Free Republic

New worms spreading through MSN Messenger -- and its bundled-with-Windows Windows Messenger version -- via links to a malicious site are infecting users and leaving their PCs open to hacker hijack, security vendors reported Monday. The new worms, tagged as Kelvir.a and Kelvir.b, appeared over the weekend and on Monday, respectively, anti-virus vendors said. Both use the same mechanism to attract users and infect Windows-based PCs: they include a link in the instant message. That link, in turn, downloads a malicious file -- the actual worm, a variant of the long-running Spybot -- which opens a backdoor to the compromised...

Groove Founder Ray Ozzie Will Join Microsoft as New CTO BEVERLY, Mass., March 10, 2005 - Microsoft Corp. announced today that it will acquire Groove Networks Inc., a leading provider of collaboration software for the "virtual office." The deal unites two top innovators of technology that help geographically distributed workgroups be as productive as those that work in a single physical location. Financial terms of the acquisition were not disclosed. The addition of Groove products to the lineup of Microsoft® Office System products, servers and services builds on the capabilities of Microsoft's current collaboration products, allowing Microsoft to better meet...

Microsoft Internet Explorer is reported prone to a remote buffer overflow vulnerability. This issue presents itself when the application handles a malformed CSS file. A typical attack would involve the attacker creating a Web site that includes the malicious CSS file. The attacker may then entice a vulnerable user to visit the site. If successful, this attack may result in granting the attacker unauthorized access to the affected computer in the context of the user running Internet Explorer.

Important information about current security risks. Worm.Win32.Sober.L Alert! A new variant of the Sober worm is spreading fast. As it's predecessors, Sober.L spreads as an email attachment in emails which are sent to all email addresses found on the victim's harddisk. Even if the executable file is packed in a .ZIP file, many users open the file and activate the worm this way. For novice users it's hard to see that it is a worm generated email because the email subject is "your password + accountnumber !". The email body text is the following: hi, i've got an admin mail...

A major wave of Bagle-like Trojan horses hit users worldwide Tuesday with numerous variations that aim to overwhelm anti-virus defenses by morphing faster than research labs can release new signatures. The attack, which began about midnight EST, was launched in a large-scale spamming campaign, said virus researchers, and although the new threat doesn't spread on its own -- these are Trojans with Bagle characteristics, not true worms -- many security vendors have bumped up warnings to get out the word. It's unclear how many variations are at loose. Some vendors, such as Symantec, had reported only two as of mid-morning...

Windows worm weaves its way with search engines A new worm that uses Internet search engines to spread rapidly was detected Thursday, according to antivirus software maker Panda Software, a private company based in Bilbao, Spain, which operates in the U.S. as PandaLabs of Glendale, in Southern California. Called "MydoomAO," the worm uses Mountain View-based Google (NASDAQ: GOOG), Altavista, Sunnyvale-based Yahoo (NASDAQ: YHOO) and Lycos to search for e-mail addresses to which to send itself. In order to trick users, the worm pretends to be a mail delivery error message. In this way, a single infected computer can distribute thousands...

Sorry for the vanity, but my head is about to explode trying to figure out how to get rid of hotbar, which mysteriously appeared on my computer. I know I can trust you guys for the real story on what to do. I know Laura advertises some kind of spyware blocker, but I have no clue about any of this. Any help (here or pm me) would be GREATLY appreciated.

The party's over. In the past year, the little browser that could, Firefox, became the people's hero, an underdog warrior that took a huge swipe at its enemy, Internet Explorer. IE dipped below 90 percent market share for the first time in years, while Firefox lured users like the Pied Piper, blowing past its own fundraising goals and reigniting the browser wars. Meanwhile, the bad news continued to mount for Microsoft. An IE exploit put even Windows XP SP2 users at risk from phishing schemes, even as Microsoft touted SP2 as the most secure version of Windows yet. Worse, major...

It didn't take hackers long to start banging hard on the vulnerabilities Microsoft disseminated Tuesday. Just a day after the Redmond, Wash.-based developer rolled out a dozen advisoriescontaining 16 vulnerabilities, 10 of them tagged as "Critical," exploit code has gone public for one, Microsoft said late Wednesday. "Microsoft won't be happy that someone has posted information about how to take advantage of their critical security hole within 48 hours of their patch being released," said Graham Cluley, senior technology consultant for Sophos, in a statement. "Many computer users are bound to have not yet defended themselves," he added. Microsoft posted...

Microsoft's top security honcho insisted Thursday that Microsoft "is making progress on security using any reasonable metric." Mike Nash, the company's chief security executive, made the comment during an online chat session just days after Microsoft rolled out its biggest bunch of Windows patches since April 2004. Nash staunchly defended the Redmond, Wash.-based developer's progress, and compared Windows' flaws with those in open-source Linux operating systems from Red Hat and Novell's SuSE. "Even with the relatively large number of bulletins we released this week, we compare favorably," he said. "Year-to-date for 2005, Microsoft has fixed 15 vulnerabilities affecting Windows Server...

