Keyword: lookoutexpress

Brevity: Headers | « Text »
  • Worm lures victims with 'Naked World Cup': World Cup malware targets English speakers

    06/20/2006 5:32:25 PM PDT · by bwteim · 32 replies · 1,681+ views
    Infoworld ^ | June 20, 2006 | Robert McMillan, IDG News Service
    Worm lures victims with 'Naked World Cup'- World Cup malware targets English speakers By Robert McMillan, IDG News Service June 20, 2006 Soccer purists can breathe a sigh of relief. There is no Naked World Cup. IT professionals, on the other hand, may want to be a little more vigilant, as a new e-mail worm is on the loose that preys on the intense worldwide interest in the international sporting event. Called Sixem-A, the worm began circulating earlier this week, and has just recently been blocked by antivirus vendors. So far, the worm has been detected at only a handful...
  • Microsoft Official: Malware Recovery Not Always Possible

    04/04/2006 6:41:25 PM PDT · by HAL9000 · 133 replies · 3,259+ views
    FoxNews.com (Excerpt) ^ | April 4, 2006 | Rayn Naraine
    Excerpt - LAKE BUENA VISTA, Fla. — In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at...
  • 'Critical' IE bug threatens PC users

    03/27/2006 6:58:48 PM PST · by Ernest_at_the_Beach · 43 replies · 1,238+ views
    theregister.co.uk ^ | Monday 27th March 2006 09:14 GMT | Ciara O'Brien, ElectricNews.net
    A dangerous new exploit in Internet Explorer could put PCs and data at risk, Microsoft has admitted. The flaw, for which code has already been published on the internet, could be exploited to set an email-borne virus free on the unsuspecting public. Potential viruses could come as an attachment that conceals the code, or could possibly redirect users to a site that will unleash the code on the user's machine, leaving the computer open to remote attack. Once the PC is being controlled by a malicious user, it can then be used to launch attacks on other PCs. Even supposedly...
  • WMF (Windows meta file) exploit

    01/02/2006 5:07:56 AM PST · by KeyWest · 49 replies · 2,054+ views
    The SANS Institute ^ | January 2, 2005 | Various
    Looking forward to the week ahead, I find myself in the very peculiar position of having to say something that I don't believe has ever been said here in the Handler's diary before: "Please, trust us." I've written more than a few diaries, and I've often been silly or said funny things, but now, I'm being as straightforward and honest as I can possibly be: the Microsoft WMF vulnerability is bad. It is very, very bad.
  • Microsoft To Patch Windows on January 10th; Attack Spreads

    01/03/2006 11:42:23 AM PST · by HAL9000 · 52 replies · 3,487+ views
    Dow Jones News Service (excerpt) ^ | January 3, 2006 | Chris Reiter
    Excerpt - NEW YORK -(Dow Jones)- Microsoft Corp. (MSFT) plans to release a patch for a new security flaw at its next scheduled update release on Jan. 10, leaving users largely unprotected until then from a rapidly spreading computer virus strain. "Microsoft's delay is inexcusable," said Alan Paller, director of research at computer security group SANS Institute. "There's no excuse other than incompetence and negligence." "It's a problem that there's no known solution from Microsoft," said Alfred Huger, senior director of engineering at Symantec Corp.'s (SYMC) security response team. SANS Institute, via its Internet Storm Center, has taken the unusual...
  • Windows PCs face ‘huge’ virus threat

    01/02/2006 3:54:03 PM PST · by Swordmaker · 204 replies · 7,105+ views
    Financial Times via Drudge ^ | January 2 2006 18:18 | By Kevin Allison in San Francisco
    Computer security experts were grappling with the threat of a newweakness in Microsoft’s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The news marks the latest security setback for Microsoft, the world’s biggest software company, whose Windows operating system is a favourite target for hackers. “The potential [security threat] is huge,” said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. “It’s probably bigger than for any other vulnerability we’ve seen. Any version of Windows is vulnerable right now.” The flaw, which allows hackers to infect computers using...
  • Potential new unpatched IE exploit ? ~ Yes...may affect other Browsers also...

