QuoteThe company expects to begin delivering the updated version of the chipset to customers in late February and expects full volume recovery in April. Intel stands behind its products and is committed to product quality. For computer makers and other Intel customers that have bought potentially affected chipsets or systems, Intel will work with its OEM partners to accept the return of the affected chipsets, and plans to support modifications or replacements needed on motherboards or systems. The systems with the affected support chips have only been shipping since January 9th and the company believes that relatively few consumers are impacted by this issue. The only systems sold to an end customer potentially impacted are Second Generation Core i5 and Core i7 quad core based systems. Intel believes that consumers can continue to use their systems with confidence, while working with their computer manufacturer for a permanent solution. For further information consumers should contact Intel at http://www.intel.com on the support page or contact their OEM manufacturer.
QuoteOf the 1,344,669 computers cleaned, this is about 1 in 5, a ratio that’s higher than we typically see even when accounting for the normal, first-month spike which results from adding a new family but not exceptionally so.
To put this in greater perspective the removals of Zbot are almost as many as the removals of the #2 and #3 malware families this month combined (Win32/Vundo and Win32/Bubnix respectively). Approximately 86 million computers have run this version of MSRT as we compile this data so we should expect this number to increase as the month continues.
QuoteThe security company's systems had decided that a virus called Huhk-C was present in the explorer.exe file, leading to its confinement or, in some cases, deletion. As Windows Explorer is the graphical user interface (GUI) for Windows' file system, this made it difficult to perform many common tasks within the operating system, such as finding files. David Emm, a senior technology consultant at Kaspersky Lab, told ZDNet UK on Friday that the company was still examining its checklist to find out why the false positive "slipped through the net."
Quote"Daylight saving time arrives a little earlier — March 11 — and stays a little later — Nov. 4 — this year. And it’s bringing a problem along with it that could affect everything from stock trades to airline schedules to your BlackBerry. Software created before the law mandating the change passed in 2005 is set to automatically advance its timekeeping by one hour on the first Sunday in April, not the second Sunday in March. Congress decided that more early evening daylight would translate into energy savings. The result is a glitch reminiscent of the Y2K bug, when cataclysmic crashes were feared if computers interpreted the year 2000 as 1900 and couldn’t reconcile time appearing to move backward. If banks and other institutions aren't properly prepared, automatic stock trades reportedly might happen at the wrong hour, buildings that unlock at a certain time could stay shut, and airline flight schedules could be scrambled."
QuoteThe update is part of the Redwood City, Calif., company's quarterly patch cycle. Oracle preannounced its patch release Thursday, when, for the first time, it published an advance notification so customers could plan ahead to apply the fixes. Oracle's actual Tuesday "Critical Patch Update" has one fix less than the company originally announced. Instead of the planned 27 fixes for its database products, 26 vulnerabilities are addressed in the company's flagship software.
QuoteA security advisory from the Redmond, Wash., company said the flaw can be exploited if a user simply opens a rigged Word document. Affected software versions include Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word.
QuoteMalware makers are starting to take advantage of the number of users searching for cracks for the pirated copies of Vista floating around. A new download has started circulating around the crack boards called "Windows Vista All Versions Activation 21.11.06". It purports to be an activation crack for any version of Vista. However, the file is actually a trojan-carrier which will install Trojan-PSW.Win32.LdPinch.aze onto your PC. BitTorrent users who posted reviews of the crack said that a number of antivirus programs detected the malware, though Norton AntiVirus and NOD32 did not.
QuoteRCSR attacks are also actively targeting Microsoft Internet Explorer, however a flaw in Firefox makes the attack much more likely to succeed. The Password Manager component of FireFox can be exploited to send a username and password combination to an attacker's computer without the user's knowledge. Users of both Firefox and Internet Explorer need to be aware that their information can be stolen in this way when visiting blog and forum websites at trusted addresses.
QuoteThe code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users. The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc., who has blogged about the issue.
QuoteThe browser flaw could affect users who visit a trusted site by opening a pop-up window in that site but containing malicious code. This is the second IE 7 flaw that has been discovered since Microsoft released the browser two weeks ago. Last week, a security flaw was discovered in IE 7 that could spoof the address of a pop-up window. The two IE 7 flaws, if used in conjunction with each other, can easily dupe all but the most security-minded users, said Thomas Kristensen, chief technology officer of security company Secunia, which discovered the flaws.
QuoteThe company said that a small number of video iPods made after Sept. 12 included the RavMonE virus. It said it has seen fewer than 25 reports of the problem, which it said does not affect other models of the media player, nor does it affect Macs. The Cupertino, Calif.-based company apologized on its Web site for the problem, but also used the opportunity to jab at Microsoft, its operating system rival. "As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it," Apple said on its site.
QuoteThe code takes advantage of a weakness in core parts of Mac OS X and could let a user gain additional privileges. Apple provided a fix for the error-handling mechanism of the kernel last week, but the exploit appears to have been authored before then. "It appears to have been written well before the vulnerability was fixed," said Dino Dai Zovi, a researcher with Matasano Security who was credited by Apple with discovering the flaw when the patch was released. "It appears to be a zero-day exploit and may have been distributed before the patch was released."
QuoteMicrosoft worked with the Department of Homeland Security on the alert, a company representative said. "Microsoft...encourages customers to deploy this update on their systems as soon as possible, given that we are aware of targeted exploitation of the vulnerability," the representative said. Microsoft deems the vulnerability critical for all versions of Windows. However, users of Windows XP with Service Pack 2 and Windows Server 2003 with Service Pack 1 should be protected by the Windows Firewall if they do not use file sharing and printer sharing, Christopher Budd, a security program manager at Microsoft, said in an interview Tuesday.
