Free Republic

David Eckstein turned on his computer one day and launched his Web browser, just as he had every day. This time, however, CNN.com did not automatically open. Instead, the page was a search engine he'd never heard of. Eckstein tried changing the browser settings back to CNN but the search engine would return whenever he rebooted. Finally, he just gave up. The San Francisco marketing consultant is yet another victim of spyware, an amorphous class of software that mostly gets onto people's computers without their knowledge. So resource-hungry, it often renders the machines unusable. "It makes you want to throw...

The site has multiple forums for various computing problems, but the overwhelming number of inquiries in the last year has dealt with spyware, which on the site has a variety of less neutral names, "scumware" being one of the more polite. Scumware had been an epidemic; in the last year it grew into a pandemic, said Steve Wechsler, one of those drawn to Eshelman's site. Wechsler was tending bar at a public golf course in South San Francisco when he bought his first computer less than a decade ago. "I brought it home and turned it on, clicked on Netscape...

Corporate PCs 'riddled with spyware' By John Leyden Published Thursday 2nd December 2004 17:23 GMT Corporate systems are riddled with spyware, according to a study by an anti-spyware firm. Companies voluntarily using Webroot's Corporate SpyAudit tool had an average of 20 nasties per PC, Webroot reports.Most of the items found were harmless cookies. But average five per cent of the PCs scanned had system monitors and 5.5 per cent had Trojan horse programs, the two most nefarious and potentially malicious forms of spyware. The audit - based on scans of more than 10,000 systems, used by more than 4,100 companies...

Citing security risks, a state university is urging students to drop Internet Explorer in favor of alternative Web browsers such as Firefox and Safari. In a notice sent to students on Wednesday, Pennsylvania State University's Information Technology Services department recommended that students download other browsers to reduce attacks through vulnerabilities in the Microsoft software. The university said "media reports" and a string of warnings by Carnegie Mellon University's Computer Emergency and Response Team led to its recommendation. "We're not telling people to wipe off IE, because you need IE to do operating-system updates," Robin Anderson, a spokeswoman for Penn State's...

Microsoft may charge extra for security softwareThursday, December 16, 2004 Posted: 7:57 PM EST (0057 GMT) WASHINGTON (AP) -- Microsoft Corp. disclosed plans Thursday to offer frustrated users of its Windows software new tools within 30 days to remove spyware programs secretly running on computers. But it might cost extra in coming months.In a shift from past practice, the world's largest software manufacturer said it may charge consumers for future versions of the new protective technology, which Microsoft acquired by buying a small New York software firm. Terms of the sale of Giant Company Software Inc. weren't disclosed.

Symantec Corp.'s Security Response service on Friday confirmed that unpatched Windows vulnerabilities could pose a serious risk for exploits via malicious Web pages and e-mail messages. One of the three security vulnerabilities involves image handling—a source of recent exploits on Windows and Unix (news - web sites) operating systems. The other two risks are found in the Help system and in Window's ANI (Automatic Number Identification) authentication. Symantec said the Microsoft Windows LoadImage API Function Integer Overflow Vulnerability could be exploited via browsers or e-mail client software. Users who open an HTML message or Web page bearing the image could...

Hi All: PC World has a pair of articles about a potentially dangerous new development on the spyware/adware front: WMA (Windows Media) files being used to install adware and spyware. See: Risk Your PC’s Health for a Song? http://www.pcworld.com/news/article/0,aid,119016,00.asp Protect Yourself From Audio Adware http://www.pcworld.com/news/article/0,aid,119063,00.asp In short, the well-known copyright management/protection firm Overpeer has figured out how to install adware through Windows Media files. The technique exploits features of the Windows Media DRM functionality to launch special Internet Explorer windows that display popup ads and that also attempt to download and install adware/spyware. This happens when the user opens the...

Users have a lot to worry about when downloading and playing media files. Are the files legal? Can their computers play the required file formats? Now there's yet another problem to add to the list: Will a media file try to install spyware? When Windows Media Player encounters a file with certain "rights management" features enabled, it opens the web page specified by the file's creator. This page is intended to help a content providers promote its products -- perhaps other music by the same artist or label. But the specified web page can show deceptive messages, including pop-ups that...

Search engine operator Google has blocked ads that attempt to exploit security holes in the Internet Explorer. In the past few days, Google has been displaying context-sensitive ads on the right margin from its program partner AdWords that link to sites with dangerous JavaScript for various search terms such as "Preisvergleich" (price comparison) and "Gebraucht PC" (used PC). If you clicked on one of the links in the Internet Explorer, a JavaScript attempted to install spyware on your system. And the normal list of hits also included a lot of sites with Trojans. This Monday, Google reacted to the problem...

Microsoft releases its Beta 1 version of its new Anti-Spyware software. It blocks over 50 ways for spyware to enter your computer. I have downloaded it and checked it out. It’s very upfront and to the point. I have some REALLY nasty test programs and it stops everything I can find in its tracks. One of the very cool parts of this software is that it will kill spyware that is currently memory resident. Most spyware software will require a reboot and then rescan at system start up. Firefox/Mozilla had an issue downloading it, so just use IE for the...

