Spyware, Viruses, & Security forum

General discussion

NEWS - February 2, 2006

by roddy32 / February 2, 2006 6:44 AM PST

Sorry, some of these news items are a couple of days old. I have not had time to post the news.

Microsoft's OneCare firewall draws fire
By Joris Evers, CNET News.com
Published on ZDNet News: January 31, 2006, 5:35 PM PT

The firewall component in Microsoft's Windows OneCare security bundle has holes, experts have warned.

The security software, available in a public beta version, by default allows applications that use the Java Virtual Machine or have a digital signature to connect to the Internet.

Like any blanket security-bypass rule, these default settings are a bad idea, said Mark Curphey, vice president at vulnerability management specialist Foundstone, a part of McAfee.

"Any firewall, any security device should have a default deny," Curphey said in an interview Tuesday. "Any door should always be closed."

more here

Discussion is locked
You are posting a reply to: NEWS - February 2, 2006
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 2, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Kama Sutra suffering starts early for some
by roddy32 / February 2, 2006 6:59 AM PST

By Graeme Wearden, ZDNet (UK)
Published on ZDNet News: February 1, 2006, 12:19 PM PT

The Kama Sutra virus has started wiping crucial files from some infected PCs several days earlier than expected.

The worm, also known as Nyxem.E, MyWife and Blackworm, is programmed to delete Microsoft Word, Excel, PowerPoint and Adobe PDF files on Feb. 3, meaning people should still have about two days to clean up compromised systems. But F-Secure said Tuesday that because the clock time on their PC was wrong, some people had lost important files soon after their systems became infected.

"If you're infected and your clock is not set right, things could start to happen at any time, even though the official activation time is Feb. 3. We've already received first reports from users who've had files on their system overwritten by the worm," Mikko Hypponen, F-Secure's antivirus research director, warned in a blog posting.

more here

Collapse -
IE 7 bugs abound
by roddy32 / February 2, 2006 7:02 AM PST

By Joris Evers, CNET News.com
Published on ZDNet News: February 1, 2006, 2:22 PM PT

People didn't lose any time in finding bugs in the latest preview release of Internet Explorer 7.

It's been but a day since Microsoft publicly released a test version of Internet Explorer 7, but Internet news groups and blogs are already teeming with bug reports. Also, one security researcher claims he found a security vulnerability in the new Web browser.

Issues reported several times include compatibility problems with McAfee security software and trouble installing the browser due to unnamed anti-spyware and antivirus tools. Some testers also said using certain features or surfing to specific Web sites caused the browser to hang or crash.

more here

Collapse -
New Symantec shield aims to repel Microsoft
by roddy32 / February 2, 2006 7:04 AM PST

By Joris Evers, CNET News.com
Published on ZDNet News: February 1, 2006, 4:18 PM PT

Symantec plans to introduce a security product later this year that will take on Microsoft's forthcoming Windows OneCare and Vista security technology.

The software, code-named "Genesis," will integrate components of Symantec's current security, PC optimization and backup products, the security company said. It will be sold on a subscription basis and will require an initial one-year agreement. Pricing has not yet been determined.

"Genesis is not a suite or a bundle of tools, but a single integrated software application delivered to consumers as a service," Tom Powledge, the director of product management at Symantec, said in an interview Wednesday. The company plans to officially announce Genesis next week, he said.

more here

Collapse -
Ex-RIAA chief opens antipiracy consultancy
by roddy32 / February 2, 2006 7:06 AM PST

By John Borland, CNET News.com
Published on ZDNet News: February 2, 2006, 8:48 AM PT

For a few years, at the height of the debates over Napster and file swapping, Hilary Rosen, then-chief of the Recording Industry Association of America, was nearly as well-known online as any rock star.

Now, after two years largely out of the spotlight--aside from a few pundit and blogging appearances--Rosen is throwing her hat back into the antipiracy ring, starting a new consulting company with Jay Berman, her onetime counterpart at the globally focused International Federation of the Phonographic Industry.

The new firm, called Berman/Rosen Global Strategies, aims to advise technology and entertainment companies on piracy and licensing issues and to help develop legislative strategies, but will not be an active lobbying firm, Rosen said.

more here

Collapse -
Trojan creates havoc
by roddy32 / February 2, 2006 7:09 AM PST

By Vivian Yeo
Special to CNET News.com
Published: February 2, 2006, 10:59 AM PST

A Trojan horse disguised as a spam message from an antivirus company is making its rounds, security vendor Sophos has warned. The e-mail, which carries an attachment, appears to be sent from Helsinki-based security vendor F-Secure, the company said in a statement on its Web site. It comes with various subject headers, such as "Firefox Browsing Problem," "Mozilla Browsing Problem," or "Website Browsing Problem."

more here

Collapse -
Security update out for Firefox 1.5
by roddy32 / February 2, 2006 7:11 AM PST

By Joris Evers, CNET News.com
Published on ZDNet News: February 2, 2006, 11:15 AM PT

Mozilla on Wednesday released an update for Firefox 1.5 that fixes several security flaws and makes other changes aimed at improving the open-source Web browser.

The update, Firefox version, patches a total of eight security vulnerabilities. One is deemed "critical" by Mozilla, four are rated "moderate" risk, and three are tagged "low" risk. The more serious flaws could let an attacker take over a system running a vulnerable version of Firefox, according to Mozilla's security alerts.

Among the issues tackled is a problem disclosed late last year, which concerns Web pages with an extremely long title that could cause Firefox to crash.

more here

Collapse -
Russian hackers hawked Windows exploit for $4,000
by roddy32 / February 2, 2006 9:05 AM PST

By Greg Sandoval, CNET News.com
Published on ZDNet News: February 2, 2006, 4:24 PM PT

Competing hacker groups in Russia were peddling the exploit code responsible for the Windows Meta File attacks last December for $4,000, according to security company Kaspersky Lab.

"One of the purchasers of the exploit is involved in the criminal adware/spyware business," read a Kaspersky Lab quarterly report released this week. "It seems likely that this was how the exploit became public."

The WMF flaw unsettled security experts after they found that the virus-writing community discovered the vulnerability before they did. A slew of Trojan programs were written to try and take advantage of the exploit. The British Parliament was attacked by hackers who tried to exploit the WMF flaw.

more here

Collapse -
FAQ: The Kama Sutra worm
by roddy32 / February 2, 2006 9:08 AM PST

By Robert Vamosi, CNET Reviews
Published on ZDNet News: February 2, 2006, 3:48 PM PT

A computer worm is set to damage computer systems, starting midnight local time on Feb. 3.

There has been a lot of confusion surrounding this worm, especially because media organizations and antivirus vendors haven't decided on a common name. CNET has settled upon Kama Sutra. Its other aliases include CME-24 (US-CERT), MyWife (McAfee), Tearec (Panda), Nyxem (Sophos), Blackmal (Symantec, Computer Associates, Vet), and Grew (Trend Micro).

Why should I be worried?
Kama Sutra contains a dangerous payload. On the third day of the month, it will overwrite certain files with an error message: "DATA Error [47 0F 94 93 F4 K5]." It is programmed to affect all files with the extensions .doc, .xls, .mde, .mdb, .ppt, .pps, .rar, .pdf, .psd, .dmp and .zip. These files--which include the default file formats for Microsoft Office and Adobe Acrobat applications--cannot be restored once they are damaged.

more here

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.