QuoteThe bulk of the Mac OS X flaws affect both the client and server versions of the operating system. Attackers could exploit several of the vulnerabilities, specifically those related to image processing and file compression, by crafting malicious files and tricking people into opening them, Apple said. This attack method is seen often on computers that run Microsoft's Windows operating system. Other flaws could expose user data, let a malicious user gain elevated privileges on a system running Mac OS X, or cause a crash, Apple said.
QuoteInternet Explorer users who visited a Web page containing this ad and whose IE was not equipped with the WMF patch would not get that warning. Rather, their machines would silently download a Trojan horse program that installs junk software in the PurityScan/ClickSpring family of adware. This stuff bombards the user with pop-up ads and tracks their Web usage. Only a little more than half of the anti-virus programs used at anti-virus testing service AV-Test.org flagged the various programs that the Trojan tried to download as malicious or suspicious.
QuoteThe company already knows of some problems and expects others. Only about 40 percent of Windows XP applications can run without any modification, for example. A good chunk of the remainder require only very slight tweaks. Many of those incompatibilities have already been fixed, either through workarounds put in place by Microsoft or in collaboration with the application's maker.
QuoteVirgin, one of the first providers to offer such a service, hopes the service will appeal to its often cash-strapped customers, 65 percent of whom are younger than 30 years old. "Very practically speaking a lot of our customers are value conscious. They manage budgets that are finite," said Howard Handler, the company's chief marketing officer.
QuoteMy Computer>Properties>Advanced>User Profiles
Click on Settings
Under "Profiles stored on this computer" will be entries for every account that has logged on to the machine (representing the saved profile associated with the local or domain account).
Periodically a profile with a name of "unknown" will appear in the list (it should not).
If you select the "unknown profile" and click on delete, the currently logged in profile will be deleted with no warning to save the contents of the "My Documents" folder.
QuoteF-Secure said on Friday that it was aware of seven sites that had been defaced by the worm, which appears designed to combat the Santy worm. The anti-Santy worm searches Google for sites that use the PHP Bulletin Board (phpBB) software exploited by the earlier worm, infects the sites and attempts to make the sites more secure by installing a patch.
QuoteThis follows reports on Tuesday that a number of variants of the Cabir worm have been detected and that these offshoots have evolved beyond their comparatively benign predecessors. The worm affects phones running the Symbian operating system that use Bluetooth wireless technology.
QuoteMicrosoft has had significant problems securing its Web browser in 2004. As a result, the freely available open-source browser Firefox has gained market share. Security experts have recommended that computer users consider other browsers and some schools have told their students to use a non-Microsoft browser.
QuoteA loophole in the Windows Media DRM process allows companies to create ersatz media files and link them to adware. Normally, when you download a protected Windows Media file, you also receive a license that lets you play it. According to Caulton, if Windows Media Player can't find a valid license on your PC, it checks in with a remote system running Microsoft's Windows Media DRM Server.
QuoteThe fixes for the glitches in the Windows operating system will appear on Dec. 14, according to the posting. Microsoft typically releases patches on the second Tuesday of each month, a schedule it decided upon more than a year ago.
QuoteSecunia Research has reported a vulnerability, which affects most browsers. The vulnerability can be exploited by a malicious web site to "hi-jack" a named browser window, regardless of which web site is the true "owner" of the window.
Quote"This is certainly something that is bypassing some of the security features that are meant to be there. It is a way of bypassing the dialogs in IE. It will result in the (malicious) file being saved on the user's computer," said Richmond, who added that the matter would be worse if that file could be saved in a computer’s start-up folder.
QuoteThe new worm, Sasser.B, like its predecessor Sasser.A, takes advantage of a vulnerability in unpatched versions of Windows XP and Windows 2000 systems. The worms infect vulnerable systems by establishing a remote connection to the targeted computer, installing a File Transfer Protocol (FTP) server and then downloading themselves to the new host.
Next Page »
QuoteSober.d arrives as e-mail pretending to be from Microsoft with a patch for the MyDoom worm. Microsoft does not e-mail its customers with new patch information. The subject line could be in either German or English, with random letters or words in some variation of "new Microsoft security patch." The body text, also in German or English, reads:
QuoteAccording to a message posted by SecurityGlobal.net LLC's Security Tracker Web site, a vulnerability was reported in Microsoft Internet Explorer Version 5 that lets a "remote user execute arbitrary code on the target system."
QuoteLast year, there was almost one major virus attack every month, including the well-known Slammer worm, which shut down Internet service providers in South Korea, disrupted plane schedules and knocked out automatic teller machines in January. The Lovegate Internet e-mail worm surfaced in February, while the Bugbear and Sobig viruses, which spread via infected e-mail, appeared in June.
QuotePerhaps the most serious flaw is a memory error in the Windows Workstation service, a software component that facilitates access to network resources such as printers and files. The vulnerability could allow an attacker to gain control of a person's PC via the Internet in much the same way the MSBlast worm was spread to hundreds of thousands of computers in August.
QuoteThe third is a denial-of-service flaw that affects a component known as the remote procedure call (RPC) process. The RPC process facilitates activities such as sharing files and allowing others to use a computer's printer. By sending too much data to the RPC process, an attacker can cause the system to grant full access to its resources. By using the flaws in tandem, a hacker could load unwanted programs onto computers through the buffer overrun flaws and then use the infected computers to launch a denial-of-service attack.
QuoteSeveral other alerts also involve Office applications. A vulnerability in recent versions of Word could allow hackers to automatically run macros, which are mini-programs typically used to automate routine tasks. The flaw--classified as "important"--requires opening a maliciously crafted document, according to the security bulletin. Customers using Word 2002, 2000, 98 or 97 or Works Suite 2003, 2002 or 2001 are urged to apply the patch, as described in the bulletin.