    12/28/2005 2:55:03 PM PST · by Ernest_at_the_Beach · 69 replies · 3,196+ views
    Websense Security Labs ^ | Dec 28 2005 11:19AM | Websense Security Labs Blog Staff
    This alert is a follow-up to a post made yesterday on our blog: http://www.websensesecuritylabs.com/blog/ Websense® Security Labs™ has discovered numerous websites exploiting an unpatched Windows vulnerability in the handling of .WMF image files. The websites which have been uncovered at this point are using the exploit to distribute Spyware applications and other Potentially Unwanted Soware. The user's desktop background is replaced with a message warning of a spyware infection and a "spyware cleaning" application is launched. This application prompts the user to enter credit card information in order to remove the detected spyware. The background image used and the "spyware...
  • Exploit Released for Unpatched Windows Flaw

    12/28/2005 5:45:47 PM PST · by Salo · 25 replies · 1,376+ views
    Washington ComPost ^ | 12/28/05 | Brian Krebs
    Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied.
  • Outlook Express tech help needed (VANITY)

    12/05/2003 10:02:05 PM PST · by ILBBACH · 23 replies · 371+ views
    ILBBACH | 12/6/03 | ILBBACH
    I have been receiving an email since mid-afternoon. I guess its really huge and I tried to get the program to quit, but it won't. How do I stop this? PLEASE HELP!
  • Microsoft makes Outlook Express U-turn

    08/15/2003 10:30:34 AM PDT · by HAL9000 · 131 replies · 1,007+ views
    Silicon.com ^ | August 15, 2003
    Just days after announcing that it planned to halt development on Outlook Express, Microsoft has been forced to change its position following internal confusion and an outcry from customers. As reported earlier this week on silicon.com Microsoft had planned to stop product development on Outlook Express, which forms part of the Internet Explorer code bundled with consumer versions of Windows. At the time Dan Leach, Office product manager, said: "The technology doesn't go away, but no new work is being done." Under that vision, consumers would have been directed towards the company's MSN software, while businesses would be encouraged...
  • Microsoft kills off Outlook Express

    08/13/2003 2:52:32 PM PDT · by HAL9000 · 65 replies · 614+ views
    ZDNet ^ | August 13, 2003 | Angus Kidman
    It might be the world's most widely distributed e-mail client, but Microsoft has confirmed that it has no intention of further developing Outlook Express. "[Outlook Express] just sits where it is," said Dan Leach, lead product manager for Microsoft's information worker product management group. "The technology doesn't go away, but no new work is being done. It is consumer e-mail in an early iteration, and our investment in the consumer space is now focused around Hotmail and MSN. That's where we're putting the emphasis in terms of new investment and new development work." While Outlook Express has always been...
  • Microsoft Outlook Express Patch Flawed

    10/11/2002 9:45:53 PM PDT · by Ernest_at_the_Beach · 8 replies · 328+ views
    EXTREMETECH .com ^ | October 11, 2002 | Dennis Fisher, eWEEK
    <p>Microsoft Corp. on Friday said that a patch it released Thursday for an Outlook Express vulnerability erroneously tells users they need a different version of Internet Explorer in order to install the fix. In fact, the patch requires IE 6, but users who have installed Service Pack 1 for the browser are already protected against the new flaw. Thus when these users try to install the new patch, they receive an error message.</p>
  • Outlook Express flaw speeds hacking

    10/11/2002 11:31:02 AM PDT · by Bush2000 · 3 replies · 242+ views
    CNET News.com ^ | October 11, 2002, 10:40 AM PT | Robert Lemos
    Outlook Express flaw speeds hacking By Robert Lemos Staff Writer, CNET News.com October 11, 2002, 10:40 AM PT Microsoft warned Outlook Express users late Thursday that a software flaw could allow an online vandal to control their computers. A critical vulnerability in the e-mail reader could allow an attacker to send a specially formatted message that would crash the software and potentially take control of the recipient's computer. The flaw occurs in how the software handles messages that include components using secure MIME (multipurpose Internet mail extensions), a standard that allows e-mail messages to contain encrypted data and digital signatures....
  • Outlook Express - much problems

    03/06/2002 3:54:27 PM PST · by Hot Tabasco · 31 replies · 956+ views
    March 6, 2002 | zcat
    My system: Dell Dimension 8100 with windows ME which I have since upgraded to 2000 I cannot utilize Outlook Express. Everything is read-only, if I attempt to forward, reply or even open, I get the following message: msimn.exe has generated errors and will be closed by windows. You will need to restart the programs.Couple weeks ago had a major break down, lost files, computer wasnt working properly, and while on phone to Dell support, system died. Dell sent me a new mother board which I have since installed. Downloaded IE 6.0, and have since uninstalled it and loaded 5.5. Still ...
  • Severe(?) Outlook/Outlook Express Security Problem

