09.01.09
Eye on Microsoft: More Security Catastrophes
Summary: Security-related items from the news (highlights in red are ours)
• Conficker, back with a vengeance as top worm
The infamous Conficker worm first spread its malicious infection across the Internet more than eight years ago and just last month it shot back into prominence, infecting 43 percent of machines in use worldwide in the space of four weeks and, for good measure, it now installs rogue security software on compromised machines.
• Skype snooping trojan detected
“What this threat is doing is actually grabbing the sound coming from the audio devices plugged into the computer,” Selvaraj wrote. “It does this by hooking various Windows API calls that are used in audio input and output.”
• Skype Trojan can log VoIP conversations
Symantec claims to have found the public release of source code for a Trojan that targets Skype users..
Security giant Symantec claims to have found the public release of source code for a Trojan that targets Skype users.
• Microsoft ATL/MFC ActiveX Type Confusion Vulnerability
Remote exploitation of a type confusion vulnerability in Microsoft Corp.’s ATL/MFC ActiveX code as included in various vendors’ ActiveX controls, could allow an attacker to execute arbitrary code within Internet Explorer (IE). Microsoft’s Component Object Model (COM) was designed to allow interoperability between disjointed software components. It is a standardized interface solution to the programming dilemmas involved in object oriented programming, distributed transactions, and inter-language communications. Microsoft’s Active Template Library (ATL) is a set of C++ templates that simplify developing COM objects.
Related posts:
- Journalists Suggest Banning Windows, Maybe Suing Microsoft Over DDoS Attacks
- When Does it Become Appropriate to Take Windows off the Information Highway?
- Microsoft’s Blame-Shifting Strategy Precedes More Trouble
- Leave Microsoft Alone
- Never Blame Microsoft, Blame Users and Exploits
- Botnets and Bounties Versus Real Security
- Is Windows to Blame for Cracking of Federal Aviation Administration (FAA)?
- Windows Problems Take Down Airplanes, JFK Airport, Houston Municipal Courts
- Turkey, France, United Stated Under Attack by Microsoft Windows Insecurities
- Microsoft Adopts Malware Techniques to Advance .NET
- Windows Botnets Go Out of Control, Obama Web Site Delivers Windows Malware
- One Windows Worm, One Week, and Possibly 250,000,000+ New Windows Zombies
- Death by Microsoft Windows
- UNIX/Linux Offer More Security Than Windows: Evidence
- US Army Becomes Zombies Army; London Hospitals Still Ill (Windows Viruses)
- Eye on Microsoft: Another Messy Week for Security
- Cybercrime Rises and Vista 7 is Already Open to Hijackers
- Vista 7: Broken Apart Before Arrival
- Vista 7 Security “Cannot be Fixed. It’s a Design Problem.”
- Department of Homeland Security ‘Poisoned’ by Microsoft; Vista 7 is Open to Hijackers Again
- Liability for Software When Life is at Stake
- Microsoft Windows Zombies Also Knocked Facebook and Gawker Offline, More “Critical” Microsoft Flaws Discovered
- Bad Day for Twitter: Attack from Microsoft Windows Zombies, Texas Lawsuit Over Software Patents
- Off Topic: A World Where Almost One in Two PCs is a Windows Zombie PC