Smokey's Security Weblog

veritas odium parit

CNET’s download.com offer rogue Anti-Spyware for download

Surprising to me, and probably with me most blog readers, is the fact that CNET’s download.com, property of CBS Interactive, offer rogue/malicious programs for download.

Regular blog visitors will remember the two articles I wrote past week about Intelinet Internet Security of well-known scammer Cashier Myricks, a malicious program advertised as  “Award Winning Spyware Remover” and “acknowledgements of the software by security experts”.

In the meanwhile it should be clear to everyone that Intelinet Internet Security is a rogue Anti-Spyware Program and therefore have to be rated as Malware. It is very surprising that CNET “apparently” isn’t informed about that piece of malware and stick determined to the download offer. I write “apparently” because I am informed that CNET is warned by several readers that the program is malicious, besides I informed today CNET’s Editor in Chief Scott Ard via an email. An so called “return to sender email”…

Well, I have now some curious questions to CNET:

1. Are all available downloads approved before download release?
2. If the answer is no, how will be guaranteed that all downloads are trustable?
3. Is there a CNET QA Department, and, if yes, what are the efforts of that department to keep the download archive clean?

The fact that CNET still offer Intelinet Internet Security for download let raise another question: how many other malicious programs are offered by CNET? Till we have a satisfying elucidation from CNET I can only advise: to protect your PC and all data on it, don’t download anything from their download archive. The software can be contaminated.

In case CNET need a review of my recent Intelinet Internet Security articles, here you go:

https://smokeys.wordpress.com/2008/12/27/intelinet-internet-security-rated-by-the-dslr-base-as-being-crapware/
https://smokeys.wordpress.com/2008/12/29/intelinet-internet-security-now-provided-with-the-malware-label/

Advertisements

December 31, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links | , , , , , , , , , , | 5 Comments

Router Crash Test: Could your home network be taken over remotely?

Well, most of the time I blog about software related issues, this time something about hardware and security: routers.

On the website of the well known GRC- Gibson Research Coproration of Steve Gibson you can test your router with a “Router Crash Test”.

From Steve’s site:

Quoting Steve: “During our development of GRC’s comprehensive DNS nameserver spoofability profiling system, we discovered something quite unexpected: A number of users were losing all Internet connectivity shortly after initiating the nameserver profiling. Upon further examination they discovered that the test was crashing their consumer NAT routers.

What this means is that the Internet data packets entering these routers from the outside are, in some way, something that the router does not currently handle properly — so the router crashes. The development of virtually all successful remote Internet exploits begins when someone notices that something unexpectedly crashes a system. This is typically evidence of a previously unknown “buffer overrun” or “unchecked buffer” vulnerability in the affected device. Armed with the knowledge of the existence of such a possible vulnerability, skilled hackers — and make no mistake about it, these people are highly skilled — are often able to refine the characteristics of the “crashing packet” to cause the affected system to execute code they provide in a some sophisticated version of that packet.

And, with that, the minor annoyance that once crashed a router when running GRC’s DNS test evolves into a full blown exploit that allows a remote hacker to take control of the network that was previously protected by that router.

It might very well be that the inherent behavior of NAT routers, whereby they simply ignore and drop unsolicited packets coming in from the Internet, would completely mitigate any danger from the fact that expected and solicited packets — such as those occurring during our test — are able to crash the router. In other words, your router is crashable and potentially vulnerable only because and only while it is in the process of running this test which was initiated by you “on the inside” from behind your router’s inherent protection.

Having said that, however, it might also be that any exposed ports in a router, such as those created by explicit port forwarding or the use of a router’s “DMZ” forwarding capability, would once again expose the router to DNS packets it appears to be unable to safely digest.” /End quoting.