    07/22/2002 7:33:24 AM PDT · by MikeJ · 17 replies · 487+ views
    Several vulnerabilities were reported in Outlook Express (OE). A remote user can send malicious e-mail with an attachment that will bypass OE's malicious file type filter and misrepresent the name and size of the file. http://securitytracker.com/alerts/2002/Jul/1004805.html
  • Now, Every Keystroke Can Betray You

    09/18/2005 5:35:49 PM PDT · by Crackingham · 52 replies · 2,567+ views
    LA Times ^ | 9/18/05 | Joseph Menn
    Bank customers know to shield their ATM passwords from prying eyes. But with the rise of online banking, computer users may not realize electronic snoops might be peeking over their shoulder every time they type. In a twist on online fraud, hackers and identity thieves are infecting computers with increasingly sophisticated programs that record bank passwords and other key financial data and send them to crooks over the Internet. That's what happened to Tim Brown, who had account information swiped out of the PC at his Simi Valley store. "It's scary they could see my keystrokes," said Brown, owner of...
  • Warnings of Katrina E-Mail Scams

    09/03/2005 4:15:59 AM PDT · by Our_Man_In_Gough_Island · 13 replies · 731+ views
    BBC ^ | 2 Sept 2005 | Staff
    Computer users are being urged to be on guard for a bogus e-mail that pretends to offer news updates about Hurricane Katrina as a means to infect their PCs. The malicious e-mail gives a brief news bulletin on the disaster before urging people to click "read more" and be taken to the full story on a website. Yet once directed to the website, a virus is sent to the user's computer. People are also being told to watch out for fraudulent e-mail scams pretending to raise cash for Katrina victims. It's sickening to think that hackers are prepared to exploit...
  • Microsoft sees 3 'critical' Windows security flaws

    08/09/2005 2:03:40 PM PDT · by Fractal Trader · 49 replies · 1,297+ views
    AP via Boston.com ^ | 9 August 2005
    Microsoft Corp. warned users of its Windows operating system on Tuesday of three newly found "critical" security flaws in its software, including one that could allow attackers to take complete control of a computer. Computer security experts urged users to download and install the patches, which are available at www.microsoft.com/security. "Users (should) apply the updates as quickly as possible," said Oliver Friedrichs, senior manager of Symantec Security Response, part of security software company Symantec Corp. SYMC.O. Microsoft said that vulnerabilities exist in its Internet Explorer Web browser, the most severe of which could allow an attacker to take complete control...
  • Microsoft fixes serious Windows flaws

    08/09/2005 2:56:44 PM PDT · by Panerai · 78 replies · 1,798+ views
    Cnet News ^ | August 9, 2005 | Joris Evers
    Microsoft on Tuesday issued alerts on several security flaws in Windows, the most serious of which could allow an attacker to gain control over a victim's computer. Microsoft released six security bulletins as part of its monthly patching cycle, three of which it deems "critical." The Redmond, Wash., software gives that rating to any security issue that could allow a malicious Internet worm to spread without any action required on the part of the user. One bulletin addresses three flaws in Internet Explorer. Of all the issues Microsoft offered fixes for Tuesday, these put users at most risk of attack,...
  • Spyware Phishing Now a World-Wide Epidemic

    07/19/2005 10:06:47 PM PDT · by ex-Texan · 16 replies · 906+ views
    Itsecurity.com ^ | 7/19/205 | Staff Writers
    Nova Scotia July 19, 2005 -- SpyCop today announced that the use of commercial monitoring spy software is on the rise in Internet phishing schemes, the latest scam used to steal personal information and even entire identities. The Anti-Phishing Working Group, web site at www.antiphishing.org, explains: "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials... Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware." The commercial spy software market has made available over 525 payware spy programs which include URL recorders, keyloggers, chat...
  • Corrupted PC's Find New Home In the Dumpster

    07/16/2005 11:54:18 AM PDT · by summer · 82 replies · 2,085+ views
    The NY Times - Business Section ^ | July 17, 2005 | MATT RICHTEL and JOHN MARKOFF
    SAN FRANCISCO, July 15 - Add personal computers to the list of throwaways in the disposable society. On a recent Sunday morning when Lew Tucker's Dell desktop computer was overrun by spyware and adware - stealth software that delivers intrusive advertising messages and even gathers data from the user's machine - he did not simply get rid of the offending programs. He discarded the whole computer. Mr. Tucker, an Internet industry executive who holds a Ph.D. in computer science, decided that rather than take the time to remove the offending software, he would spend $400 on a new machine. He...
  • Critical fixes for Windows, Office coming

