tag
Microsoft

KB2506014 kills TDL4 on x64

The security update won’t necessarily help users who have already been infected with the bootkit as TDL4 blocks the Windows Update service on x86 machines. As a result, infected x86 machines won’t be able to download and install the patch automatically.

Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update

Aryeh Goretsky posted a blog about a trojan program in a Microsoft catalog update. I thought it might be a little interesting to know how this can happen and why it doesn’t happen more often. As it turns out, it was once my job to make sure that Microsoft did not release infected software. Initially

Trojan in Microsoft Update Catalog – A Bunny Bites Back

  UPDATE #1 Randy Abrams has posted a follow-up article, Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update with additional information about how update services work, why they might distribute third-party code and what might be done to prevent malware from being distributed on services like Microsoft's Windows Update in the future.  7-FEB-2011.   Last

Microsoft’s recent MHTML Vulnerability – Follow up

  Just a quick follow up on the Microsoft Security Advisory (2501696) post that my colleague Randy Abrams wrote about on January 28th regarding Microsoft's recent MHTML vulnerability, which is listed by ESET as HTML/Exploit.CVE-2011-0096.A in our signature database.   Although reports remain low so far, any vulnerability in a particular version of Microsoft Windows

MS10-092 and Stuxnet

…among the 17 security bulletins just released by Microsoft on Patch Tuesday, MS10-092 addresses the Task Scheduler vulnerability prominently exploited by Win32/Stuxnet…

That’s One Small Step for Windows…

And a giant step for users! While working on a blog soon to follow this I discovered a behavior in Windows 7 that Microsoft has changed to make a small, but meaningful improvement in security. For decades the bane of IT professionals has been users who double click on anything they can. This has lead

DLL loading vulnerability

Scarcely had we got our breath back mainly after Microsoft addressed a serious vulnerability in handling .LNK (shortcut) files, before researcher HD Moore made public a serious security failure in the dynamic loading of libraries in Windows that came to light when he was investigating the .LNK issue.

Save your work! Microsoft Releases Critical Security Patch

As expected, Microsoft has released a critical out-of-band patch for the LNK shortcut file vulnerability which received attention last month. As a critical patch, this update will be delivered through Windows’ Automatic Update service, as well as being directly available for download from Microsoft’s site without a Windows Genuine Advantage check. A reboot is required for the

Support Scams Part Umpteen

UK journalist Kevin Townsend has blogged today on what sounds like two support scam phone-calls of a type I’ve mentioned here a few times since a colleague at another company drew my attention to it last month.

A few facts about Win32/Stuxnet & CVE-2010-2568

We realize there have been a lot of articles in the blog now about the Win32/Stuxnet malware and its new vector for spreading, but when vulnerabilities emerge that can be widely exploited, it is important to share information so that people can protect themselves from the threat. Detection for Win32/Stuxnet and the shortcut (LNK) files

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.