Summary: Assorted new links about Windows and security

● Almost all Windows users vulnerable to Flash zero-day attacks

More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, a Danish security company said today.

● Microsoft offers patches to ward off ActiveX attacks

A critical patch for all versions of IE will protect consumers, while a security update for Visual Studio will help developers fix the controls and components they built that could be affected.

● Conficker Mystery to Continue at Black Hat Conference

Still, the malware helped build one of the biggest botnets in years—at one point reaching around several million, according to some estimates. In May, even after months of publicity and work by vendors and researchers, the worm was still attempting to infect some 50,000 new PCs daily.

● VG temporarily blocked iTunes, labeling it malware

AVG's free antivirus product temporarily blocked users from getting to iTunes late last week, detecting it as a Trojan, the company said on Monday.

For about five hours on Friday starting around 4 p.m. PDT, AVG users couldn't access iTunes because of the false alarm.

● Benign security warnings have trained users to ignore them

It should come as no surprise that most Internet users ignore security certificate warnings, but a new study examines just how severe this behavior is and why people do it. Hint: it's because legit websites cry wolf with SSL warnings on a regular basis.

● Report finds fake antivirus on the rise

PandaLabs found 1,000 samples of fake antivirus software in the first quarter of 2008. In a year, that number had grown to 111,000. And in the second quarter of 2009, it reached 374,000, Luis Corrons, technical director of PandaLabs said in a recent interview.

● Windows 7 Ultimate Cracked and Activated Permanently with OEM SLP Master Product Key (with SLIC 2.1)

After extracting the OEM certificate and OEM product key, it’s confirmed that Windows 7 uses the same digitally signed OEM certificate (in .xrm-ms extension) that is been used in Windows Vista. Windows Vista OEM cert can be used in Windows 7 has been explained in Windows 7 forum.

● Data Detailing New York Stock Exchange Network Exposed on Unsecured Server

Sensitive information about the technical infrastructure of the New York Stock Exchange’s computer network was left unsecured on a public server for possibly more than a year, Threat Level has learned.