    07/07/2005 1:27:43 PM PDT · by Panerai · 17 replies · 948+ views
    Cnet News ^ | 07/07/2005 | Joris Evers
    As part of its monthly patching cycle, Microsoft on Tuesday plans to release three security alerts for flaws in Windows and Office. Two of the security bulletins apply to Windows, and at least one of them is deemed "critical," Microsoft's highest risk rating, the company said in a notice posted on its Web site Thursday. Its Office productivity suite will get one bulletin, also rated critical. The notice did not specify whether one of the patches will be for Internet Explorer. Microsoft earlier this week offered a workaround for a known flaw in the Web browser that opens the door...
  • Security Breach Could Expose 40M to Fraud -No these aren't the files Hillary stole

    06/17/2005 3:29:57 PM PDT · by Tumbleweed_Connection · 8 replies · 555+ views
    AP ^ | 6/17/05 | JOE BEL BRUNO
    A security breach of customer information at a credit card-processing company could expose to fraud up to 40 million cardholders of multiple brands, MasterCard International Inc. said Friday. The credit card giant said its security division detected multiple instances of fraud that tracked back to CardSystems Solutions Inc. of Tucson, Ariz., which processes transactions for banks and merchants. MasterCard said in a news release late Friday afternoon that it was notifying its card-issuing banks of the problem. CardSystems was hit by a computer virus that captured customer data for the purpose of fraud, said company spokeswoman Sharon Gamsin. The FBI...
  • Security breach could expose 40M to fraud (40 million credit cards captured by computer virus)

    06/17/2005 4:13:09 PM PDT · by HAL9000 · 97 replies · 3,059+ views
    Associated Press | June 18, 2005 | JOE BEL BRUNO
    NEW YORK - A security breach of customer information at a credit card-processing company could expose to fraud up to 40 million cardholders of multiple brands, MasterCard International Inc. said Friday. The credit card giant said its security division detected multiple instances of fraud that tracked back to CardSystems Solutions Inc. of Tucson, Ariz., which processes transactions for banks and merchants. MasterCard said in a news release late Friday afternoon that it was notifying its card-issuing banks of the problem. CardSystems was hit by a computer virus that captured customer data for the purpose of fraud, said company spokeswoman Sharon...
  • Can You Trust Your Spyware Protection?

    05/31/2005 6:41:03 PM PDT · by El Conservador · 92 replies · 2,735+ views
    PCWorld.com through Yahoo! News ^ | May 31, 2005 | Andrew Brandt
    The next time you run a scan with your anti-spyware tool, it might miss some programs. Several anti-spyware firms, including Aluria, Lavasoft, and PestPatrol, have quietly stopped detecting adware from companies like Claria and WhenU--a process called delisting. Those adware companies have been petitioning anti-spyware firms to delist their software; other companies have resorted to sending cease-and-desist letters that threaten legal action. In most cases it's difficult for customers to determine whether their anti-spyware tool has delisted anything and, if so, which adware it skips. "When a spyware program gets delisted, users won't be aware of its presence," says Harvard...
  • Deleting spyware: a criminal act?

    05/25/2005 12:39:09 PM PDT · by ShadowAce · 65 replies · 2,591+ views
    The Register ^ | 25 May 2005 | Mark Rasch
    Analysis On my computer right now I have three anti-spyware programs, three anti-virus programs, and three anti-spam programs, together with a hardware and software firewall, an IPsec VPN, and data level encryption on certain files (and no, this is not intended to be an invitation for you to try to test my security.) The anti-spyware, anti-virus, and anti-spam software all work in very much the same way - they have definitions of known malicious programs, and they may also have algorithms to raise flags about unknown programs which operate in an unusual way. Depending upon user preferences, the programs either...
  • Microsoft Readies Its Antivirus App

    05/13/2005 7:41:11 AM PDT · by Mike Bates · 62 replies · 976+ views
    Yahoo News/ IGDG News Service ^ | 5/13/2005 | oris Evers
    Microsoft is readying a new consumer security product that offers virus and spyware protection, a new firewall and several tune-up tools for Windows PCs, a move that pits the software giant squarely against traditional security software vendors. The product, dubbed Windows OneCare, will be tested internally at Microsoft starting this week. A public test, or beta, version is scheduled to be available by year's end, Microsoft said in a statement this week. The final product will be offered as a subscription service, the Redmond, Washington, software maker says. OneCare marks Microsoft's long-anticipated entry into the antivirus space, until now the...
  • New VIRUS threat Sober.p (4% of emails contain .zip files-DO NOT OPEN!)

