11/2007Website: http://www.pcworld.com A hacker has pleaded guilty to infecting hundreds of thousands of computers with malware in order to steal money from Paypal accounts. He could spend 60 years in prison and face a US$1.75 million fine. John Schiefer, 26, admitted that he and some associates developed malware that allowed them to create botnet armies of as many as 250,000 computers. Schiefer was able to collect information sent from the infected computers, including usernames and passwords for Paypal accounts. He and his associates were then able to make purchases using the Paypal accounts. They also shared the password information with others. This is the first prosecution of a hacker for this type of activity, according to the United States Attorney's Office for the Central District of California. The Federal Bureau of Investigation pursued the case. Schiefer says he also found Paypal userna... More About: Hacker , Botnets , Guilty
Virus Definition Updates 10/11/2007
2007-11-10 15:46:00 AVG Anti-Virus Free Edition 7.5Download AVG AVI:269.15.28.1Download AVG AVI:269.15.28.2Download AVG AVI:269.15.28.3Download AVG IAVI:1122Version: -Date: 10/11/2007AntiVir PersonalEdition ClassicDownload AntiVir IVDFVersion: 7.00.00.197Date: 9/11/2007Avast! 4 Home EditionDownload Avast VPSVersion: 071109-0Date: 9/11/2007SymantecDownload Norton VDUVersion: 91109qDate: 9/11/2007Supports the following versions of Symantec antivirus software:Norton AntiVirus 2003 Professional EditionNorton AntiVirus 2003 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2004 Professional EditionNorton AntiVirus 2004 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2005 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2006 for Windows 2000/XP Home/XP ProNorton AntiVirus 2007 for Windows XP Home/XP Pro/VistaNorton AntiVirus for Microsoft Exchange (Intel)Norton SystemWorks (all versions)Norton Utilities for Windows 95/98 (all versions)Symantec AntiVirus 3.0 for CacheFlow Security GatewaySymant... More About: Updates , Definition
Malware Planted on MySpace Once Again
2007-11-10 08:54:00 News Factor Network 9/11/2007Website: http://www.newsfactor.com Attackers are piggybacking on the fame of R&B recording artist Alicia Keys to spread their malware over the Web. Keys' MySpace page has been infected with malicious software.Exploit Prevention Labs discovered the attack, one of several targeted MySpace pages. French funk band Greements of Fortune and Glasgow rock band Dykeenies were also targets of the Web-based attack. "When a visitor visits the infected page, they're first hit by an exploit which installs malware in the background if they're not fully patched against the latest security vulnerabilities, and next they're presented with a fake codec which tells them they need to install a codec to view the video," said Roger Thompson, CTO at Exploit Prevention Labs. "So even if they're patched, they can fall victim to the exploit." One Hack After Another Specifically, visitors to these MySpace pages are directed to co8vd.cn/s. Th... More About: Myspace , Malware
Need mobile spyware? Look on eBay
2007-11-10 08:42:00 InfoWorld 9/11/2007Website: http://www.infoworld.com San Francisco - Think your wife may be cheating on you? Wondering who your boss might be talking to? "Learn the truth. Spy today." So reads an ad for "Bluetooth Spy Pro-Edition," one of nearly 200 mobile phone spyware products currently listed for sale on eBay. The software, which costs as little as $3.99, can be used to view photographs, messages, and files on the phone, listen into phone conversations, and even make calls from the phone being spied upon. Security experts are concerned because while these products aren't illegal, installing them without authorization to spy on someone else most definitely is. And that's exactly what some of these products seem to be advertising. "You can now easily find out who your partner, business associates, friends have been in contact with," reads the Bluetooth Spy ad. "Whether you are suspicious of an affair or would just like information that will help progress your career, you can now ... More About: Mobile , Spyware , Ebay
Apple Patches QuickTime Holes, Microsoft Warns Of Macrovision Driver Flaw
2007-11-07 12:52:00 InformationWeek 6/11/2007Website: http://www.informationweek.com Apple on Monday released QuickTime 7.3 for Mac OS X and Windows XP SP2 to patch seven vulnerabilities in its multimedia software.All seven of the vulnerabilities have the potential to allow arbitrary code execution by an attacker if the user visited a site with certain maliciously crafted movie or image files, or a maliciously crafted Java applet. Apple updated QuickTime to version 7.2 in July, when it fixed eight security problems with the software. Microsoft meanwhile warned Monday that a flaw it the Macrovision secdrv.sys driver in Windows Server 2003 and Windows XP is actively being exploited. An attacker making use of the vulnerability potentially could gain elevated privileges to the affected system. "This vulnerability does not affect Windows Vista," Microsoft said. "We are aware of limited attacks that try to use the reported vulnerability. Microsoft is actively monitoring this s... More About: Driver , Patches , Holes