The Register » Security » Network Security » Original URL: http://www.theregister.co.uk/2005/01/10/ie_sp2_exploit/Exploit code attacks unpatched IE bug By John Leyden (john.leyden at theregister.co.uk) Published Monday 10th January 2005 12:08 GMT Code which exploits a vulnerability in the HTML Help control of Internet Explorer has been released onto the net. Secunia has upgraded the vulnerability (http://secunia.com/SA12889), uncovered in October 2004, to "extremely critical". Even users who have upgraded to Windows XP SP2 with all available patches are affected, the security reporting firm warns. "The vulnerability can be exploited by malicious people to place and execute arbitrary programs on a client system if a...

Secunia recommends users drop IE and use an alternative browser. "Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible," the security firm said in a statement. Millions of Internet Explorer 6 users are at risk from three "extremely critical" security holes that give hackers open access to PCs running the browser -- even if Windows XP Service Pack Two has been installed. The first issue centers on the browser's drag-and-drop capability, which does not validate new files correctly. This means that, potentially, a document downloaded from a Web page using drag and drop may...

Downloads malicious application when video files are runSecurity experts have intercepted two malicious Trojans hidden in video files that download and install spyware, diallers and computer viruses when played in Microsoft Windows Media player. PandaLabs warned that Trj/WmvDownloader.A and Trj/WmvDownloader.B, are spreading through P2P networks hidden in video files. These Trojans take advantage of technology incorporated in Microsoft Windows Media player called Windows Media Digital Rights Management (DRM), designed to protect the intellectual property rights of multimedia content. When a user tries to play a protected Windows media file, this technology demands a valid licence. If the license is...

Microsoft on Tuesday released the year's first three security patches to Windows, including two it called "Critical," but did not patch all the vulnerabilities that have surfaced in the last several months. "These are exactly what we expected this month, a couple of patches against threats that are 'wormable'," said Mike Murray, the director of research at nCircle, the vulnerability management vendor whose flagship product is IP360. The first critical flaw is in Windows Server 2003, and in Windows 98, Me, 2000, and XP, including Service Pack 2, the security update that Microsoft rolled out last October. The ancient Windows...

E Flaw Exploited Security firm identifies exploit technique for known browser hole. Matthew Broersma, Techworld.com Friday, January 07, 2005 Internet Explorer has become an even bigger security risk--even under Windows XP SP2--with the publication of a new and extensive exploit. Advertisement Security researchers have warned that the exploit, which takes advantage of known loopholes in SP2, could allow an attacker to run script code on a user's system via a specially crafted Web page. Known Hole The holes involved have been known publicly for more than two months, but previous exploit techniques required the user to take actions such as...

Microsoft has announced that it will release three patches for its Windows operating system next week. The fixes, which will carry a maximum threat rating of "critical," will be issued Tuesday, the company said. Under its two-month-old advance notification program, Microsoft typically gives the public early notice of the number of updates it plans to deliver and of the severity of the vulnerabilities the updates fix. The only other detail the software giant revealed Thursday was that people may have to restart their Windows systems for the patches to take effect. Microsoft did not say whether the patches will fix...

A new Trojan horse - named Phel - that punishes users of Microsoft Windows XP operating system is in the wild. Security software firm Symantec has issued a bulletin warning Windows XP users to be on the look out for the program, which is distributed as an .html file. The malicious code can attack systems running XP Service Pack 2. The vuln was first found in October, and Microsoft is busy trying to catch up to it. "Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the company told ComputerWorld....

A trio of new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over the weekend, nudging some security vendors to alert users that their systems may be open to attack and hijacking. The vulnerabilities, first reported by a Chinese group and then posted to the Bugtraq mailing list, are in Windows' LoadImage API function, its animated cursor files, and in the way it handles help files. All of the bugs are as yet unpatched. All currently-supported versions of Windows -- Windows NT, 2000, XP, and Windows Server 2003 -- are affected by the three flaws,...

Spyware used to be defined as applets, cookies or any other method used to collect statistics on your browsing habits. Gone are the days of such a benign interpretation. Spyware has evolved into a problem that surpasses those posed by traditional worms, viruses and Trojans. Today, these once relatively innocuous apps have evolved from anonymous, and often invisible, traffic statistics gatherers into beasts capable of crippling your PC's performance by installing unwanted toolbars, pop-up ads, desktop icons and many other nuisances. If that's not bad enough, some Spyware will modify system files, change security zone settings, keylog your sessions, spawn...

December 19, 2004 New Microsoft Patch Blocks Firefox Downloads by Scott Ott (2004-12-19) -- Microsoft Corp. today released a new security patch for its Internet Explorer (IE) web browser which prevents users from accidentally or intentionally downloading the new free, open-source Firefox browser from The Mozilla Foundation. "Firefox is a dangerous and contagious browser that could seriously jeopardize marketshare ," said an unnamed Microsoft spokesman. "Unless consumers take action to block Firefox, it could speed up web surfing and return control of user computers to the users themselves." The source added that Internet Explorer is a superior product because it...