WorldWar-E™

A newly formed gang of rogue security researchers calling itself MSRC (Microsoft-Spurned Researcher Collective) has announced it will publicize any Windows vulnerabilities it finds, rather than reporting them privately to Microsoft for the company to patch. Making good on its threat, the group published in a security advisory a vulnerability that can lead to a [...] Read more »

Posted on July 17th, 2010 under Cyber Security, Microsoft, Security News, Windows. Tags: 64 Bit Windows, Academic Exercise, Microsoft-Spurned Researcher Collective, Msrc, Windows Bugs, windows vulnerabilities. Comments: None

Google engineer Tavis Ormandy, a bug hunter known for finding kernel-level operating system coding errors, has released details about a serious zero-day vulnerability in Windows XP that could leave an open hole for a remote attacker.
The flaw is contained in the Windows Help and Support Center, a Web-based feature providing technical support to end users. [...] Read more »

Posted on June 17th, 2010 under Consumer Cyber Alert, Exploits & Hacks, Security News, Windows. Tags: Attacks, Coding Errors, cross-site scripting attack, Google, Implementation Error, Microsoft, Open Hole, Security, Security Flaw, Vulnerability, Windows, windows help flaw, Windows Xp, Zero Day. Comments: None

A just-published attack tactic that bypasses the security protections of most current antivirus software is a “very serious” problem, an executive at one unaffected company said.
Last week, researchers at Matousec.com outlined how attackers could exploit the kernel driver hooks that most security software use to reroute Windows system calls through their software to check for [...] Read more »

Posted on May 23rd, 2010 under Consumer Cyber Alert, Exploits & Hacks, Security News, Windows. Tags: crack, Exploit, Security Threat, Software Vulnerabilities, Vulnerability. Comments: None

Microsoft patched two critical vulnerabilities in Office, the Visual Basic for Applications development tool and its Windows e-mail clients.
Neither of the two security updates Microsoft released today really grabbed researchers. “It’s the month of insignificant patches,” said Tyler Reguly, a lead security research engineer at nCircle Security.
“Sort of the bottom of the barrel,” added Jason [...] Read more »

Posted on May 21st, 2010 under Consumer Cyber Alert, Email, Security News, Windows. Tags: Bottom Of The Barrel, Intercepts, Mail Clients, Man In The Middle Attack, Secure Socket Layer, Security, Security Patch, software patch. Comments: None

A just-published attack tactic that bypasses the security protections of most current antivirus software is a “very serious” problem, an executive at one unaffected company said today.
Last Wednesday, researchers at Matousec.com outlined how attackers could exploit the kernel driver hooks that most security software use to reroute Windows system calls through their software to check [...] Read more »

Posted on May 17th, 2010 under Consumer Cyber Alert, Exploits & Hacks, Security News, Windows. Tags: Antivirus Software, Attackers, Cyber Attack, Kernel Driver, Security, Security Protections, Security Threat, Windows Desktop Security, Windows Security Software. Comments: None

Hackers are targeting iPad users with bogus update messages that dupe them into downloading malicious code onto their Windows PCs, a security researcher said Monday.
The messages claim that a recent update to iTunes has been released for the iPad, according to Romanian security company BitDefender. “It is very important to keep the software on your [...] Read more »

Posted on May 7th, 2010 under Consumer Cyber Alert, Exploits & Hacks, MAC, Security News, Windows. Tags: Ipad Owners, Mac Customers, Mac Software, Mac Users, Malicious Code, Security, Target Windows, Trojan Horse, Windows Pcs. Comments: None

Microsoft should add a basic PDF viewer to Windows to help protect users from the spike in attacks exploiting bugs in Adobe’s Reader, a security researcher said.
“Apple does this with its Preview [application], and Microsoft should, too,” said Sean Sullivan, a security advisor with Finnish antivirus vendor F-Secure’s North American operation. “I just want to [...] Read more »

Posted on May 7th, 2010 under Adobe, Exploits & Hacks, Security News, Windows. Tags: Abobe, Adobe Reader, Advanced Features, Attackers, built in PDF viewer, Exploits, Pdf Documents, Pdf Readers, Security Advisor, Windows, windows PDF viewer. Comments: None

A critical vulnerability affecting Microsoft Windows 2000 Server running Windows Media Services will remain unfixed until Microsoft re-releases a patch for it, the company said on Friday.
A patch for the hole, which could allow an attacker to take control of a system, was released during Patch Tuesday last week. However, Microsoft pulled the patch this [...] Read more »

Posted on May 2nd, 2010 under Security News, Windows. Tags: faulty patch, Microsoft, software patch, Vulnerability, Windows 2000 Server, Windows 2000 server update. Comments: None

Enterprise customers of a widely used McAfee anti-virus product were in a world of hurt on Wednesday after an update caused large swaths of their machines to become completely inoperable.
The problem started around 2 pm GMT when McAfee pushed out DAT 5958 to users of VirusScan Enterprise. The virus definition falsely identifies a core Windows [...] Read more »

Posted on April 30th, 2010 under Consumer Cyber Alert, Security Alerts, Security News, Windows. Tags: false positive infection, incorrect classification, Mcafee, rougue macafee update, rougue updater. Comments: None