Microsoft to patch software driver vulnerability
2007-11-07 12:50:00 InfoWorld 6/11/2007Website: http://www.infoworld.com San Francisco (IDGNS) - Microsoft has warned that a faulty driver used for copy protection could allow a hacker to gain high-level access to a PC.The problem lies with a driver called secdrv.sys, which is part Macrovision's SafeDisc software included with Windows Server 2003 and Windows XP. The software, which can block unauthorized copying of some media, also ships with Windows Vista, but that OS is not affected. Microsoft said it knows of "limited attacks" that try to use the vulnerability, in an attack known as an elevation of privilege. The vulnerability could allow a hacker with local access to a machine to elevate his access rights and gain administrator rights, for example, allowing him to install software. Microsoft said it was concerned that the vulnerability had been disclosed before it had a chance to fix it, which puts people at greater risk. "We continue to encourage responsible disclosure ... More About: Software , Driver , Vulnerability , Patch
Mac Users Targeted with Nasty Malware
2007-11-02 09:51:00 News Factor Network 1/11/2007Website: http://www.newsfactor.com So much for Mac users avoiding bugs, worms, and other security nuisances. A Trojan targeting Macs is on the loose, and it's hanging out on porn sites, according to security researchers.The incident was first reported by Intego, a Mac security software vendor. Sunbelt Software, the SANS Institute's Internet Storm Center (ISC), Sophos, and McAfee have confirmed the Trojan. Dubbed "OSX.RSPlug.a," the Trojan changes the Mac's Domain Name System (DNS) settings to redirect unsuspecting users to different sites. "The whole Trojan is relatively simple and works almost exactly the same as its brother for Windows," said ISC analyst Bojan Zdrnja in a warning the center posted on Thursday. "The bad guys are taking Mac seriously now. This is a professional attempt at attacking Mac systems, and they could have been much more damaging." Porn Opens the Door The family of malware that is targeting Macs is called "Puper." It'... More About: Malware , Users , Nasty
Fortress Mac Is Gone
2007-11-02 09:44:00 eWeek 1/11/2007Website: http://www.eweek.com Several pornography sites are loading a Trojan disguised as a video codec required to view content on Macs—the first Mac-targeted malware exploit to be spotted in the wild and validation of security researchers' long-maintained prediction that, sooner or later, the rationale for Mac security smugness would rub off."[Users infected by visiting questionable Web sites] began using Macs as most malware target the Windows operating system. Well, soon enough, it may not matter which OS you are using," said Symantec's Joji Hamada in a Nov. 1 posting. Sunbelt Software and Intego, a maker of Mac security software, are warning that a mother lode of spam has been posted to many Mac forums in an attempt to trick users into visiting sites with rigged porn photos. The photos are from reputed porn videos. If Mac users click on the stills to view the videos, they're taken to a site that informs them that the QuickTime Player is unable to play the... More About: Fortress
Researchers dig for hidden links in spam
2007-11-02 09:40:00 InfoWorld 1/11/2007Website: http://www.infoworld.comSan Francisco (IDGNS) - Filtering spam messages is a thankless job for software. For every 100 spam e-mails, one message usually gets through, an irritating pitch with links to Web sites selling questionable drugs or sketchy Rolexes. The links contained within spam are one indicator in determining whether it should be blocked. Often after a large spam run, the addresses of spammy Web sites will be added to blocklists that are used by antispam software to cull future messages with those links. To get around it, spammers construct e-mails with links that can't be identified by filters but still are valid in the messages, said Christopher Fuhrman, a professor of software engineering in the Department of Software and IT Engineering at the University of Quebec. Spam mers do this by "munging" the HTML -- adding backslashes, taking out tags -- so that the message and its links are still readable by the rendering engines of browsers or... More About: Links , Hidden
Storm Worm Sent 15 Million Pump-And-Dump E-Mails Last Month