    05/04/2005 5:16:08 PM PDT · by Las Vegas Dave · 95 replies · 2,740+ views
    Virus Name Risk Assessment W32/Sober.p@MM Corporate User : Low-Profiled Home User : Medium Virus Information Discovery Date: 05/02/2005 Origin: Unknown Length: 53,727 bytes (zip) 53,554 bytes (executable) Type: Virus SubType: E-mail Minimum DAT: 4443 (03/09/2005) Updated DAT: 4482 (05/02/2005) Minimum Engine: 4.3.20 Description Added: 05/02/2005 Description Modified: 05/02/2005 3:59 PM (PT) Description Menu Virus Characteristics Symptoms Method Of Infection Removal Instructions Variants / Aliases Rate This page Print This Page Email This Page Legend Virus Characteristics: -- Update 2nd May 13:00 PST -- Due to increased prevalence, this threat has had its risk assessment raised to MEDIUM for Home Users....
  • Sober worm makes a comeback

    04/19/2005 1:52:01 PM PDT · by infocats · 24 replies · 1,116+ views
    ZD Net News ^ | April 19, 2005 | Dan Ilett
    Virus writers have resurrected the Sober worm with a new variant that is spreading quickly over the Internet. Security experts said Tuesday that the worm, dubbed Sober.M, reports e-mail addresses of victims back to its anonymous author--a technique known as harvesting. Spammers typically buy these fresh addresses to add to their lists of e-mail recipients. The e-mail containing the worm is written in bad English with the subject line: "I've got your e-mail on my account." "It looks like the virus writer is deliberately using broken English to (convince) people the e-mail is not a virus," Graham Cluley, senior technology...
  • New IM Worms Hit MSN Messenger

    03/07/2005 3:27:17 PM PST · by RebelTex · 75 replies · 2,080+ views
    TechWeb News ^ | March 07, 2005 | Gregg Keizer
    New worms spreading through MSN Messenger -- and its bundled-with-Windows Windows Messenger version -- via links to a malicious site are infecting users and leaving their PCs open to hacker hijack, security vendors reported Monday. The new worms, tagged as Kelvir.a and Kelvir.b, appeared over the weekend and on Monday, respectively, anti-virus vendors said. Both use the same mechanism to attract users and infect Windows-based PCs: they include a link in the instant message. That link, in turn, downloads a malicious file -- the actual worm, a variant of the long-running Spybot -- which opens a backdoor to the compromised...
  • Worm.Win32.Sober.L Alert!(Save your Computer Data)

    03/09/2005 6:19:11 AM PST · by OPS4 · 34 replies · 2,335+ views
    Emmissoft | Wed. March 9 2005 | a-squared
    Important information about current security risks. Worm.Win32.Sober.L Alert! A new variant of the Sober worm is spreading fast. As it's predecessors, Sober.L spreads as an email attachment in emails which are sent to all email addresses found on the victim's harddisk. Even if the executable file is packed in a .ZIP file, many users open the file and activate the worm this way. For novice users it's hard to see that it is a worm generated email because the email subject is "your password + accountnumber !". The email body text is the following: hi, i've got an admin mail...
  • Bagle Trojan Attack Strikes, Multiple Versions Overwhelm AV Defenses

    03/01/2005 12:36:33 PM PST · by Eagle9 · 23 replies · 1,096+ views
    TechWeb ^ | March 01, 2005 | Gregg Keizer
    A major wave of Bagle-like Trojan horses hit users worldwide Tuesday with numerous variations that aim to overwhelm anti-virus defenses by morphing faster than research labs can release new signatures. The attack, which began about midnight EST, was launched in a large-scale spamming campaign, said virus researchers, and although the new threat doesn't spread on its own -- these are Trojans with Bagle characteristics, not true worms -- many security vendors have bumped up warnings to get out the word. It's unclear how many variations are at loose. Some vendors, such as Symantec, had reported only two as of mid-morning...
  • Windows worm weaves its way with search engines

