Monday, November 10, 2008

Microsoft rushes out emergency Windows security fix

You can download the emergency update patch here,Windows Update Patch. Once downloaded, install the patch and it will automatically apply the update to your computer.


Updated Microsoft has released an emergency security update for a broad swath of its users that patches a critical security hole that is already being exploited in the wild.

The vulnerability - which has been subjected to "limited, targeted attacks" - could allow miscreants to create wormable exploits that remotely execute malicious code on vulnerable machines, Microsoft said. No interaction is required from the end user. It was the first patch released outside Microsoft's regular update cycle in 18 months.

"This is a remote code execution vulnerability," Microsoft's out-of-band advisory warned. "An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely."

The vulnerability stems from the failure of Windows server service to properly vet remote procedure call (RPC) requests for malicious content. The service handles the sharing of printers, disk and other resources over a network. It also allows applications on one networked computer to communicate with applications on another machine.

On the 2000, XP, and Server 2003 versions of Windows, anonymous users with access to the target network could exploit the weakness by sending a specially crafted network packet to the affected system. Microsoft rated the vulnerability as "critical" - its most severe designation - for those versions.

Wednesday, October 1, 2008

Antivirus XP Creator Finally Sued (by Microsoft!)

pparently you can’t get away forever with fooling users into thinking they have malware on their system when they really don’t, and then offering to sell them a “removal tool” that does absolutely nothing but remove the fake alerts.

The creators of such programs as Antivirus XP, Registry Cleaner XP and WinDefender are getting sued by Microsoft and the state of Washington under the state’s Computer Spyware Act which prohibits making false claims of spyware or malware on a system. The penalty is actual damages incurred or a punitive damage of $100,000 per offense, whichever is greater.

Thursday, September 25, 2008

New Malicious Firefox Extension: FirestarterFox






A malicious Firefox extension called FirestarterFox is being installed by some of the latest malware variants. This extension hijacks all search requests through Google, Yahoo and Microsoft Live search and redirects them through the Russian site thebestwebsearch.net. This is done with the intention of showing ads on the search results page which presumably make money for the creator of this piece of malware.


Luckily the extension can’t be silently installed since Firefox alerts users to all new extensions. So if you ever start Firefox and get the message that a new extension called FirestarterFox has been installed you will immediately know that you have malware on your system and should take steps to remove it or reformat your system.