Bugs & Viruses Archive

According to The Register, "Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender. The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it's executed, swaps it out with a malicious payload."

A version of the McAfee antivirus software used in the corporate and public sectors misidentified the svchost.exe file in Windows XP systems as malware, sending the affected machines into a loop of restarts. Only users of McAfee VirusScan Enterprise on Windows XP service pack 3 were affected, but the fallout was pretty severe, with hospital and police systems among those taken down.

Computers are taking on ever more important roles in our daily lives. They used to be simple tools to get simple things done - work-related, mostly, maybe a few simple games, and that was it. However, over time, they have become the central hubs for all sorts of data - including precious data. For his Master of Fine Arts thesis project, Zach Gage illustrated just how important our computer data has become.

A Windows virus hit the display consoles in the control room of the Australian national electricity grid, presumably leaving the managers bind to the system status. Luckily, system administrators had Linux-based systems for development that could be swapped out for the disabled Windows machines. It seems as much of a failure to properly maintain the Windows machines as a failure of judgment in using a virus-susceptible OS for mission critical systems, but it's fun schadenfreude fodder for Windows haters.

Adobe Flash. It's everywhere. Not all of us want it, but many are forced into submission simply because it's weaseled its way into a myriad of applied and common uses. This just makes all the worse the news that a vulnerability in Adobe Flash, Reader, and Acrobat applications is allowing malcontents to exploit computers with these products installed.

In the past several days, it appears that at least 35 US- and South Korea-based websites were under attack by a botnet group of computers, causing the attacked domains to become very slow and unresponsive and even putting many out of commission for periods of time. Among the domains were many government websites of their respective countries. It's unconfirmed as to where exactly the attack is being launched from, but South Korean officials believe it to be North Koran forces or those sympathetic to their cause.

Reuters reports that Microsoft is getting ready to unveil a free antivirus service for computers to compete with the many retail antivirus offerings on the market. Microsoft first made plans for its free antivirus offering codenamed "Morro" in November of 2008. At the time, Microsoft said that the service would be launching in the second half of 2009. The exact launch date of the new free anti-virus service has yet to be announced, but Reuters reports that Microsoft will "soon" make a beta version of the free protection available for users. Investors in security software firms like McAfee and Symantec are worried that a free offering from Microsoft could potentially harm revenue for the companies.

Whenever the Conficker worm comes up here on OSNews (or any other site for that matter) there are always a number of people who point their fingers towards Redmond, stating that it's their fault Conifcker got out. While Microsoft has had some pretty lax responses to security threats in the past, it handled the whole Conficker thing perfectly, releasing a patch even before Conficker existed, and pushing it through Windows Update. In any case, this made me wonder about Linux distributions and security. What if a big security hole pops up in a Linux distribution - who will the Redmond-finger-pointing people hold responsible?

"Judgment day has arrived for owners of 30GB (and only 30GB) Zunes. The music player inexplicably entered a worldwide coma last night, and players are completely non responsive."

Dutch, French, Italian, Portuguese, and Spanish users of the popular anti-virus software AVG have discovered a nasty surprise. AVG has mistakenly identified a core Windows system file, user32.dll, as a Trojan, and summarily deletes it, b0rking Windows. AVG has announced they're working on a fix.

"Antivirus software on your personal computer could become a thing of the past thanks to a new "cloud computing" approach to malicious software detection developed at the University of Michigan. The researchers' new approach, called CloudAV, moves antivirus functionality into the "network cloud" and off personal computers. CloudAV analyzes suspicious files using multiple antivirus and behavioral detection programs simultaneously. Traditional antivirus software that resides on a personal computer checks documents and programs as they are accessed. Because of performance constraints and program incompatibilities, only one antivirus detector is typically used at a time. The researchers see promising opportunities in applying CloudAV to cell phones and other mobile devices that aren't robust enough to carry powerful antivirus software."

Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived.

"For at least a decade, the standard advice to every computer user has been to run antivirus software. But new, more commercial, more complex and stealthier types of malware have people in the industry asking: will antivirus software be effective for much longer? Among the threats they see are malware that uses the ability of the latest processors to run virtual machines that would be hidden from antivirus programs." Note: Please note that our icon contest is still running! So if you have an idea on how to rework this story's icon, read this.

A lot of people have been emailing us about an issue we are having with one of our ads taking over OSNews. Thank you all for emailing us, the information provided is of good use to us. We are currently working on the problem, and will let you know once it has been fixed. We would like to apologise for the inconvenience. Update by DA: I think that I've tracked down the offender. Read more for details Update 2: This time I think we really fixed it.