    02/17/2005 3:06:25 PM PST · by TomServo · 35 replies · 1,470+ views
    Silicon Valley/San Jose Business Journal ^ | 2/17.05 | American City Business Journals Inc.
    Windows worm weaves its way with search engines A new worm that uses Internet search engines to spread rapidly was detected Thursday, according to antivirus software maker Panda Software, a private company based in Bilbao, Spain, which operates in the U.S. as PandaLabs of Glendale, in Southern California. Called "MydoomAO," the worm uses Mountain View-based Google (NASDAQ: GOOG), Altavista, Sunnyvale-based Yahoo (NASDAQ: YHOO) and Lycos to search for e-mail addresses to which to send itself. In order to trick users, the worm pretends to be a mail delivery error message. In this way, a single infected computer can distribute thousands...
  • Microsoft's Security Chief Says Windows Safer Than Linux

    02/10/2005 7:40:34 PM PST · by Eagle9 · 69 replies · 1,128+ views
    TechWeb ^ | February 10, 2005 | Gregg Keizer
    Microsoft's top security honcho insisted Thursday that Microsoft "is making progress on security using any reasonable metric." Mike Nash, the company's chief security executive, made the comment during an online chat session just days after Microsoft rolled out its biggest bunch of Windows patches since April 2004. Nash staunchly defended the Redmond, Wash.-based developer's progress, and compared Windows' flaws with those in open-source Linux operating systems from Red Hat and Novell's SuSE. "Even with the relatively large number of bulletins we released this week, we compare favorably," he said. "Year-to-date for 2005, Microsoft has fixed 15 vulnerabilities affecting Windows Server...
  • Microsoft Fesses Up To 19 Vulnerabilities, MSBlast-Level Worm Likely

    02/08/2005 2:32:00 PM PST · by Eagle9 · 25 replies · 1,255+ views
    TechWeb ^ | February 08, 2005 | Gregg Keizer
    Microsoft Tuesday released its largest group security patches in nearly a year as it posted 12 security bulletins encompassing 19 vulnerabilities, 14 of which it marked "Critical," its highest patch-now warning. Among them is a vulnerability that will likely lead to the biggest, baddest worm in since mid-2003, said Mike Murray, the director of research at vulnerability management vendor nCircle. "There's a clear 'winner' here," said Murray. " MS05-011 fixes a vulnerability in SMB [Server Message Block], which is running on every version of Microsoft's operating systems that a corporation might be using. And it's exploitable remotely, so it doesn't...
  • Bropia worm spreads on the back of MSN Messenger

    02/03/2005 8:12:50 AM PST · by PeterFinn · 14 replies · 1,053+ views
    Computer Buyer ^ | Monday 24th January 2005 | Matt Whipp
    Bropia worm spreads on the back of MSN Messenger 5:04PM A new virus is using the MSN Messenger system to spread. Known as Bropia.A, the worm waits on an infected system until the Messenger window is opened and then sends a copy of itself to contacts, using filenames adaware.exe, VB6.EXE, lexplore.exe and Win32.exe. If a contact accepts the file and runs it, it checks to see if any of the previously mentioned files are present, and if not, places a file called oms.exe on the computer and runs it. This is a variant of Rbot, which installs a backdoor on...
  • Microsoft: Legit Windows or no updates

    01/26/2005 1:59:43 PM PST · by Happy2BMe · 418 replies · 5,210+ views
    Aiming to crack down on counterfeit software, Microsoft plans later this year to require customers to verify that their copy of Windows is genuine before downloading security patches and other add-ons to the operating system. Since last fall the company has been testing a tool that can check whether a particular version of Windows is legitimate, but until now the checks have been voluntary. Starting Feb. 7, the verification will be mandatory for many downloads for people in three countries: China, Norway and the Czech Republic. In those countries, people whose copies are found not to be legitimate can get...
  • Microsoft Responds To IE Security Concerns

    01/18/2005 12:48:29 PM PST · by stainlessbanner · 40 replies · 1,193+ views
    infoweek ^ | Jan. 18, 2005 | Microsoft
    Full text of a letter from Microsoft, in response to coverage of companies moving from IE to Firefox and other alternative browsers. InformationWeek Editor's note: the following is the full text of Microsoft's response to an InformationWeek.com poll and related story regarding Internet Explorer, and whether companies are switching to the Mozilla browser. It came from Waggener Edstrom, Microsoft's public-relations agency. You mentioned that many or the respondents in the self-selecting survey recommended against IE and that many people have said Microsoft needs to address security issues more fully. Regarding the recommendation, we're aware that some people have recommended against...
  • Microsoft Readies 'A1' Security Subscription Service for its anti-spyware and anti-virus solutions.

