Posts tagged as:

Internet Security

Mariposa Botnet infection cleanup

by certifiedbug on March 6, 2010

in Microsoft

Microsoft Malware Protection Center. In focus: Mariposa botnet

The MMPC added Win32/Rimecud to MSRT’s removal capability in January 2010 and between January and February reported over 1 million distinct machines disinfected from this worm.

The Mariposa botnet criminals presumably use a number of different threats, but it appears to be primarily Win32/Rimecud. It is great to see our industry colleagues moving in the same direction to address these disruptive threats. Rimecud isn’t particularly new and the criminals apparently were trading their goodies at their counter. We first observed Win32/Rimecud in November 2008.

Since January 2010
Rimecud

Certifiedbug: March 3, 2010. Three arrested for running “Mariposa” botnet

{ 0 comments }

Opera Vulnerability Identified

by certifiedbug on March 6, 2010

in Browser

A vulnerability rated as critical has been identified in Opera 10.50 and prior versions.

The buffer overflow error when processing malformed HTTP “Content-Length:” headers could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server.

Confirmed by VUPEN with Opera version 10.50 on Windows XP SP3.

Reference: http://www.vupen.com/english/advisories/2010/0529

{ 0 comments }

MS10-015 security update re-released

March 3, 2010

The Microsoft Security Response Center (MSRC)
Jerry Bryant
Sr. Security Communications Manager Lead
I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection [...]

Read the full article →

win32hlp and Internet Explorer issue

February 28, 2010

The Microsoft Security Response Center (MSRC)
Sunday, February 28, 2010
On Friday 2/26/2010, an issue was posted publicly that could allow an attacker to host a maliciously crafted web page and run arbitrary code if they could convince a user to visit the web page and then get them to press the F1 key in response to [...]

Read the full article →

Rogue-Security Essentials 2010

February 25, 2010

Rogue security products use false advertising, drop malware and often have a similar name or appearance to legitimate security software.
Scareware has already mimicked the Windows Security Center. This one mimics Microsoft Security Essentials and calls itself “Security Essentials 2010”.
Microsoft Malware Protection Center.
As we in the MMPC have always been quick to point out, Microsoft Security [...]

Read the full article →

Microsoft knocks out Waledac Botnet

February 25, 2010

Microsoft, a founding member of the Botnet Task Force, announced that a federal judge has granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals controlling a vast network of infected PCs.

This action has quickly and effectively cut off traffic to Waledac at the “.com” or domain registry level, [...]

Read the full article →

Virus Bulletin Poll-Nearly 20% still running Insecure IE 6

February 24, 2010

A poll by Virus Bulletin showed a large number of respondents are still running IE 6, even in the workplace.
In VB’s poll, 15% of respondents said they were running the browser at work, indicating that, for many organizations, upgrading is not a priority – whether that is for reasons of compatibility with legacy applications or [...]

Read the full article →

Alureon Rootkit and MS10-015 Issues

February 18, 2010

Wednesday, February 17, 2010
The Microsoft Security Response Center (MSRC)

Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit. We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and [...]

Read the full article →

Update – MS10-015 Issues

February 12, 2010

Friday, February 12, 2010
The Microsoft Security Response Center (MSRC)
Update – Restart Issues After Installing MS10-015
In our continuing investigation in to the restart issues related to MS10-015 that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes [...]

Read the full article →

Update on AMO Security Issue

February 10, 2010

Mozilla
Last week, we disclosed two instances of suspected malware in experimental add-ons on AMO. Since that disclosure, we’ve worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware. The same investigation also [...]

Read the full article →

← Previous Entries