A news has been released by The Register that an unnamed worm which targets a popular instant messaging software, Skype, is now also attacking other similar software such as ICQ and MSN.

The worm shows a user a chat message which contains a link to a malicious website. The article notes that the site contains a .pif file which will infect the computer of the user.

According to FaceTime Communications, the malware attempts to spread by creating messages in MSN and ICQ.

Chris Boyd of FaceTime writes, “The infection checks the registry for evidence of programs like AIM, Trillian, Yahoo Messenger, Miranda and ICQ - however, so far we’ve only seen it fire a message to an ICQ and an MSN Messenger Client.”

FaceTime thinks that this was made by the same people who created a Skype worm before.

Source: The Register

Securecomputing.net.au has posted an article about a new worm which is made to attack the software suite OpenOffice on all operating systems including Windows, Linux, and Mac.

The worm has been identified as “Badbunny” because it attempts to download and display an indecent image of a man in a bunny suit. The format of the image is JPG.

Ron O’Brien who is a senior security analyst at Sophos said, “It’s in a category of what we’d call “proof of concept,” and it’s the first volley of malware that operates on all three platforms. It’s clearly an indication that this person is making a statement about whether one operating system is more insecure than another, and we can expect to see additional malware that’s capable of operating across multiple platforms.”

Source: SC Magazine

DriveImage XML is a free, stand alone application for making a complete backup image of any logical drive or partition, allowing you to backup/restore an entire operating system.

The application also includes an image explorer allowing you to view the files inside the backup file created and extract individual files (Im sure plenty of us have left a file behind at some point).

A really neat feature about this backup imaging tool is that it can use volume locking or shadow locking to create backups from within Windows, without the need to reboot. DriveImage XML also stores your data in .dat files using the XML format which allows you to use them in 3rd part applications. Works on Windows XP, 2003 and Vista.
Read the rest of this entry »

Last week, Microsoft has released patches for their Office 2007 software suite but users may have missed the update even though they may have used Microsoft Update or Microsoft Windows Server Update Services.

Mark Griesi of SRCT said, “I wanted to let you know that we have updated the detection logic for the May 8th Security and Non-Security Updates for Office 2007, with the exception of the Junk Mail Filter update. In some cases, the original detection logic may not have offered the updates or the updates may not have been installed successfully on systems running Windows Vista. So for those of you out there, such as myself, who are running Office 2007 on Windows Vista, please go ahead and install these updates if they are offered to you.”

Source: M&C

A serious flaw was discovered on the Norton Personal Firewall software and users were advised to update the software.

Symantec said that it involves ActiveX controls. This means that hackers can inject hostile code by taking advantage of the flaw.

Three different softwares are affected and they are:
-Norton Internet Security 2004
-Norton Internet Security 2004 Professional edition
-Norton Personal Firewall 2004

The later versions of these software are not affected. So if a user has a version such as 2005, then he or she will not have to download any update.

The patch can be downloaded through the LiveUpdate service.

Source: The Register

A huge problem has occured on Chinese computers due to an update from Symantec Corp.

It affected those who were using the Windows XP operating system. It occured about 1:00 a.m. Beijing time on Friday. The main problem was that a virus-signature update mistook two critical files in windows\system32 directory as Trojan horses. The two files that were quarantined are netapi32.dll and lsasrrv.dll.

The PCs that have been affected and rebooted will now show only a blue screen at start-up.

An hour and a half after, a new signature update was released but it was too late for those who rebooted their PCs.

A similar thing happened in March. It also involved Symantec.

Source: PC WORLD

When I was 17, I started on the path as a self-employed computer techie. On the way, I made many mistakes where I remember the lesson that I had learned almost daily in my modern day repairs. I would love to share these with our Technibble members, especially our younger techies who are just starting.
Read the rest of this entry »

Computerworld has posted an article about a problem in Internet Explorer version 7 that occurs after users install the six-bug patch that was released this month.

“The issue here is that after applying the update, these users may then see the ‘File Download — Security Warning’ dialog box raised when starting IE. After you close the dialog, you then cannot start IE,” said Christopher Budd of Microsoft.

The program manager with the Microsoft Security Response Team added that the dialog box appears when the temporary internet files has been moved. Since IE does not have access rights to the new location, it will not run after the warning.

Source: Computerworld

A security researcher has bought a Google ad campaign to test whether users will click on a banner that says their computer can be infected if they click the banner.

The result is that it had a click-through rate of 0.16 per cent. The actual figures was that it was displayed 259,723 times on various webpages and it received a total of 409 click-throughs. Only $23 was spent on the campaign which lasted for six months. It means that for 5 cents each, the person could have infected a computer for that small cost.

Didier Stevens said “I’m sure I could get much more traffic with a higher Google Adwords budget and a better designed ad,”

Source: The Register

One more person who is a security researcher has discovered how to hack Windows Vista’s User Account Control (UAC) function which is one of Vista’s security feature. The name of the person is Robert Paveza and he is a web application developer.

Paveza published a paper which demonstrates how to run malicious code which infect computers that run Windows Vista while running on limited priviledges that was setup in the UAC.

“For instance, if users believe they are downloading a ‘Pac-Man’ clone, such a game could be run while the malicious software did its work in the background. It is important to note that, realistically, once the proxy infection tool has been run on the target machine, the target is effectively infected,” Paveza said.

Source: PC WORLD