It’s been a busy year for Microsoft Security Essentials . As we observed right after the first week of release, Microsoft Security Essentials had already detected threats on over half a million computers. As Microsoft Security Essentials enters...

A bit of research goes a long way as we’re going to prove in this blog post. Sometimes, as we'll see with TrojanDownloader:Win32/Camec.A , a little investigation reveals that a seemingly ordinary malware is in fact an exotic bird. The other day...

A threat we call Trojan:MSIL/Fakeinstaller.A has been making the rounds lately. It is a slight deviation from the family of malware threats known as Trojan:Win32/Ransom . The malware is similar to Trojan:Win32/Ransom , which seizes control of the computer...

There have been a few recent incidents of what we previously thought was extremely rare - malware authors using code signing certificates that were issued to companies with good reputations. The high-profile Stuxnet incident included validly signed...

For this month, we added the Win32/FakeCog family to the Malicious Software Removal Tool (MSRT) release. FakeCog is another family of rogue applications that employ dubious methods to convince an unsuspecting user to install and buy their software. It...

Starcraft 2 is gaining popularity not only for gamers but also for malware writers. We wrote about Starcraft almost two months ago when it was first released. Now, apparently, it is also being used as part of a social engineering technique by a downloader...

We have some updated information for you regarding Worm:Win32/Visal.B , known as the "Here you have" worm (with a SHA1, a unique identifier for the threat, of 0x0BA8387FAAF158379712F453A16596D2D1C9CFDC) that we also blogged about yesterday. First,...

Worm:Win32/Visal.B is a new worm, written in Visual Basic, that is currently propagating in part using social-engineering. We strongly encourage customers to be cautious about clicking suspicious or even simply unexpected links in email, even if it’s...

Those of you who read an earlier post of mine know about Operation b49 , our work to take down the Waledac botnet. For those who don’t, I will summarize by saying that Microsoft’s Digital Crimes Unit, in partnership with Microsoft’s...

A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven . We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation. Let us say from the beginning that the guys behind this...