Welcome to TechNet Blogs Sign in | Join | Help

December 2008 - Posts

Just in time for New Year's....

Posted Wednesday, December 31, 2008 9:26 PM by mmpc
Hello again from Melbourne! We've seen another resurgence of Worm:Win32/Conficker , this time as Worm:Win32/Conficker.B . We've already received a number of reports of this new variant from the wild from affected users. Not surprisingly, a majority of Read More...
(Comments Off)

Namaskar from New Delhi - AVAR 2008

Posted Tuesday, December 30, 2008 11:03 PM by mmpc
Recently I returned from the Association of anti-Virus Asia Researchers Conference (known as AVAR 2008 ) in New Delhi, India. Microsoft was a Gold Sponsor of the conference, at which there were a number of interesting presentations. This was also a great Read More...
(Comments Off)

Now I've Seen It All (Maybe)

Posted Friday, December 19, 2008 1:50 PM by mmpc
I've been coding anti-virus routines for 1, 2, 5... 10, 15, 20... a really long time. Starting with the Apple II, before there was even an anti-virus industry, and continuing on the PC (and funnily enough, joining the industry wasn't the obvious choice Read More...
(Comments Off)

MSRT Review - Win32/FakeXPA and Win32/Yektel Rogues

Posted Wednesday, December 17, 2008 12:03 PM by mmpc
As mentioned previously on this blog, we added two “rogue” families to MSRT this month: Win32/FakeXPA and Win32/Yektel . We’ve known that rogues in general have been growing in prevalence for some time and with two months of MSRT data (last month we added Read More...
(Comments Off)

The new IE exploits for Advisory 961051, Now Hosted on Pornography Sites

Posted Saturday, December 13, 2008 8:00 PM by mmpc
Two days ago, we blogged about attacks that involve exploits of the recently discovered vulnerability in Internet Explorer. We would like to give you a quick update about these attacks. Based on our stats, since the vulnerability has gone public, roughly Read More...
(Comments Off)

Limited Exploitation of Microsoft Security Advisory 961051

Posted Thursday, December 11, 2008 2:08 PM by mmpc
The MSRC released a security advisory yesterday about a vulnerability in Internet Explorer. Just like our colleagues at the MSRC , we're tracking the situation very closely as we've observed the vulnerability exploited in the wild, however within a relatively Read More...
(Comments Off)

Win32/Yektel - the Other Kind of Rogue

Posted Wednesday, December 10, 2008 4:41 PM by mmpc
In addition to Win32/FakeXPA we added another rogue-related malware family to MSRT this month - Win32/Yektel . Win32/Yektel is a different kind of rogue. Like other rogues, it displays fake warnings about possibly malware or spyware, but rather than pretending Read More...
(Comments Off)

FakeXPA... Journey of a Rogue

Posted Tuesday, December 09, 2008 11:00 AM by mmpc
Rogue security products have been around for some years, and now they seem to be everywhere. In my previous blog about Trojan:Win32/Antivirusxp I talked about the relationships between rogue products and various other threats. One common behavior of rogue Read More...
(Comments Off)

O Come All Ye Malware

Posted Thursday, December 04, 2008 5:30 PM by mmpc
Well, after our last post, it certainly didn't take long to see some examples of festive malware from the wild. (You'd almost think that we've seen this kind of behavior before - again and again and again...) In the last couple of days, we (and other Read More...
0 Comments

Merry Malware - You’d better watch out, you’d better think twice…

Posted Tuesday, December 02, 2008 10:16 AM by mmpc
With visions of sugarplums dancing through my head constantly from around September onwards, I eagerly (and somewhat obsessively) await the festive season every year. As heralded by my son opening the first box on his advent calendar this morning to liberate Read More...
(Comments Off)
 
Page view tracker