Monday, November 24, 2008

Fake Windows “Antivirus” Code Infected 1 Million Computers

As of November, the Malicious Software Removal Tool also added Win32/FakeSecSen to the limited list of malicious code it is designed to hunt down. Since introduction into the MSRT, the rogue antivirus was removed from no less than 994,061 computers, according to Microsoft. The Redmond company estimates that for every 1,000 machines scanned in the U.S. alone, seven days ahead of November 19, approximately five had been infected with Win32/FakeSecSen.

“There is no surprise about the prevalence of these rogues given our earlier telemetry analysis on other Microsoft AV products and tools. For comparison, the #1 family last month was Renos with 389,036 distinct machines cleaned in the first week and 655,535 machines for the whole month. And the most significant result for MSRT this year was the June release when we added eight game password stealer families, was Win32/Taterf with 1,246,792 machines cleaned by week 1 and 1,536,831 machines for the whole month,” explained Microsoft's Scott Wu, Scott Molenkamp and Hamish O’Dea.

Statistics provided by Microsoft pointed out that just 198,812 of the instances in which Win32/FakeSecSen had been removed actually contained an .EXE file. According to the company, this is illustrative of the fact that the rogue security software's executables had been removed manually or via legitimate antivirus products, while the incomplete Win32/FakeSecSen files could represent failed installations.

The software giant claims that there is a connection between the Renos family of malicious code and Win32/FakeSecSen. This because malware such as TrojanDownloader:Win32/Renos.Y, TrojanDownloader:Win32/Renos.AY, TrojanDownloader:Win32/Renos.EK will also download Win32/FakeSecSen on infected machines. In this context, another scenario for the delivery of Win32/FakeSecSen involves the rogue security software ending up on a machine already infected by malware.

Home Health Care

I was searching for a home health care associations for my friend who met into an accident and his spinal cord was damaged. We did some surgery to make me alright and finally everything is over. but now he need a home health care because he cant walk, still he is a wheel chair as per the doctors advice.

So only through home health care can take care of him. I found a place in Fort Lauderdale and their services are amazing, good health care for specialy like this people with hospitality facilites, physicians, hospitals etc. i recommend Fort Lauderdale Home Health Care is the best place for him.

Vista SP1 TCP/IP Buffer Overflow Vulnerability Overwrites Kernel Memory

At the end of October 2008 Microsoft was informed of a new vulnerability affecting the core of Windows Vista, but a fix was not delivered along with the November security bulletins. Thomas Unterleitner, from phion AG, informed that the Microsoft VISTA TCP/IP stack buffer overflow security flaw affected both 32-bit and 64-bit versions of the operating system. The vulnerability was confirmed on the Enterprise and Ultimate SKUs of the OS by Unterleitner, who indicated that it was likely for all Vista editions to be affected. According to Unterleitner, Windows XP was not corrupted.

“Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory,” Unterleitner revealed. The result of exploits targeting the vulnerability could range from less severe denial-of-service attacks to code injections.

“The crash does not always occur instantly after executing the provided sample program; it may take a while until the corrupted memory is accessed, causing the operating system to crash with a blue screen,” Unterleitner explained.

Because of the flaw in Vista's network input/output subsystem malicious requests addressing iphlpapi.dll API would generate a blue-screen-of-death, causing the impacted machine to crash. However, since the vulnerability is at kernel level, the true danger lies in the exposure of Vista's code to rootkit infections. Still, the severity of the vulnerability is limited because of the security mitigations built into Windows Vista.

“Installation of Service Pack 1 and/or security updates had no effect in regards to resolve the random crashes. To execute either the sample program or the route-add command, the user has to be member of the Network Configuration Operators group or the Administrators group. Since this buffer overflow overwrites kernel memory, it could be possible that members of the Network Configuration Operator group exploit this and take control over the operating system without any restriction,” Unterleitner stated.

Monday, November 10, 2008

Zenni Optical was on FOX news!


Our eyes is one of the important parts in our body because when we don’t have eyes we can’t see the wonderful creation of God and it is very disadvantage to us because if your sight was lost there are lot of work you can’t do.

Eyeglasses is the one item who can protect our eyes and help us to see more when our sigh it blurry. Where to find wonderful eyeglasses? The best place for you is Variable Dimension Frames From Zenni because they have the Great Eyeglasses For Less and all of their eyeglasses has the best quality.

When I watched T.V. I saw Zenni Optical was on FOX news! Because they have incredible eyeglasses. As you visit to their site you can see different eyeglasses styles and colors you can choose if you want to buy Zenni eyeglasses.charitable

ss_blog_claim=c13f76186cf2adb148e987e774eb9d5f ss_blog_claim=c13f76186cf2adb148e987e774eb9d5f