Microsoft Tuesday released its largest group security patches in nearly a year as it posted 12 security bulletins encompassing 19 vulnerabilities, 14 of which it marked "Critical," its highest patch-now warning. Among them is a vulnerability that will likely lead to the biggest, baddest worm in since mid-2003, said Mike Murray, the director of research at vulnerability management vendor nCircle. "There's a clear 'winner' here," said Murray. " MS05-011 fixes a vulnerability in SMB [Server Message Block], which is running on every version of Microsoft's operating systems that a corporation might be using. And it's exploitable remotely, so it doesn't...

SEATTLE (Reuters) - Microsoft Corp. said on Tuesday it would buy anti-virus software maker Sybari Software Inc. in a direct challenge to Symantec Corp. and McAfee Inc., which currently dominate that market. If Microsoft, the world's largest software maker, bundles anti-virus features into its Windows operating system, security software makers could feel the pressure, analysts said. "Microsoft's acquisition of Sybari will get them into the (business) anti-virus market specializing in e-mail protection, a negative for Symantec and McAfee," said Sterling Auty, an analyst with JP Morgan. McAfee shares were down 8.55 percent, or $2.24 to $23.72 in afternoon trade on...

Microsoft to release bumper Windows patch February 04 2005 by Karen Said February's release to fix 'critical' flaws... "A bumper crop of Microsoft patches will be released next week, including nine fixes for Windows flaws. At least one of the updates for the Windows operating system is rated "critical", its highest rating, Microsoft said on Thursday in a posting to its TechNet site. The forewarning is part of the company's programme to give regular computer users notice of monthly security bulletins before the patches themselves are released. There will be 13 updates in total, Microsoft said. That includes a critical...

Microsoft on Thursday gave early warning that next week's monthly dose of security bulletins and patches will be among its biggest ever. According to the Advance Notification service, which pre-announces upcoming patches but limits the information disclosed, next Tuesday's roundup will include 13 security bulletins, at least three of which will be marked "Critical," the Redmond, Wash.-based developer's most dire warning. Nine of the bulletins affect Microsoft Windows. That's a much-higher-than-normal number, and three times what the company published in January. Other patches will be published to fix bugs in SharePoint Services, Microsoft Office, the .Net Framework, Visual Studio, Windows...

Bropia worm spreads on the back of MSN Messenger 5:04PM A new virus is using the MSN Messenger system to spread. Known as Bropia.A, the worm waits on an infected system until the Messenger window is opened and then sends a copy of itself to contacts, using filenames adaware.exe, VB6.EXE, lexplore.exe and Win32.exe. If a contact accepts the file and runs it, it checks to see if any of the previously mentioned files are present, and if not, places a file called oms.exe on the computer and runs it. This is a variant of Rbot, which installs a backdoor on...

Aiming to crack down on counterfeit software, Microsoft plans later this year to require customers to verify that their copy of Windows is genuine before downloading security patches and other add-ons to the operating system. Since last fall the company has been testing a tool that can check whether a particular version of Windows is legitimate, but until now the checks have been voluntary. Starting Feb. 7, the verification will be mandatory for many downloads for people in three countries: China, Norway and the Czech Republic. In those countries, people whose copies are found not to be legitimate can get...

Full text of a letter from Microsoft, in response to coverage of companies moving from IE to Firefox and other alternative browsers. InformationWeek Editor's note: the following is the full text of Microsoft's response to an InformationWeek.com poll and related story regarding Internet Explorer, and whether companies are switching to the Mozilla browser. It came from Waggener Edstrom, Microsoft's public-relations agency. You mentioned that many or the respondents in the self-selecting survey recommended against IE and that many people have said Microsoft needs to address security issues more fully. Regarding the recommendation, we're aware that some people have recommended against...

Tuesday, January 04, 2005 Microsoft Readies 'A1' Security Subscription Service By Mary Jo Foley Microsoft's anti-virus/anti-spyware strategy is taking shape. Sources say Redmond's prepping a fee-based bundle, which could go beta soon. Publicly, Microsoft continues to be cagey about packaging and pricing plans for its anti-spyware and anti-virus solutions. But privately, Microsoft has begun informing partners of its plans for a security subscription service code-named "A1," according to developers who requested anonymity. Microsoft bought anti-virus vendor GeCAD in the summer of 2003, and anti-spyware maker Giant Company Software last month. As to how it plans to deliver these technologies, Microsoft...

WASHINGTON - Microsoft Corp., whose popular Windows software is a frequent target for Internet viruses, is offering a free security program to remove the most dangerous infections from computers. The program, with monthly updates, is a step toward plans by Microsoft to sell full-blown antivirus software later this year. Microsoft said Thursday that consumers can download the new security program from the company's Web site — www.microsoft.com — and that updated versions will be offered automatically and free each month. It will be available starting Tuesday. Also, Microsoft offered Thursday a free program to remove "spyware," a category of irritating...

Just 6 easy steps, and we come full circle on the indemnification story: 1. First, we had SCO announcing it was suing IBM and threatening Linux users for contributory copyright infringement. 2. Then the chorus broke out in song about how Linux has no indemnification. 3. Then we found out from BayStar's lips that Microsoft inspired them to invest in SCO, an investment that made all the lawsuits financially possible. Thanks for nothing, BayStar. 4. Meanwhile, the Linux world began setting up indemnification and legal funds for Linux users and developers.5. SCO sued everybody else. Terror ensued, sorta, briefly. 6....