    01/05/2005 10:38:14 AM PST · by Happy2BMe · 110 replies · 2,294+ views
    Tuesday, January 04, 2005 Microsoft Readies 'A1' Security Subscription Service By Mary Jo Foley Microsoft's anti-virus/anti-spyware strategy is taking shape. Sources say Redmond's prepping a fee-based bundle, which could go beta soon. Publicly, Microsoft continues to be cagey about packaging and pricing plans for its anti-spyware and anti-virus solutions. But privately, Microsoft has begun informing partners of its plans for a security subscription service code-named "A1," according to developers who requested anonymity. Microsoft bought anti-virus vendor GeCAD in the summer of 2003, and anti-spyware maker Giant Company Software last month. As to how it plans to deliver these technologies, Microsoft...
  • Microsoft Offers Virus-Removal Programs

    01/06/2005 8:29:46 AM PST · by GeneD · 38 replies · 1,922+ views
    AP via Yahoo! News ^ | 01/06/2005 | Ted Bridis
    WASHINGTON - Microsoft Corp., whose popular Windows software is a frequent target for Internet viruses, is offering a free security program to remove the most dangerous infections from computers. The program, with monthly updates, is a step toward plans by Microsoft to sell full-blown antivirus software later this year. Microsoft said Thursday that consumers can download the new security program from the company's Web site — www.microsoft.com — and that updated versions will be offered automatically and free each month. It will be available starting Tuesday. Also, Microsoft offered Thursday a free program to remove "spyware," a category of irritating...
  • New Windows virus tempts users with game of Tetris

    01/13/2005 6:15:02 AM PST · by yankeedame · 13 replies · 580+ views
    BBC On-Line ^ | Thursday, 13 January, 2005 | staff writer
    Last Updated: Thursday, 13 January, 2005, 11:29 GMT Windows worm travels with Tetris The version of Tetris is recognisable and just as playable. Users are being warned about a Windows virus that poses as the hugely popular Tetris game. The Cellery worm installs a playable version of the classic falling blocks game on PCs that it has infected. While users play the game, the worm spends its time using the machine to search for new victims to infect on nearby networks. The risk of infection by Cellery is thought to be very low as few copies of the worm have...
  • Tetris game hides Cellery worm ( Windows only though )

    01/14/2005 12:34:07 PM PST · by Ernest_at_the_Beach · 7 replies · 322+ views
    vnunet.com ^ | 13 Jan 2005 | Robert Jaques
    Tetris game hides Cellery worm Worm uses cult game to spread via email Robert Jaques, vnunet.com 13 Jan 2005 A worm, dubbed Cellery-A (W32/Cellery-A), which poses as a playable version of the classic Russian computer game Tetris has been detected in the wild, security experts have warned.The Cellery worm, which gets its name from a message it displays saying 'Chancellery', makes changes to Windows settings to ensure that it automatically runs when the operating system starts up.While the Tetris-like arcade game is running, the worm plays a MIDI music tune, and searches for other network drives and attached computers to...
  • Corporate PCs 'riddled with spyware'

    12/02/2004 11:49:25 PM PST · by Stoat · 5 replies · 680+ views
    The Register (U.K.) ^ | December 2, 2004 | John Leyden
    Corporate PCs 'riddled with spyware' By John Leyden Published Thursday 2nd December 2004 17:23 GMT Corporate systems are riddled with spyware, according to a study by an anti-spyware firm. Companies voluntarily using Webroot's Corporate SpyAudit tool had an average of 20 nasties per PC, Webroot reports.Most of the items found were harmless cookies. But average five per cent of the PCs scanned had system monitors and 5.5 per cent had Trojan horse programs, the two most nefarious and potentially malicious forms of spyware. The audit - based on scans of more than 10,000 systems, used by more than 4,100 companies...
  • Worm spreads Happy Nude Year greeting

    01/12/2005 9:21:57 AM PST · by holymoly · 13 replies · 1,293+ views
    ZDNet UK ^ | January 11, 2005 | Dan Ilett
    An emailed New Year photo of naked people contains a nasty shock - a worm that will turn off security protection and harvest email addresses Antivirus companies have unearthed a computer worm that hides behind an image of naked people. According to antivirus company Sophos, the naughty New Year photo message contains a mass-mailing worm, dubbed Wurmark-D, that is programmed to disable security software on host computers and send itself to email addresses stored there. "Once activated, this worm will harvest your computer hunting for other email addresses to send itself to and try and turn off antivirus software," said...
  • Media Files That Spread Spyware (Ben Edelman On WMP Installing 31! Programs On His PC Alert)

