Free Republic

SAN FRANCISCO, July 15 - Add personal computers to the list of throwaways in the disposable society. On a recent Sunday morning when Lew Tucker's Dell desktop computer was overrun by spyware and adware - stealth software that delivers intrusive advertising messages and even gathers data from the user's machine - he did not simply get rid of the offending programs. He discarded the whole computer. Mr. Tucker, an Internet industry executive who holds a Ph.D. in computer science, decided that rather than take the time to remove the offending software, he would spend $400 on a new machine. He...

As part of its monthly patching cycle, Microsoft on Tuesday plans to release three security alerts for flaws in Windows and Office. Two of the security bulletins apply to Windows, and at least one of them is deemed "critical," Microsoft's highest risk rating, the company said in a notice posted on its Web site Thursday. Its Office productivity suite will get one bulletin, also rated critical. The notice did not specify whether one of the patches will be for Internet Explorer. Microsoft earlier this week offered a workaround for a known flaw in the Web browser that opens the door...

A security breach of customer information at a credit card-processing company could expose to fraud up to 40 million cardholders of multiple brands, MasterCard International Inc. said Friday. The credit card giant said its security division detected multiple instances of fraud that tracked back to CardSystems Solutions Inc. of Tucson, Ariz., which processes transactions for banks and merchants. MasterCard said in a news release late Friday afternoon that it was notifying its card-issuing banks of the problem. CardSystems was hit by a computer virus that captured customer data for the purpose of fraud, said company spokeswoman Sharon Gamsin. The FBI...

NEW YORK - A security breach of customer information at a credit card-processing company could expose to fraud up to 40 million cardholders of multiple brands, MasterCard International Inc. said Friday. The credit card giant said its security division detected multiple instances of fraud that tracked back to CardSystems Solutions Inc. of Tucson, Ariz., which processes transactions for banks and merchants. MasterCard said in a news release late Friday afternoon that it was notifying its card-issuing banks of the problem. CardSystems was hit by a computer virus that captured customer data for the purpose of fraud, said company spokeswoman Sharon...

The next time you run a scan with your anti-spyware tool, it might miss some programs. Several anti-spyware firms, including Aluria, Lavasoft, and PestPatrol, have quietly stopped detecting adware from companies like Claria and WhenU--a process called delisting. Those adware companies have been petitioning anti-spyware firms to delist their software; other companies have resorted to sending cease-and-desist letters that threaten legal action. In most cases it's difficult for customers to determine whether their anti-spyware tool has delisted anything and, if so, which adware it skips. "When a spyware program gets delisted, users won't be aware of its presence," says Harvard...

Analysis On my computer right now I have three anti-spyware programs, three anti-virus programs, and three anti-spam programs, together with a hardware and software firewall, an IPsec VPN, and data level encryption on certain files (and no, this is not intended to be an invitation for you to try to test my security.) The anti-spyware, anti-virus, and anti-spam software all work in very much the same way - they have definitions of known malicious programs, and they may also have algorithms to raise flags about unknown programs which operate in an unusual way. Depending upon user preferences, the programs either...

Microsoft is readying a new consumer security product that offers virus and spyware protection, a new firewall and several tune-up tools for Windows PCs, a move that pits the software giant squarely against traditional security software vendors. The product, dubbed Windows OneCare, will be tested internally at Microsoft starting this week. A public test, or beta, version is scheduled to be available by year's end, Microsoft said in a statement this week. The final product will be offered as a subscription service, the Redmond, Washington, software maker says. OneCare marks Microsoft's long-anticipated entry into the antivirus space, until now the...

Virus Name Risk Assessment W32/Sober.p@MM Corporate User : Low-Profiled Home User : Medium Virus Information Discovery Date: 05/02/2005 Origin: Unknown Length: 53,727 bytes (zip) 53,554 bytes (executable) Type: Virus SubType: E-mail Minimum DAT: 4443 (03/09/2005) Updated DAT: 4482 (05/02/2005) Minimum Engine: 4.3.20 Description Added: 05/02/2005 Description Modified: 05/02/2005 3:59 PM (PT) Description Menu Virus Characteristics Symptoms Method Of Infection Removal Instructions Variants / Aliases Rate This page Print This Page Email This Page Legend Virus Characteristics: -- Update 2nd May 13:00 PST -- Due to increased prevalence, this threat has had its risk assessment raised to MEDIUM for Home Users....

Virus writers have resurrected the Sober worm with a new variant that is spreading quickly over the Internet. Security experts said Tuesday that the worm, dubbed Sober.M, reports e-mail addresses of victims back to its anonymous author--a technique known as harvesting. Spammers typically buy these fresh addresses to add to their lists of e-mail recipients. The e-mail containing the worm is written in bad English with the subject line: "I've got your e-mail on my account." "It looks like the virus writer is deliberately using broken English to (convince) people the e-mail is not a virus," Graham Cluley, senior technology...

New worms spreading through MSN Messenger -- and its bundled-with-Windows Windows Messenger version -- via links to a malicious site are infecting users and leaving their PCs open to hacker hijack, security vendors reported Monday. The new worms, tagged as Kelvir.a and Kelvir.b, appeared over the weekend and on Monday, respectively, anti-virus vendors said. Both use the same mechanism to attract users and infect Windows-based PCs: they include a link in the instant message. That link, in turn, downloads a malicious file -- the actual worm, a variant of the long-running Spybot -- which opens a backdoor to the compromised...