So far Steve’s introduction to his Router Crash Test, to understand everything he is talking about you have to read the full article on his site: https://www.grc.com/dns/crashtest.htm

>> Perform the GRC Router Crash Test <<

December 31, 2008 Posted by | Advisories, Friends, Malware, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , | Leave a comment

Intelinet Internet Security now provided with the Malware label

Well, that was a really fast promotion for Intelinet Internet Security of well-known scammer Cashier Myricks.

Two days ago I blogged about the issue and rated his crappy product Intelinet Internet Security as “a very suspicious piece of software, promoted by scammers and crooks and therefore belonging to the crapware category.”

* With the help of the great DSLR community I can close file Intelinet Internet Security with a new rating for Cashier’s garbage:

“belonging to the category malware”

TonyKlein, valued DSLR member and acknowledged Security Expert, contributed my inquiry on DSLR with evidence of the malicious character of Intelinet Internet Security by a program check performed by VirusTotal, a trustable service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by multiple antivirus engines. Here the link to the VirusTotal check report: http://www.virustotal.com/analisis/6a8a724a34aac5fa2b8e1fc305bf3883

Tony also delivered proof of detection and removal of the program by MBAM – Malwarebytes’ Anti-Malware, an excellent anti-malware application, reviewed by me some time ago. Here a MBAM detection report about Cashier Myricks malware: http://www.dslreports.com/forum/r21642028-Intelinet-Internet-Security-definitive-malware~start=20

Again my advice: stay far away from crap/malware like Intelinet Internet Security. These malicious programs will hurt you and your PC.

* 2008-12-31: File Intelinet reopened for reason of the CNET/download.com refusal to remove this as malware classified piece of crapware from it’s download archive.

December 29, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Malware, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , | 3 Comments

Intelinet Internet Security rated by the DSLR Base as being Crapware

Today I made on DSLR an inquiry concerning Intelinet Internet Security, and asked the DSLR reader about their opinion concerning that program. I encountered the program today and for reason of it’s tendentious claims, self-granted acknowledgements by security experts, download offers via smudgy sites and 54.000 google hits seraching for “Intelinet Internet Security” I was opinion that the program had a very bad smell and needed confirmation about my presumptions.

My arguments to have strong doubts about the program:

Many dubious promotional slogans, some of them:

Intelinet is global internet security leader [sic]

Winner of multiple awards from security experts throughout the world! Used by more than 9 million people worldwide [sic]

Award Winning Spyware Remover [??]

#1 Rated Spyware Remover [sic]

#1 Rated Adware Remover [sic]

54.000 google hits when performing a search to “Intelinet Internet Security”…

All kind of similar enthusiastic shouts about other modules of the program but my survey on DSLR was limited to the security modules of  it.

Confusion of me also about the actual version, I discovered 3 versions, all 3 claiming to be the actual one:

– Intelinet Internet Security Suite 3.1.0
– Intelinet Internet Security Suite 4.26
– Intelinet Internet Security 2008.12

To wrap up the info, sometimes it is offered as freeware, sometimes as shareware.

***********************************************************************************

Response on my DSLR post confirmed entirely my very negative opinion about the program: it have to be rated as crapware.

The reaction of  Blackbird, DSLR Member, was very interesting and informative:

For the evaluation of Consumers Review (about Intelinet Internet Security) and its reviewer John Whitter, the Site Advisor (protect you from all kinds of Web-based security threats including spyware, adware, spam, viruses, browser exploits, and online scams) envelope, please…

“consumers-reviews.net
In our tests, we found downloads on this site that some people consider adware, spyware or other potentially unwanted programs.”

