Latest News: updated October 13, 2004

Microsoft Corp. today released an unprecedented number of software security updates to plug flaws in its products, including seven "critical" defects that it said hackers could use to hijack vulnerable computers running the Windows operating system.

The free updates, available at Microsoft's Windows Update Web site, are designed to fix at least 21 new vulnerabilities, several of which reside on nearly every version of the Windows operating system and affect hundreds of millions of computers.

SEATTLE (Reuters) - Microsoft Corp. warned on Tuesday of seven newly found flaws in its software that could allow an attacker to steal data and take over a personal computer running the Windows operating system.

The world's largest software maker also issued software patches to fix the glitches, included in Microsoft's monthly security update, and urged users to set Windows to download and install them immediately.

Microsoft this week released ten software security patches for its products, including seven that it deemed critical and that could allow remote attackers to take control of systems running the company's software.
The Redmond, Washington, software maker advised customers to download and install critical patches for a wide range of products as soon as possible, including its Windows operating system, Exchan

Authentication is next step in spam war

With legislation like the Can Spam Act having virtually no impact on spam, the majority of spam fighters are pinning their hopes on e-mail authentication. According to InfoWorld, September will see Yahoo implementing their Domain Keys solution, while AOL and Microsoft forge ahead with their Sender ID authentication architecture - a combination of Microsoft's callerid for e-mail and Sender Policy Framework (SPF). It's hoped that by confirming the origins of an e-mail and limiting spoofing, the technologies can have a considerable impact on both spam and phishing scams.

Authentication is next step in spam war

The FTC recently noted that a Do Not Spam Registry won't work until an e-mail authentication standard is agreed upon. Vint Cerf, co-creator of the TCP/IP protocol apparently agrees, noting that working toward an authentication standard is the best angle from which to approach the war on spammers. The authentication systems being developed by AOL, Microsoft, and Yahoo all could prove lucrative. There was a degree of consolidation recently after Microsoft agreed to integrate (SPF) Sender Policy Framework into their own solution.

Trojan spammers grow in number

According to antivirus firm Sophos, one in three spam messages was sent via an infected spam relay machine. Sandvine Incorporated, also obviously looking to pitch product, claims that up to 80% of spam is sent via such unsuspecting home or business PC's. With more ingenious worms actually testing available bandwidth to determine if you're even worthy of infection, the problem is only likely to get worse - particularly since nearly half of all broadband users still don't use a firewall. In the end, it's up to the user's ISP to identify spammers and terminate accounts until the PC is secured. Unfortunately, the largest culprits (like Comcast) are slow to take action. This week found one of the more draconian spam blacklists run by SPEWS escalating Comcast's mail server to a level 1 listing.

Susbscribers have seen recently e-mail message purportedly from "staff@tribcsp.com" or "Administrator@tribcsp.com" asking for verification on account status or activities, and the message had an attachment that needed to be opened. These e-mail messages do not come from tribcsp.com Internet Services administration or staff.

These messages are the result of computers infected with W32/Beagle variants [info] or W32/Netsky variants [info] worms. Infected PC will generate e-mail messages that "spoofs" the FROM: address, and contains an attachment that when opened or viewed, infects your computer, and in turn makes your PC generate e-mail messages infected with the worm.

As a policy, tribcsp.com Internet Services DOES NOT send e-mail messages with attachments (unless previously requested). tribcsp.com Internet Services DOES NOT encourage the use of e-mail attachments, and only supports the transmission of attachments in e-mail messages due to subscribers demands.

This is a pretty good set of articles and links covering the problems encountered in corporate and enterprise environments. They discuss the issues, popular tools, culprits and reader recommendations.

quote from article
Call it spyware, malware, or adware--users loathe it, ad networks love it, Congress has it in its crosshairs. Most importantly, as an IT professional, you can't ignore it. It slows down your users' systems, impacts your end users' productivity, and could even degrade performance of your networks and network applications.

Seeking to get a better handle on the spyware problem, InformationWeek.com asked readers to rate its impact today in an online poll. Their feedback was clear--spyware is a growing problem in the enterprise. The results from 941 responses to this online, nonscientific poll:

** Spyware is not a problem at all, we haven't noticed it, 6%
** It's a minor problem, we've had to clean up a few desktop PCs, 44%
** It's a major problem; we've been forced to clean up many PCs and institute corporate policies to prevent reoccurrence, 42%
** It's a catastrophic problem; it has caused major IT problems, including significant downtime or high costs to remove and monitor, 8%

End quote

Article at Information Week

"Spyware" is any program that collects information about your computer use and web activity and reports it to a central company. The related "Adware" is any program used to deliver advertising, usually in the form of pop-up and on-screen advertisements, regardless of your normal web activity. These programs are typically installed without the user's knowledge, and sometimes come bundled with other programs downloaded from the Internet.

Several high-quality anti-spyware programs are available on a free basis. Ad-aware, freely available for non-commercial use from Lavasoft, is one of the most comprehensive and easiest to use. Get Ad-aware only from the download sites listed at www.lavasoftusa.com and nowhere else. The free SpywareBlaster program from Javacool Software provides solid proactive protection and gives good technical details on its activities. You can find a list of, and downloads for, other spyware removal tools at c|net's download.com.