2007-11-02 09:37:00 PCWorld 30/10/2007Website: http://www.pcworld.com The Storm Worm botnet network may be shrinking in size, but it has managed to send out 15 million annoying audio spam messages in October, according to antispam vendor, MessageLabs. It's hard to believe that the Storm messages were effective. Recipients had to first click on an attachment-- usually given a misleading name like beatles.mp3 or Britney.mp3-- to hear the stock pitch, which featured a warbly robotic woman advising people to invest in online car seller, Exit Only. This kind of scam, called "pump-and-dump", tries to nudge up the price of penny stocks by a cent or two, giving the spammers a way to make a quick buck by selling the stock before it crashes. Spammers have been delivering their messages in different formats, including.pdf and Excel files, over the past few years as part of a cat-and-mouse game with spam blockers. This... More About: Million , Storm Worm , Pump
Virus Definition Updates 2/11/2007
2007-11-02 09:04:00 AVG Anti-Virus Free Edition 7.5Download AVG AVI:269.15.18.1Download AVG AVI:269.15.18.2Download AVG AVI:269.15.18.3Download AVG IAVI:1104Version: -Date: 1/11/2007AntiVir PersonalEdition ClassicDownload AntiVir IVDFVersion: 7.00.00.163Date: 2/11/2007Avast! 4 Home EditionDownload Avast VPSVersion: 071102-0Date: 2/11/2007SymantecDownload Norton VDUVersion: 91101pDate: 1/11/2007Supports the following versions of Symantec antivirus software:Norton AntiVirus 2003 Professional EditionNorton AntiVirus 2003 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2004 Professional EditionNorton AntiVirus 2004 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2005 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2006 for Windows 2000/XP Home/XP ProNorton AntiVirus 2007 for Windows XP Home/XP Pro/VistaNorton AntiVirus for Microsoft Exchange (Intel)Norton SystemWorks (all versions)Norton Utilities for Windows 95/98 (all versions)Symantec AntiVirus 3.0 for CacheFlow Security GatewaySymante... More About: Updates , Definition
FTC: More spyware-fighting tools needed
2007-10-30 03:40:00 InfoWorld 29/10/2007Website: http://www.infoworld.com San Francisco (IDGNS) - Organizations and law enforcement agencies fighting spyware are making progress, but new tools in an antispyware bill stalled in the U.S. Congress could improve the efforts, a member of the U.S. Federal Trade Commission said Monday. One of the spyware bills passed by the House of Representatives earlier this year, the Spy Act, would give the FTC authority to impose civil fines on companies that distribute spyware to consumers' computers. The bill, along with the Internet Spyware Prevention (or I-SPY) Act, have stalled in the Senate since passing the House in May and June. The FTC has the authority to collect profits from spyware operations and collect money for consumer redress, but it lacks the authority to impose other fines, as it does when going after spammers, said Commissioner Jon Leibowitz, speaking at a spyware forum in Washington, D.C. Assigning a dollar figure to consumer harm is tricky in man... More About: Tools , Fighting
Attack code out for critical Kodak bug in Windows
2007-10-30 03:34:00 InfoWorld 27/10/2007Website: http://www.infoworld.com San Francisco (IDGNS) - A hacker has released attack code that could be used to exploit a critical bug in some versions of the Windows operating system. Microsoft patched the flaw, which affects older versions of Windows, on Oct. 9. When the Image Viewer tries to open a maliciously encoded TIFF file, it can be tricked into running unauthorized software on the PC. A sample of the exploit was posted Monday to the Milw0rm Web site. The code has not yet been used in online attacks, according to Symantec, which issued an alert Monday. Symantec recommends that Windows users install the MS07-055 update as quickly as possible. Microsoft took the unusual step of issuing its own security update for Kodak 's software, because the image viewer (formerly known as the Wang Image Viewer) had shipped in Windows 2000 systems by default. Still, many Windows users are not affected by the problem. Windows XP and Windows Server 2003 users should ... More About: Code , Attack , Critical
PDF files used to attack computers: security firm
2007-10-27 14:01:00 Reuters 27/10/2007Website: http://www.reuters.comHELSINKI (Reuters) - Emails containing malicious PDF files have been putting computers at risk since Friday, Finnish security software firm F-Secure said on Saturday."The emails sent in bulk looked like credit card statements, and contained an attachment called 'report.pdf'," its chief research officer Mikko Hypponen said in a statement.When such PDF files are viewed on vulnerable machines, they start downloading software from servers in Malaysia or Sweden, which are now being cleaned, he said. "There will be more such attacks.""We are worried about this case, as PDF attachments are typically not filtered at email gateways."A security update for Acrobat Reader, which opens PDF files, was made available a few days ago, but many users have not updated the program yet, Hypponen said. More About: Security , Computers , Files , Attack , Atta
Adobe Patches Critical PDF Vulnerability