Important information about current security risks. Worm.Win32.Sober.L Alert! A new variant of the Sober worm is spreading fast. As it's predecessors, Sober.L spreads as an email attachment in emails which are sent to all email addresses found on the victim's harddisk. Even if the executable file is packed in a .ZIP file, many users open the file and activate the worm this way. For novice users it's hard to see that it is a worm generated email because the email subject is "your password + accountnumber !". The email body text is the following: hi, i've got an admin mail...

A major wave of Bagle-like Trojan horses hit users worldwide Tuesday with numerous variations that aim to overwhelm anti-virus defenses by morphing faster than research labs can release new signatures. The attack, which began about midnight EST, was launched in a large-scale spamming campaign, said virus researchers, and although the new threat doesn't spread on its own -- these are Trojans with Bagle characteristics, not true worms -- many security vendors have bumped up warnings to get out the word. It's unclear how many variations are at loose. Some vendors, such as Symantec, had reported only two as of mid-morning...

Windows worm weaves its way with search engines A new worm that uses Internet search engines to spread rapidly was detected Thursday, according to antivirus software maker Panda Software, a private company based in Bilbao, Spain, which operates in the U.S. as PandaLabs of Glendale, in Southern California. Called "MydoomAO," the worm uses Mountain View-based Google (NASDAQ: GOOG), Altavista, Sunnyvale-based Yahoo (NASDAQ: YHOO) and Lycos to search for e-mail addresses to which to send itself. In order to trick users, the worm pretends to be a mail delivery error message. In this way, a single infected computer can distribute thousands...

Microsoft's top security honcho insisted Thursday that Microsoft "is making progress on security using any reasonable metric." Mike Nash, the company's chief security executive, made the comment during an online chat session just days after Microsoft rolled out its biggest bunch of Windows patches since April 2004. Nash staunchly defended the Redmond, Wash.-based developer's progress, and compared Windows' flaws with those in open-source Linux operating systems from Red Hat and Novell's SuSE. "Even with the relatively large number of bulletins we released this week, we compare favorably," he said. "Year-to-date for 2005, Microsoft has fixed 15 vulnerabilities affecting Windows Server...

Microsoft Tuesday released its largest group security patches in nearly a year as it posted 12 security bulletins encompassing 19 vulnerabilities, 14 of which it marked "Critical," its highest patch-now warning. Among them is a vulnerability that will likely lead to the biggest, baddest worm in since mid-2003, said Mike Murray, the director of research at vulnerability management vendor nCircle. "There's a clear 'winner' here," said Murray. " MS05-011 fixes a vulnerability in SMB [Server Message Block], which is running on every version of Microsoft's operating systems that a corporation might be using. And it's exploitable remotely, so it doesn't...

Bropia worm spreads on the back of MSN Messenger 5:04PM A new virus is using the MSN Messenger system to spread. Known as Bropia.A, the worm waits on an infected system until the Messenger window is opened and then sends a copy of itself to contacts, using filenames adaware.exe, VB6.EXE, lexplore.exe and Win32.exe. If a contact accepts the file and runs it, it checks to see if any of the previously mentioned files are present, and if not, places a file called oms.exe on the computer and runs it. This is a variant of Rbot, which installs a backdoor on...

Aiming to crack down on counterfeit software, Microsoft plans later this year to require customers to verify that their copy of Windows is genuine before downloading security patches and other add-ons to the operating system. Since last fall the company has been testing a tool that can check whether a particular version of Windows is legitimate, but until now the checks have been voluntary. Starting Feb. 7, the verification will be mandatory for many downloads for people in three countries: China, Norway and the Czech Republic. In those countries, people whose copies are found not to be legitimate can get...

Full text of a letter from Microsoft, in response to coverage of companies moving from IE to Firefox and other alternative browsers. InformationWeek Editor's note: the following is the full text of Microsoft's response to an InformationWeek.com poll and related story regarding Internet Explorer, and whether companies are switching to the Mozilla browser. It came from Waggener Edstrom, Microsoft's public-relations agency. You mentioned that many or the respondents in the self-selecting survey recommended against IE and that many people have said Microsoft needs to address security issues more fully. Regarding the recommendation, we're aware that some people have recommended against...

Tuesday, January 04, 2005 Microsoft Readies 'A1' Security Subscription Service By Mary Jo Foley Microsoft's anti-virus/anti-spyware strategy is taking shape. Sources say Redmond's prepping a fee-based bundle, which could go beta soon. Publicly, Microsoft continues to be cagey about packaging and pricing plans for its anti-spyware and anti-virus solutions. But privately, Microsoft has begun informing partners of its plans for a security subscription service code-named "A1," according to developers who requested anonymity. Microsoft bought anti-virus vendor GeCAD in the summer of 2003, and anti-spyware maker Giant Company Software last month. As to how it plans to deliver these technologies, Microsoft...

WASHINGTON - Microsoft Corp., whose popular Windows software is a frequent target for Internet viruses, is offering a free security program to remove the most dangerous infections from computers. The program, with monthly updates, is a step toward plans by Microsoft to sell full-blown antivirus software later this year. Microsoft said Thursday that consumers can download the new security program from the company's Web site — www.microsoft.com — and that updated versions will be offered automatically and free each month. It will be available starting Tuesday. Also, Microsoft offered Thursday a free program to remove "spyware," a category of irritating...