User Reviews (bb note: of Consumers Review):

Posted at 02/22/2008-06:07:15 AM by lordpake, Experienced Reviewer
This site promotes dubious software from netcom3 as the top registry cleaner. Note that netcom3 is red-rated by SiteAdvisor (see the link below). As a side note, all other reviewed apps are dubious too =) …

Posted at 03/09/2008-12:27:23 AM by dean, Experienced Reviewer


What lordpake said. The site is a clone of the former consumers-reports.net, which is rated RED by SiteAdvisor. I wrote the REAL Consumer Reports about the existence of that site and it no longer exists. However, scammers are a determined bunch, so the existence of this clone is not surprising.This site is run by a scammer and affiliate that bills himself as “John Whitter.” The same bozo was behind consumers-reports.net and also runs another bogus review site, daily-news-review.com. At the top of the home page, it says “The #1 Most Trusted Consumer Review Site!” If you need a good example of pure BS, it’s here. The site goes on to claim “as seen on New York Times, USA Today, Esquire, InformationWeek, CNN, MSN, Yahoo, Forbes and AOL.” This is merely more BS.Like most bogus review sites, this one promotes software of dubious value that was created to satisfy an affiliate’s hunger for fat commissions derived from the same of crapware. The following software is promoted here:


• Netcom3 Registry Cleaner (netcom3.com, rated RED)
• Error Sweeper (errorsweeper.com, C-Net Media, rated RED)
• Regcure (Paretologic)
• RegClean (regclean.com, C-Net Media, rated RED)
• Error Doctor (errordoctor.com, rated RED)Were you hoping to find unbiased advice? Well, “John” gets a commission for referring you in the event of a sale. Some questions should run through your mind:
• Does “John Whitter” write for a respected publication? (No)
• Does “John Whitter” provide credible contact information? (No)
• Does “John Whitter” disclose his blatant conflict of interest? (No)
• Do the developers of this software provide credible contact information? (No)
• Have any of the products promoted by this site been reviewed by respected publications? (No) …

Hmm… a 5-Star rating for Intelinet Internet Security from that guy, huh? And thank you, Site Advisor for yet again giving us all the “rest of the story”.

Thanks Blackbird for your valuable contribution to the discussion!

I was pleased to announce on behalf of the DSLR Base the Intelinet Internet Security Verdict:

a very suspicious piece of software, promoted by scammers and crooks and therefore belonging to the crapware category. Stay far away from this kind of crap to save your and your PCs health .

You are warned: don’t touch this piece of crap software, especially not because the infamous scammer  Cashier Myricks is involved, and don’t rely on the reviews of  non-trustworthy sites like the notorious consumers-reviews…

BTW, never  hear of scammer Cashier Myricks? Here some really bad smelling info about him:

http://www.dmwmedia.com/news/2006/05/30/ftc-settles-with-seller-of-100-legal-file-sharing-tutorial
http://www.afterdawn.com/news/archive/7598.cfm
http://www.salon.com/tech/htww/2007/04/23/filetrading_foreclosure/index.html

Yes Cashier, to me you seem to be a natural born crook!

* Follow Up 2008-12-29: Intelinet Internet Security classified as Malware *
** Follow Up 2008-12-31: CNET’s download.com offer rogue Anti-Spyware for download **

December 27, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Friends, Malware, Recommended External Security Related Links | , , , , , , , , , , | 2 Comments

Survey 13 Antivirus Rescue CDs: tests, comparision and downloads

13 Antivirus Rescue CDs Software Compared in Search For the Best Rescue Disk, in test:

1. Avira Rescue System v3.4.4**
2. BitDefender Rescue CD v2**
3. Dr.Web LiveCD v4.44**
4. F-Secure Rescue CD v3**
5. Kaspersky Rescue CD v8.8.1.18**
6. Norton Recovery Tool**
7. VBA Rescue v3.12**
8. Panda Safe CD**
9. PC Tools Alternate Operating System Scan**
10. Quick Heal Native Boot Scan**
11. avast! BART CD v2.0
12. Rising AntiVirus Software for Linux
13. G DATA AntiVirus BootCD

** Download available

Tests, comparision and downloads: Raymond.cc

December 26, 2008 Posted by | Advisories, Downloads, Friends, Malware, Norton Internet Security, Recommended External Security Related Links | , , , , , , , , , , , , , , , , , , | Leave a comment

End of an Epoch: CastleCops Closed

One of the most respected Security Boards is closed: CastleCops.
To me this is very sad news: all the good work they did for the welfare of the user and community, all these volunteers helping Paul Laudanski to run the board, all the input and knowledge: gone..