2007-10-25 07:07:00 News Factor Network 24/10/2007Website: http://www.newsfactor.comAdobe patched its Acrobat and Reader programs on Monday. The fix plugs a hole that exposed Windows XP users to attackers sending PDF files containing malware. According to various reports, exploits are running rampant around the Internet in search of unpatched applications."Critic al vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system," Adobe said in a security bulletin. "A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities."Windows XP users who also run Internet Explorer 7 are at risk. Adobe first admitted to the bug about two weeks ago and posted a complex workaround that required users to edit the Windows registry. The flaw was first discovered on September 20 by "pdp" on the Gnucitizen Web site.Anatomy of the AttackAtta... More About: Patches , Vulnerability
Evil PDF Exploiting Windows-IE Flaw in the Wild
2007-10-24 10:20:00 eWeek 23/10/2007Website: http://www.eweek.comA malicious PDF is exploiting a URL-handling flaw in Windows XP and Windows Server 2003 running IE7. A PDF Trojan horse is spreading malware by exploiting a URL-handling vulnerability in Windows XP and Windows Server 2003 running Internet Explorer 7, Symantec warned customers of its DeepSight Alert Services on Oct. 23.On Oct. 10, Microsoft released Security Advisory 943521 about this vulnerability and public reports of remote code execution. At the time, it said a patch was in the works.The vulnerability is caused by insufficient validation of URLs. Attackers can leverage the flaw to execute arbitrary commands via maliciously crated URLs.Symantec noted in its advisory that the issue was originally disclosed in July but initially received scant attention. In light of new research, public exploits and Microsoft's advisory, Symantec considers the problem to be more severe."With the ease of exploitation, the availability of public proof-of... More About: Wild , Evil
Virus Definition Updates 24/10/2007
2007-10-24 10:10:00 AVG Anti-Virus Free Edition 7.5Download AVG AVI:269.15.8.1Download AVG AVI:269.15.8.2Download AVG AVI:269.15.8.3Download AVG IAVI:1089Version: -Date: 23/10/2007AntiVir PersonalEdition ClassicDownload AntiVir IVDFVersion: 7.00.00.126Date: 24/10/2007Avast! 4 Home EditionDownload Avast VPSVersion: 000783-1Date: 22/10/2007SymantecDownload Norton VDUVersion: 91023pDate: 23/10/2007Supports the following versions of Symantec antivirus software:Norton AntiVirus 2003 Professional EditionNorton AntiVirus 2003 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2004 Professional EditionNorton AntiVirus 2004 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2005 for Windows 98/Me/2000/XP Home/XP ProNorton AntiVirus 2006 for Windows 2000/XP Home/XP ProNorton AntiVirus 2007 for Windows XP Home/XP Pro/VistaNorton AntiVirus for Microsoft Exchange (Intel)Norton SystemWorks (all versions)Norton Utilities for Windows 95/98 (all versions)Symantec AntiVirus 3.0 for CacheFlow Security GatewaySymant... More About: Updates , Definition
Spammers turn to MP3s to deliver pitches
2007-10-24 10:01:00 Associated Press 22/10/2007Website: http://www.ap.orgSAN JOSE, Calif. - Spam is now being served in audio form.The latest in unwanted electronic communication is an MP3 file that began landing in inboxes around the world last week. It features a spooky, synthesized Darth-Vader-sounding female voice touting the stock of Exit Only Inc., traded on the lower-standard Pink Sheets."Hello, this is an investor alert!" the halting, at times unintelligible voice says. Her pitch invokes the growth prospects of Exit Only, a Web site operator that runs Text4Cars.com, which links auto buyers and sellers via text messages.Computer security researchers say the audio blasts — MP3 files with misleading names attached to spam e-mails — reflect spammers' need to slip their messages through increasingly sophisticated e-mail filters.The MP3s masquerade as cell phone ringtones or carry names like "bartsimpson.mp3" and "justintimberlake.mp3," said Keith Crosley, director of market development for Proo... More About: Turn , Spammers , Deli
Avira warns against spam emails with MP3 files
More articles from this author:2007-10-20 14:31:00 AVIRAWebsite: http://www.avira.comTettnang, 19 October 2007 – Computer users are confronted with a new spam method: they become the unwilling recipients of emails with attached audio files. Whoever opens them - they can be played with any Windows Media Player - hears advertising messages in English. The mails do not contain a subject or a text. The MP3 files have many different names that appear to refer, for example, to a well-known pop star or important information. The problem with this spam method is that users do not yet know about it and therefore react without suspicion. Spam filters are generally ineffective, but above all the size of the mass MP3 mails places a heavy strain on mailboxes, especially those of businesses. So called “stock spam” has already spread in other file formats, for instance, in the form of image files (PDF). More About: Emails , Files 1, 2, 3 |
|
 |
|
 |
