Category: Security

The Inside Windows Live blog has announced that Microsoft has temporarily disabled active links for Windows Live Messenger (WLM) 2009 users. Its motivation: to prevent the spread of a malicious worm plaguing users of the instant messaging program. An infected user who is chatting with someone else could unknowingly send a poisoned link to other users -- who then click the link and download its ...

It has just been discovered that it's possible to download any Windows Phone 7 XAP full application package directly from Microsoft's Marketplace server -- no need to use a Windows Phone 7 device or the Zune application. This is possible because the Zune application uses Atom XML feeds to get the applications' information, so it's fairly easy to grab a direct link to the full app package just ...

Microsoft has pushed an update to Security Essentials 2, which is currently in beta testing. While there aren't a vast number of forward-facing changes, there is one important one: the re-introduction of context menu scanning. Once again, you can right-click any file on your system to quickly check it for infection with MSE. When Security Essentials 2 is finally released, it will include ...

With all the hype about Firesheep, the Firefox add-on that snatches up social network login credentials over open wireless networks, security companies are starting to make anti-Firesheep measures available to the average user. BlackSheep, developed by "cloud security" firm Zscaler, is a Firefox add-on that detects the presence of Firesheep on your network. If someone is using Firesheep, ...

If you haven't updated your Flash Player in a while, now's the time. Adobe has fixed some critical zero-day security vulnerabilities that were reportedly already being exploited in the wild. If you're on Windows, Mac or Linux, you'll want to make sure you've updated to Adobe Flash Player 10.1.102.64. Android users will have to wait til Monday for an update. One of the bugs fixed in this release ...

When I wrote about Microsoft's decision to begin offering Security Essentials via Windows Update to users who didn't already have an antivirus program installed, I wondered how long it would be until someone shouted "Unfair!" I wasn't the only one, either -- ZDnet's Ed Bott had similar concerns. This morning, Computerworld is reporting that Trend Micro -- who develop a range of antivirus and ...

A new vulnerability has been found in all major releases of Internet Explorer -- 6, 7 and 8 -- and a zero-day exploit is already in the wild. The exploit, HTML_BADEY.A, uses the vulnerability to remotely execute code. By visiting a compromised website, encrypted files are downloaded to your computer and then decrypted to become a Trojan backdoor. Little is known about what happens after that -- ...

Google has extended its "rewards for bugs" program to its Web properties. Previously, only security vulnerabilities found in Chromium were eligible for cash rewards. Now, all Google services that are on google.com, blogger.com, orkut.com, and youtube.com are part of this initiative. Those who report critical security issues will get a base fee of $500, which can be elevated all the way up to ...

There was a time when Mac users enjoyed "security by obscurity." Because of the much smaller number of Mac users in the world, malware authors didn't bother targeting Apple desktops and laptops. Those days are long gone, however, and new threats that put Mac users at risk are appearing all the time. Fortunately, there are now plenty of good antivirus options for Mac users to combat the rising ...

According to a shocking report, 48% of IT administrators intend to continue running Windows XP after Microsoft officially retires it in 2014. The "IT [sector] just really, really likes the XP operating system," says Diane Hagglund, a senior analyst at Dimensional Research, reporting on the findings of a survey of 950 IT professionals. "They say it's just that good, and don't want to mess with it." ...

Earlier this week, a login-cookie-snooping Firefox plug-in called Firesheep rocked the Internet by letting anyone compromise your Facebook or Twitter account over a wireless network. Alarmed at Firesheep's 200,000 downloads, an Icelandic engineering student named Gunnar Sigurdsson created FireShepherd, a program that crashes Firesheep with floods of nonsense packets. Although Firesheep was ...

Adobe has found a new critical zero-day vulnerability in Flash, Reader and Acrobat. This can be exploited to run malicious code on the victims' computers. Affected are Flash Player 10.1.85.3 and earlier on Windows, Mac, Linux and Solaris; Flash Player 10.1.95.2 and earlier for Android; Adobe Reader 9.4 and earlier 9.x versions for Windows, Mac and Unix-based operating systems; Adobe Acrobat 9.4 ...

There are two ways of looking at geolocation and other tracking technologies. There are those that decry the Information Dynasty, that abhor the idea of sharing your location with the godless monstrosities of Facebook and Google -- and then you have the diametric opposite: sharing is good, information is knowledge, knowledge is wisdom, Google is God. But both schools are missing the point: data ...

Looking for an inexpensive -- or better yet, free -- way to track your laptop or Android smartphone in the event it gets stolen? Check out Prey, an open source project that offers multi-OS tracking, reporting -- and countermeasures! Just download the Prey client software, install, and register an account -- you'll need one in order to be able to access the service's Web-based control panel. ...

Bad news for Mac users -- a cross-platform Trojan that can infect the OS is currently being tracked, masquerading as a video. Boonana, official designation 'trojan.osx.boonana.a,' or 'OSX/Koobface.A' depending on who you want to go with, is being spread across Facebook and other social networks with the old 'Is this you in this video?' ploy. Appearing on people's Facebook pages, the link launches ...