Announcement CastleCops.com:

Greetings Folks,You have arrived at the CastleCops website, which is currently offline. It has been our pleasure to investigate online crime and volunteer with our virtual family to assist with your computer needs and make the Internet a safer place. Unfortunately, all things come to an end. Keep up the good fight folks, for the spirit of this community lies within each of us. We are empowered to improve the safety and security of the Internet in our own way. Let us feel blessed for the impact we made and the relationships created.

With respect to the server marathon, by March 17 2009 CastleCops will refund contributions made through PayPal that were specifically designated for servers. Unfortunately, server donations made via check cannot be returned because we do not have the addresses for the donating entity. Unless instructed otherwise, CastleCops will re-allocate these funds as a donation to the Internet Systems Consortium (ISC.org). This organization sponsored our hosting environment for approximately the past 2 years. Please contact us [cc at laudanski dot com] before March 17, 2009, if you would like a return of your server marathon donation. Otherwise, we would like to thank the ISC for their unfettered support.

We thank everyone in creating our unique footprint and memories in time.

Love, Best Wishes and Happy Holidays, CastleCops
PST 23 Dec 2008

My sincere respect and gratitude to Paul and his people for what they performed.
Folks, you were great!

Smokey

December 24, 2008 Posted by | Friends, News, Recommended External Security Related Links | , , , , | 2 Comments

Microsoft Security Advisory (961040): Vulnerability in SQL Server

Microsoft Security Advisory (961040)
Vulnerability in SQL Server Could Allow Remote Code Execution
Published: December 22, 2008

Microsoft is investigating new public reports of a vulnerability that could allow remote code execution on systems with supported editions of Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon). Systems with Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008 are not affected by this issue.

Microsoft is aware that exploit code has been published on the Internet for the vulnerability addressed by this advisory. Our investigation of this exploit code has verified that it does not affect systems that have had the workarounds listed below applied. Currently, Microsoft is not aware of active attacks that use this exploit code or of customer impact at this time.

In addition, due to the mitigating factors for default installations of MSDE 2000 and SQL Server 2005 Express, Microsoft is not currently aware of any third-party applications that use MSDE 2000 or SQL Server 2005 Express which would be vulnerable to remote attack. However, Microsoft is actively monitoring this situation to provide customer guidance as necessary.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) programs to provide information that they can use to provide broader protections to customers.

Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Mitigating Factors

•This issue does not affect supported editions of Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008.

•This vulnerability is not exposed anonymously. An attacker would need to either authenticate to exploit the vulnerability or take advantage of a SQL injection vulnerability in a Web application that is able to authenticate.

•By default, MSDE 2000 and SQL Server 2005 Express do not allow remote connections. An authenticated attacker would need to initiate the attack locally to exploit the vulnerability.

Disclaimer

The information provided in this advisory is provided “as is” without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Source/full advisory: Microsoft TechNet

Tuesday 12/23 Update: Microsoft Security Advisory 961040

This article includes a VB script that you can use to apply a workaround to all running instances of SQL Server on a local computer.

You can use this VB script to deny Execute permission to the Public role on the sp_replwritetovarbin extended stored procedure on all affected versions of SQL Server that are running on the local computer.

Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure. However, they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.

Microsoft Help & Support

December 23, 2008 Posted by | Advisories, Alerts, Friends, Malware, Recommended External Security Related Links, Vulnerabilities | , , , , , | Leave a comment

Some words of thanks to all vendors participating Smokey’s Seasonal Competition 2008

Now Smokey’s Seasonal Competition 2008 is closed and all winners are notified about their luck to win a prize it is time to speak some words of thanks to all participating vendors:

Grisoft/AVG, Avira, Comodo, Jetico Inc., Kaspersky Labs, Malwarebytes Corporation/MBAM, Tall Emu/Online Armor, PrevX, Sunbelt/VIPRE and SuperAntiSpyware.

