Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: Waledac Trojan Hosted by Fake Obama Website

    “Now that Inauguration Day is upon the US, malware authors have a new spate of social engineering tricks up their sleeve.” We've seen Barack Obama's name used by malware authors for malevolent purposes before, during the campaign and leading up to the US Presidential Elections. Now that Inauguration...
  • Blog Post: The new IE exploits for Advisory 961051, Now Hosted on Pornography Sites

    Two days ago, we blogged about attacks that involve exploits of the recently discovered vulnerability in Internet Explorer. We would like to give you a quick update about these attacks. Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed...
  • Blog Post: National CyberSecurity Awareness Month

    Today marks the beginning of National CyberSecurity Awareness Month here in the United States. I would like to take this opportunity to acknowledge all the security professionals around the world who work tirelessly to make cyberspace a safer place for all our online pasttimes. You know who you are....
  • Blog Post: We're Excited to Announce the Release of the MMPC Portal V2!

    We’ve been working hard, have heard your feedback, and are excited to announce V2 of the MMPC Portal ! This new portal contains several new features including stream-lined sample submission and tracking, which is made possible by creating an MMPC profile. When you log in, the information saved in your...
  • Blog Post: Centralized Information About The Conficker Worm

    Since the time Microsoft released security update MS08-067 , we have released information about MS08-067 exploits and specifically about the Conficker worm in our malware encyclopedia and in multiple blog posts for example here . This blog provides a summary of the available information Microsoft has...
  • Blog Post: MSRT slices the Hamweq for Christmas

    This month, Worm:Win32/Hamweq has been added to the Malicious Software Removal Tool (MSRT) in time for the holidays. Hamweq makes it on to MSRT’s “naughty” list as an IRC-controlled backdoor that spreads via removable drives. It has multiple means of hiding its presence; it installs itself into a hidden...
  • Blog Post: Announcing the MMPC Portal v2 Beta Release!

    Where you can find it: www.microsoft.com/security/portal/beta How you can give us feedback: Please give us feedback via MS Connect or directly from the MMPC Portal V2 Beta . So now that the important details have been shared, let’s talk about the more interesting part: What is it? The MMPC Portal V2...
  • Blog Post: Protecting Our Customers From Half a Million New Unique Malicious Files Every Day

    You might find it hard to believe, but that’s the number of new unique malware samples we detect on average every day in the wild. During the second half of 2008 our products detected a total of nearly 95 million unique malicious files. The total number of distinct malware files we detect every day in...
  • Blog Post: Do and don’ts for p@$$w0rd$

    Almost a year ago , we started a project designed to monitor incoming attacks against a normal user on a day-to-day basis. We presented you with details about the geographical area from where the attacks originated and what services were targeted, and we gave you just a hint about FTP dictionary-based...
  • Blog Post: Doctor Who calling–on Skype, with malware

    Earlier this week, I received a phone call via Skype on my laptop, the caller’s ID was “ dralerthelpzc8 ” as in Dr Alert Help ZC8 . The voice on the other end was automated, computerized and otherwise non-human, and alerted me that I had a virus that affects Windows Vista, Windows XP and Windows 7 and...
  • Blog Post: Introducing Microsoft Security Essentials

    The Microsoft Malware Protection Center (MMPC) would like to introduce you to Microsoft’s new security program - Microsoft Security Essentials . The MMPC is very excited about this release, which should help us to protect more customers around the world at no cost. Here’s a note from the Microsoft...
  • Blog Post: Microsoft Security Essentials Beta Announced

    Microsoft Security Essentials is a new, no-cost, anti-malware solution for genuine Windows PC consumers that provides real-time protection against viruses, spyware and other malicious threats. It is a lightweight, effective and modern anti-malware which runs on 32 bit and 64 bit Windows 7, Windows Vista...
  • Blog Post: Limited Exploitation of Microsoft Security Advisory 961051

    The MSRC released a security advisory yesterday about a vulnerability in Internet Explorer. Just like our colleagues at the MSRC , we're tracking the situation very closely as we've observed the vulnerability exploited in the wild, however within a relatively limited context. Virtually all the malicious...
  • Blog Post: Welcome to the New Look Microsoft Malware Protection Center Blog

    Hi, Vinny here Welcome to our newly refreshed blog! We wanted to create a new home for the Microsoft Malware Protection Center (MMPC) blog that was easier to navigate, and more in synch with our security colleagues within Microsoft such as the Microsoft Security Response Center . If you are new to our...
  • Blog Post: There's a New Virut on the Block

    After quite a while with no new activity, there's a new Virut variant. We detect the new variant as Virus:Win32/Virut.BM . Like the previous versions, Virut is a polymorphic file infecting virus that infects PE executable files like EXE and SCR files. The virus also opens a backdoor connection to an...
  • Blog Post: Who's at Risk on the Internet Today? We All Are. Act Accordingly…

    Here at the Microsoft Malware Protection Center (MMPC) we look for ways to share the valuable data, insights and expertise that we have with our customers on a regular basis. We just released the sixth volume of our Microsoft Security Intelligence Report (SIR). The SIR shares the conclusions drawn by...
  • Blog Post: Get Protected, Now!

    Microsoft released a security update today that fixes a vulnerability that affects all supported versions of Windows. On some versions of Windows, an unauthenticated attacker can remotely execute code on a vulnerable computer. Basically if file sharing is enabled and the security update is not installed...