Archive for October, 2007

Microsoft hard at work to fix deep vulnerability

Posted in All Posts, Email Security, Exploits, Malware, Updates on October 31st, 2007

Microsoft is working furiously to fix a deep vulnerability in Windows. This vulnerability has affected lots of third party software vendors, and has hit Adobe Reader particularly hard. 

This vulnerability is being very actively exploited in the wild, both through infected email and through infected web sites.  It is propagated via infected .pdf files.   Therefore it is very important to download and install the latest patch to Adobe reader.  We advise all readers to check to see if they have Reader version 8.1.1, and if they don’t, to install it immediately.

Also, look for a patch from Microsoft in the near future.    We predict Microsoft will issue a patch ASAP, and not wait for their normal second Tuesday update cycle because this vulnerability is so important to get plugged.

For more information:

http://www.theregister.co.uk/2007/10/26/microsoft_scrambles_to_fix_windows/

Leave a Comment »

Spy on the Spy

Posted in Anti-Malware Tools, Security Tools on October 22nd, 2007

A nifty little program, Spy-The-Spy, monitors your C:\windows folder (or any folder you designate) for new or changed .dll or .exe files.

It will tell you instantly if files are added or modified.  Use it careful, and understand what is does and does not do.

From the author:

“But I want to know the very moment something is being installed on my computer. It is sad that Windows while trying to be friendly is quiet about things that are being added. I don’t care if it is legit application or not. Obviously if I am installing application, I expect it to add some files to Windows or Program Files. No surprise. But I am just browsing web and application is secretly added and run while Windows is fine with it?

Monitor my Windows
So I build an application that when it is running it simply monitors system folders for any new exe’s or dll’s being added or renamed: For example Windows and System32 folder is the main harbour for these bugs, but also Program Files or Documents and Settings.”

For more info and to download this program, please visit the authors site:

http://www.mediachance.com/free/spythespy.htm

Leave a Comment »

Test your (anti)phishing skills

Posted in Email Security, General, Online Security, Safe e-Commerce, Security Tools on October 1st, 2007

 Carnegie Mellon University has produced a little phishing game to test you skills at spotting fake Internet addresses (URL’s).

The game can be accessed at the following address:

http://cups.cs.cmu.edu/antiphishing_phil/

Leave a Comment »

_____________________________________________________________________________________________________________