These vendors made it possible that numerous members of Smokey’s Security Forums are now provided for free with valuable top-notch security software licenses and therefore are better protected than before against all kind of malware.

Smokey

December 23, 2008 Posted by | Friends, Malware, Recommended External Security Related Links, Uncategorized | | Leave a comment

Merry Christmas and Happy New Year to All Smokey’s Weblog Readers!

smokey_xmas_newyear_20083

Smokey & Staff Smokey’s Security Forums

December 22, 2008 Posted by | Friends, News | , , | Leave a comment

Microsoft Out-Of-Band Security Bulletin for December 18, 2008

Published: December 9, 2008 | Updated: December 18, 2008
Version 3.1

Bulletin Revisions

•V1.0 (December 9, 2008): Bulletin summary published.

•V2.0 (December 10, 2008): Corrected affected software for MS08-076 to list Windows Media Format Runtime 9.5 and Windows Media Format Runtime 11 as separate updates on Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2. Also removed erroneous references to Windows Media Format Runtime 11 x64 Edition on Windows XP Professional x64 Edition, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 x64 Edition, and Windows Server 2003 x64 Edition Service Pack 2 for MS08-076.

•V3.0 (December 17, 2008): Added Microsoft Security Bulletin MS08-078, Security Update for Internet Explorer (960714). Also added the bulletin webcast links for this out-of-band security bulletin.

•V3.1 (December 18, 2008): For MS08-078, added unaffected server core notation for Windows Internet Explorer 7 in Windows Server 2008 for 32-bit Systems and in Windows Server 2008 for x64-based Systems.

Bulletin Summary: http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx

Critical (7)

Microsoft Security Bulletin MS08-071
Vulnerabilities in GDI Could Allow Remote Code Execution (956802)

Microsoft Security Bulletin MS08-075
Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)

Microsoft Security Bulletin MS08-073
Cumulative Security Update for Internet Explorer (958215)

Microsoft Security Bulletin MS08-078
Security Update for Internet Explorer (960714)

Microsoft Security Bulletin MS08-070
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Microsoft Security Bulletin MS08-072
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)

Microsoft Security Bulletin MS08-074
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Important (2)

Microsoft Security Bulletin MS08-077
Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)

Microsoft Security Bulletin MS08-076
Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)

Other Information

Please note that Microsoft may release bulletins out side of this schedule if they determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided “as is” without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

December 20, 2008 Posted by | Advisories, Alerts, Downloads, Friends, Malware, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , , , , , , , , , , | Leave a comment

Smokey’s Seasonal Competition closes in just over 24 hours…

The competition closes in just over 24 hours.
If you haven’t entered yet…. this is your last chance to win top-notch security software licenses.

The amount of available licenses is raised again, special thanks to Nick Skrepetos of SuperAntiSpyware. Today he provided us with 10 additional SAS licenses!

More info about The Competition here: http://www.smokey-services.eu/forums/index.php/board,159.0.html

December 20, 2008 Posted by | Alerts, Friends, News, Recommended External Security Related Links | , , , | Leave a comment

Extremely critical 0-Day Exploit for Internet Explorer in the wild

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution

Published: December 10, 2008 | Updated: December 11, 2008

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.

This update to the advisory contains information about which versions of Internet Explorer are vulnerable as well as new workarounds and a recommendation on the most effective workarounds.

The vulnerability exists as an invalid pointer reference in the data binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object’s memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.

At this time, we are aware only of limited attacks that attempt to use this vulnerability against Windows Internet Explorer 7. Our investigation of these attacks so far has verified that they are not successful against customers who have applied the workarounds listed in this advisory. Additionally, there are mitigations that increase the difficulty of exploiting this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) programs to provide information that they can use to provide broader protections to customers. In addition, we’re actively working with partners to monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability.

