Free Republic

A combined team of security experts from Advanced Intelligence and Eclypsium has announced that the Trickbot trojan malware now has the ability to modify a computer's Unified Extensible Firmware Interface—the interface between the firmware on a computer motherboard and the computer's operating system—in this case, Microsoft Windows. Trickbot has been in the news of late due to its advanced capabilities. It has a modular design and is notable for its ability to gain administrative capabilities on infected computers. The entities behind the creation of the trojan are believed to be criminals in Russia and North Korea, and they have used...

An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed Tuesday. Webroot Inc. of Broomfield, Colorado, said it issued an updated detection rule that "identified false positives" for critical Windows operating files Monday afternoon, resulting in those files' being "quarantined" and inaccessible to Windows. Kristin Miller, a spokeswoman for Webroot, said the program incorrectly classified as "bad" a common folder that is often targeted for malware. She said that the false...

Typoslab gains pay-by-the-month option, with bundled support and training First Microsoft turned Office into software-as-a-service. It's currently transforming Windows into Windows-as-a-service. And now it's decided that its Surface Pro typoslab should become Surface-as-a-service, to help businesses buy more of the hybrid machines. Surface-as-a-Service, or "Surface Membership" to use its proper name, lets you choose from Surface Book, Surface Pro 4 and Surface 4 hardware. An online configurator lets you design the machines you want (complete with keyboards and pens) and choose a 18, 24 or 30 month membership plan. Joining the club also gets you Microsoft's Complete for Business Extended...

Global law enforcement agencies have arrested a gang member behind the theft of £20 million ($30.7 million) via a piece of malicious software that records banking details, and are on the hunt for the remaining members. The malware – known as Dridex – is believed to be developed by in eastern Europe and it's able to harvest bank details online in order to steal money from people. Global financial institutions and a variety of different payment systems have been targeted, the U.K.'s National Crime Agency (NCA), one of the authorities involved, said on Tuesday. "Thousands" of Brits have been infected...

A Russian hacking campaign against U.S. critical infrastructure has gone on since 2011 and puts hundreds of thousands of Americans at risk. Much of the nation’s critical infrastructure has been compromised by a “Trojan Horse” malware program, which puts everything from nuclear power plants to power grids at risk, national security sources toldABC News on Thursday. The Department of Homeland Security also released a bulletin on the “BlackEnergy” malware, which is connected to Russia’s “Sandworm Team.” In October it was revealed that Russian Sandworm hackers spied on NATO, Ukraine and the European Union since 2009 by taking advantage of a...

Computerworld - Microsoft has quietly stopped serving security updates to Internet Explorer 11 (IE11) on consumer and small business Windows 7 PCs unless the customer has successfully applied an April update for the browser. [....] Users who have not installed the IE security update issued on April 8 -- identified by Microsoft as MS14-018 -- on Windows 7, and who rely on Windows Update to download and install fixes, did not receive the June 10 IE update. Nor will IE11 receive any future updates, security or otherwise, until that MS14-018 has been installed. Windows Update will not display the appropriate...

Microsoft has kicked off what it calls a "two-year countdown" to the death of Windows XP and the Office 2003 productivity suite. Separately, Microsoft announced that Windows Vista, the problem-plagued operating system that never really took hold among customers, exited mainstream support on April 10. In a product's extended support phase, Microsoft provides security patches to registered users but offers other fixes, including reliability and stability updates, only to organizations that have support contracts with the company. Windows XP and Office 2003 will no longer be supported as of April 8, 2014, a company spokeswoman said in a recent blog...

Google employees are slamming Microsoft's Windows operating system, claiming security vulnerabilities in the OS left the company open to Chinese hackers in January 2010, a new report says. According to the Financial Times, Google will ditch the internal use of Windows in exchange for alternative operating systems including the Mac OS, Linux, and Google's own forthcoming Chrome OS operating system.The May 31 Financial Times article quotes only anonymous Google sources, identifying them as several of Google's 10,000 employees. FT reporters David Gelles and Richard Waters write: "Employees wanting to stay on Windows required clearance from 'quite senior levels', one...

In a rare alert, the U.S. Department of Homeland Security has urged Windows users to plug a potential worm hole in the Microsoft operating system. You can view the DHS Press Release here

CHICAGO, Aug. 8 (UPI) -- Microsoft Corp. is releasing a beta version of Windows Vista, its latest operating system -- said to be impervious to most network hackers -- and the accompanying server software is anticipated later this year, experts told UPI's Networking. According to Microsoft, one of Vista's primary features is its network access protection. Often, worms and viruses attack an internal corporate network via mobile PCs -- and handhelds -- that lack the latest security updates or virus signatures. With Vista, mobile computing users will be prevented from linking to a corporate network until they have installed all...

Modest pioneer: Blake Ross. At 7, he was a computer game addict. At 17, he made the breakthrough that created Firefox. At 19, he is a student of computer science (DAVID ADAME) Is this internet prodigy about to knock Microsoft off its pedestal?By David AdamsA Miami teenager has created a free web browser that has been called Bill Gates's worst nightmare   A MIAMI teenager is basking in the glory of helping to create a new internet browser at 17 that is now challenging the grip of Microsoft, which once held a virtual monopoly on web surfing.Computer analysts say...

Don't connect that new PC to the Internet before taking security precautions, researchers at the Internet Storm Center warned Tuesday. According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it's compromised by malware, on average. That figure is down from around 40 minutes, the group's estimate in 2003. The Internet Storm Center, which is part of the SANS Institute, calculated the 20-minute "survival time" by listening on vacant Internet Protocol addresses and timing the frequency of reports received there. "If you are assuming that most of these reports are...

Microsoft Security Bulletin MS02-065  Print Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414) Originally posted: November 20, 2002Summary Who should read this bulletin: Customers using Microsoft® Windows®, particularly those who operate web sites or browse the Internet. Impact of vulnerability: Run code of attacker’s choice Maximum Severity Rating: Critical Recommendation: Users should apply the patch immediately. Affected Software: Microsoft Data Access Components (MDAC) 2.1 Microsoft Data Access Components (MDAC) 2.5 Microsoft Data Access Components (MDAC) 2.6 Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0 Note: The vulnerability does not affect...