Microsoft released an out-of-band patch for a vulnerability that affects how Internet Explorer and Outlook process VML code. VML is a method of displaying some high end graphics. If the vulnerability is exploited a remote attacker can gain control of your PC. ESET’s NOD32 is the first known anti-virus product to detect all known types
There have been a lot of articles about ZERT and their patch for the MS VML vulnerability. ZERT is a group of security researchers who feel that the danger of the vulnerability and lack of an MS patch warrants creating their own temporary patch. ESET, Microsoft, and a number of other security vendors do not
For several months now we have a seen a trend where hackers who discover a vulnerability in a Microsoft product wait until the day after “Patch Tuesday” to release the exploit. This month there has been a proof of concept exploit released for the Microsoft DirectAnimation Path ActiveX Control. ActiveX controls are little programs that
OK, so I told you I would blog about the Spycar test file – I will, but first you need to understand behavior blocking technology for anything about Spycar to make sense. Scanners and behavior blockers both attempt to stop viruses, spyware and other bad programs. The approaches used by scanners and behavior blockers are complementary
The EICAR test file was given a shiny new coat of paint this September (2006). Nothing inside the file changed, but the file is no longer “The Anti-virus test file”, it is now “The Anti-Virus or Anti-Malware test file”. Why the change? To answer that let us first look at what the EICAR file is
Before joining ESET, I worked for Microsoft for over 12 years. Much of that time it was my job to make sure that Microsoft did not release any infected software. Properly selecting anti-virus software was essential. Proper testing of anti-virus software is time consuming, very tedious, requires significant resources, and takes some skill and knowledge.
Last Month Microsoft released security Patch MS06-040 which patches a vulnerability that can allow a remote attacker to take control of your system. Some experts predicted that this vulnerability would lead to another worm like Blaster, which spread very quickly. Fortunately that has not yet happened, but the bad guys are busy working on ways