We are actively investigating the vulnerability these attacks attempt to exploit. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Microsoft continues to encourage customers to follow the “Protect Your Computer” guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additional information can be found at Security at home.

Mitigating Factors:

Protected Mode in Internet Explorer 7 and Internet Explorer 8 in Windows Vista limits the impact of the vulnerability.

• By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.

• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

• Currently known attacks cannot exploit this issue automatically through e-mail.

Source: Microsoft TechNet

December 12, 2008 Posted by | Advisories, Alerts, Friends, Malware, News, Recommended External Security Related Links, Vulnerabilities | , , , , , | Leave a comment

Avoid SpywareInfo.com: it is pushing rogue programs

Compilation of posts/warnings made by Name Game on DSLReports.com and several posts on SpywareInfoForum.info

GoDaddy just auctioned off Mike Healan’s original SpywareInfo.com, and what happened to it is what we feared would when we saw how high the price was getting. It appears that site is pushing rogue programs and is intended to make some quick money for the same people that Mike fought for many years… It is selling several rogue programs, including at least one that is considered to be an active infection… I strongly recommend that everyone avoid it unless your PC if quite well armored and I particularly recommend that no one buy anything through it.

Remember, Mike Healan’s spywareinfo is at http://www.spywareinfoforum.info. Change your bookmarks and shortcuts. And it will be helpful if you will post about the new address at sites you’re a member of.

December 9, 2008 Posted by | Advisories, Alerts, Downloads, Malware, News | , , , , , , | Leave a comment

Windows Server 2008 Service Pack 2 Beta and Windows Vista Service Pack 2 Beta Released

Windows Server 2008 Service Pack 2 Beta and Windows Vista Service Pack 2 Beta – Five Language Standalone (KB948465)

Overview

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta is prerelease code offered to the public through our Customer Preview Program. Please see the Windows Server SP2/Windows Vista SP2 Customer Preview Program page on TechNet/MSDN for additional details, documentation, and forums.

Windows Vista SP2 TechNet
Windows Server 2008 SP2 TechNet

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta apply to people, organizations, and technical enthusiasts who are comfortable evaluating prerelease software. This prerelease software is provided for testing only. Installation of Service Pack 2 Beta will result in Microsoft collecting information about the installation process, even if the installation is not completed. We do not recommend installing this software on primary or mission-critical systems. We recommend that you have a backup of your data before you install any prerelease software.

SP2 is an update to Windows Server 2008 and Windows Vista that addresses feedback from our customers and partners. By providing these fixes integrated into a single service pack, Microsoft provides a single high-quality update that minimizes deployment and testing complexity for customers.

In addition to all previously released updates, SP2 will contain changes focused on addressing reliability and performance issues, supporting new kinds of hardware, and adding support for several emerging standards. SP2 will also continue to make it easier for IT administrators to deploy and manage large installations of Windows Server 2008.

Service Pack 1 is a prerequisite for installing Service Pack 2. Please make sure that your system is running Service Pack 1 before you install Service Pack 2.

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta – Five Language Standalone version can be installed on systems with any of the following language versions: English, French, German, Japanese, or Spanish.

Support for Windows Server 2008 SP2 Beta and Windows Vista SP2 Beta can be received by visiting the Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 TechNet forum.

Quick Details

File Name: Windows6.0-KB948465-X86.exe
Version: 948465
Knowledge Base (KB) Articles: KB948465
Date Published: 12/4/2008

Source/download

Microsoft Download Center

Windows Server 2008 SP2 and Windows Vista SP2 RTM Released (KB948465)

Released on 2009-25-05

Release info and downloads: https://smokeys.wordpress.com/2009/05/26/windows-server-2008-service-pack-2-and-windows-vista-service-pack-2-rtm-released/

December 6, 2008 Posted by | Advisories, Alerts, Downloads, Friends, News, Recommended External Security Related Links, Uncategorized | , , , , , , | Leave a comment