In this month's Microsoft Malicious Software Removal Tool (MSRT) release, we add Win32/Medfos . This is a fairly new family, but it is continuously gaining big detection numbers around the world, especially in the United States. The initial Win32/Medfos infection is usually a downloader component that is distributed in different ways; for example, by visiting a compromised website that redirects to an exploit or by existing malware that downloads it to the already-infected machine. As with a lot...

Our partners in Microsoft Security Response Center (MSRC) recently published their MSRC Progress Report 2012 . It was recently released at Blackhat USA in Las Vegas, Nevada. This year’s MSRC Progress Report provides our customers with the latest information from the Microsoft Security Response Center (MSRC) on the progress of various security initiatives that share information to foster deeper industry collaboration around software security, increase community-based defenses, and better protect...

Social engineering tactics are vast and varied, and we see all sorts of methods being used on a daily basis by malware authors, in their attempts to compromise your machine. One such method that we see often is malware being distributed as an alluring or enticing link or file, and we know that some users (that are perhaps not as cautious as they should be) might click on such links, open such file, or accept file transfers from unknown sources… As has been noted previously , the use of Unicode...

On Monday, we released a Security Advisory on CVE-2012-4969 , a vulnerability in Internet Explorer. A Fix it was released on Wednesday, and a cumulative update is also now available as of today, Friday morning. The vulnerability affects Internet Explorer versions 6 through 9. We have identified that this vulnerability is being used to infect computers by installing malware on them. The exploitation method has an intricate way of getting the payload on the affected machine. A diagram of the "infection...