Eset Virus Signature Database Update 5418 may cause issues

by certifiedbug on September 2, 2010

in Software

Eset Knowledgebase

Virus Signature Database Update 5418, released on September 2, 2010 at 6:00 AM PST may cause an “ekrn.exe” error. Other reported issues include ekrn crashing, systems not responding and threat notifications with blank name fields.

At 8:00 AM PST, Virus Signature Database update 5419 was released In most cases, restarting your computer and updating your ESET security product will resolve the issues you are experiencing.

If the issue persists after restarting and updating your ESET security product, then restart again. If you still experience issues after restarting twice, uninstall and reinstall your ESET security product.

Business Customers
If you cannot restart your system, update your ESET security product to Virus Signature Database update 5419 and run “net start ekrn” from the Command Line to start ekrn.exe. If you receive a message that ekrn started successfully, your issue should be resolved.

If you are using a mirror server, click Tools ? Server options ? Updates and deselect the Provide updates via internal http server option. Click Update now and ensure that it updates to 5419. Then re-select the Provide updates via internal http server option and click OK.

If you continue to receive this error or experience other issues related to this update, and you are currently running virus signature update 5419, download and run this utility: http://download.eset.com/special/eset_update_fix.exe on all workstations.

For customers running virus signature update 5417 or 5418, run the utility and then manually update workstations.

If you continue to experience problems after completing all steps above, contact ESET Customer Care.

http://www.eset.com/support/contact

Tags:

{ 0 comments }

Twitter moves to OAuth

by certifiedbug on September 1, 2010

in Internet Security

Twitter Blog

If you are like most Twitter users, you have used use a third-party Twitter application to read or send Tweets. As of August 31, Twitter applications will all use OAuth, an authentication method that lets you use apps without them storing your password.

What does this mean for me?
The move to OAuth will mean increased security and a better experience. Applications won’t store your username and password, and if you change your password, applications will continue to work.

With OAuth, you still individually approve each application before using it, and you can revoke access at any time. To see which applications you have authorized or to revoke access, just go to the Connections section under Settings.

One thing to note – to continue to use your favorite applications, you should make sure you are running the latest version of the app. Otherwise, you may soon find that it doesn’t work anymore.

Some are already calling it “OAuthcalypse”

Tell me more about OAuth
In order for Twitter applications to access your account, developers have been able to choose one of two authentication methods: Basic Authentication or OAuth. Both require your permission, but there is an important difference. With Basic Auth, you provide your username and password for the app to access Twitter, and the application has to store and send this information over the Internet each time you use the app. With OAuth, this isn’t the case. Instead, you approve an application to access Twitter, and the application doesn’t store your password.

http://blog.twitter.com/2010/08/twitter-applications-and-oauth.html

Tags:

{ 2 comments }

Fake TweetDeck Update On Twitter TDSS Malware

August 31, 2010

TweetDeck Support We are seeing a number of updates on Twitter urging users to download a file called “tweetdeck-08302010-update.exe” from a URL beginning with http://alturl.com/. These tweets are from hacked accounts and this file does not come from us. Do not download it. Official updates are exclusively available at: http://www.tweetdeck.com/desktop/ To ensure your safety TweetDeck [...]

Read the full article →

Tracking command and control servers

August 28, 2010

FireEye Malware Intelligence Lab FE Malware Researcher Atif Mushtaq Chasing CnC Servers – Part 1 The purpose of this series is to discuss limitations and challenges involved in using black lists (DNS & IP) for network based anomaly detections. I will focus more on the problems of tracking botnets using their control server identities alone. [...]

Read the full article →

Alureon Botnet Evolves

August 28, 2010

Microsoft Malware Protection Center In terms of detections by operating system, Windows XP continues to be the most common target, chalking up over three quarters of the detections across all platforms. Windows Vista and Windows 7 are relatively unchanged from the May report. However, the authors of these attacks have not been resting. Just under [...]

Read the full article →

White House Meeting to address on-line counterfeit prescription medications

August 28, 2010

“Krebs on Security” Blog The Obama administration is inviting leaders of the top Internet domain name registrars and registries to attend a three-hour meeting at the White House next month about voluntary ways to crack down on Web sites that are selling counterfeit prescription medications. “The purpose of this meeting is to discuss illegal activity [...]

Read the full article →

Researchers cripple Pushdo Botnet

August 28, 2010

LastLine Inc We identified a total of 30 servers used as part of the Pushdo/Cutwail infrastructure, located at eight different hosting providers all over the world. The information about the activity was extracted from Anubis reports, which contain details about the system and network activities, including a pcap file that contains the network traffic we [...]

Read the full article →

TDL3 rootkit targets x64

August 28, 2010

“A new era has officially dawned; the era of x64 rootkits,” “The infection is spreading on the Web, by using both porn Web sites and exploit kits,” said Prevx researcher Marco Giuliani in a post to the company’s blog August 26th. A previous version of the rootkit “Alureon/TDL3/TDSS” caused serious problems earlier this year after [...]

Read the full article →

DLL preloading attacks

August 26, 2010

Microsoft Security Advisory (2269637) Insecure Library Loading Could Allow Remote Code Execution Published: August 23, 2010 Executive Summary Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries. This issue is caused by specific insecure programming practices that allow so-called [...]

Read the full article →

Intel releases dual-core Atom netbook processor

August 23, 2010

Intel Corporation announced that netbooks based on its new mobile dual-core Intel® Atom™ processors are available now and through the end of the year. Manufacturers include Acer, ASUS, Fujitsu, Lenovo, LG, Samsung, MSI, and Toshiba. “In their short history, the netbook category has experienced impressive growth,” said Erik Reid, director of marketing for mobile platforms [...]

Read the full article →

← Previous Entries