    01/03/2005 1:51:12 AM PST · by goldstategop · 30 replies · 9,908+ views
    Bendedelman.org ^ | 01/02/02 | Ben Edelman
    Users have a lot to worry about when downloading and playing media files. Are the files legal? Can their computers play the required file formats? Now there's yet another problem to add to the list: Will a media file try to install spyware? When Windows Media Player encounters a file with certain "rights management" features enabled, it opens the web page specified by the file's creator. This page is intended to help a content providers promote its products -- perhaps other music by the same artist or label. But the specified web page can show deceptive messages, including pop-ups that...
  • Windows XP users Phelled by new Trojan [Symantec bulletin, SP2 no protection, will see 2 IE popups]

    12/30/2004 12:42:15 PM PST · by Mike Fieschko · 279 replies · 6,441+ views
    The Register ^ | Dec 30, 2004 | Ashlee Vance
    A new Trojan horse - named Phel - that punishes users of Microsoft Windows XP operating system is in the wild. Security software firm Symantec has issued a bulletin warning Windows XP users to be on the look out for the program, which is distributed as an .html file. The malicious code can attack systems running XP Service Pack 2. The vuln was first found in October, and Microsoft is busy trying to catch up to it. "Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the company told ComputerWorld....
  • New Windows Bugs "Critical", Lack Patches

    12/27/2004 1:48:29 PM PST · by Eagle9 · 78 replies · 2,263+ views
    TechWeb News ^ | December 27, 2004 | Gregg Keizer
    A trio of new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over the weekend, nudging some security vendors to alert users that their systems may be open to attack and hijacking. The vulnerabilities, first reported by a Chinese group and then posted to the Bugtraq mailing list, are in Windows' LoadImage API function, its animated cursor files, and in the way it handles help files. All of the bugs are as yet unpatched. All currently-supported versions of Windows -- Windows NT, 2000, XP, and Windows Server 2003 -- are affected by the three flaws,...
  • How Spyware Took The Next-Gen Threat Crown (On The Internet's No #1 Threat Today MUST READ!!!)

    12/21/2004 2:39:48 AM PST · by goldstategop · 168 replies · 7,612+ views
    ESecurityPlanet.com ^ | 12/20/04 | Sonny Discini
    Spyware used to be defined as applets, cookies or any other method used to collect statistics on your browsing habits. Gone are the days of such a benign interpretation. Spyware has evolved into a problem that surpasses those posed by traditional worms, viruses and Trojans. Today, these once relatively innocuous apps have evolved from anonymous, and often invisible, traffic statistics gatherers into beasts capable of crippling your PC's performance by installing unwanted toolbars, pop-up ads, desktop icons and many other nuisances. If that's not bad enough, some Spyware will modify system files, change security zone settings, keylog your sessions, spawn...
  • Massive IE phishing exploit discovered

    12/17/2004 7:03:17 AM PST · by holymoly · 53 replies · 2,147+ views
    ZDNet ^ | December 17, 2004 | Dan Ilett
    Even SP2 versions of Microsoft's Internet Explorer are vulnerable to a spoofing exploit published yesterday. A vulnerability researcher posted details of a dangerous Internet Explorer (IE) flaw on Thursday that allows phishers to spoof Web sites more realistically than ever before. According to security company Secunia, Paul from Greyhats -- a research group -- has published details of a vulnerability that can be exploited to spoof the content of any Web site. Using the exploit, scammers are able to manipulate all versions of IE, including Windows XP SP2 -- the latest and most secure version of the browser -- and...
  • Safe Personal Computing

    12/17/2004 6:37:05 AM PST · by zeugma · 69 replies · 2,270+ views
    Bruce Schneier BLOG ^ | December 13, 2004 | Bruce Schneier
    Schneier on Security A weblog covering security and security technology. December 13, 2004 Safe Personal Computing I am regularly asked what average Internet users can do to ensure their security. My first answer is usually, "Nothing--you're screwed." But that's not true, and the reality is more complicated. You're screwed if you do nothing to protect yourself, but there are many things you can do to increase your security on the Internet. Two years ago, I published a list of PC security recommendations. The idea was to give home users concrete actions they could take to improve security. This is an...