Spyware Remover Help » malware

PandaLabs Annual Report – 2011

Ted — Wed, 01 Feb 2012 16:00:05 +0000

Today we are publishing the PandaLabs report, where you can enjoy an overview of the main figures and security news that have happened in the last 12 months, as well as some figures. You will see how malware creation hit a new record high in 2011 with 26 million samples, that Trojans continue to be [...]—
read the article

Hong Kong, AVAR 2011

Ted — Sat, 12 Nov 2011 12:00:04 +0000

Greetings from Hong Kong! This week we are enjoying the security conference AVAR, which is taking place in Hong Kong. Some interesting topics are being covered, such as the talk “Malware in EFI”, where Intel’s Igor Muttik showed us how malware could take advantage of the the EFI (Extensible Firmware Interface) and the challenges we [...]—
read the article

Microsoft Security Advisory (2639658): Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege – Version: 1.4

Ted — Sat, 12 Nov 2011 04:00:05 +0000

Revision Note: V1.4 (November 11, 2011): Revised impact statement for the workaround, Deny access to T2EMBED.DLL, to address applications that rely on T2EMBED.DLL for functionality.
Summary: Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.

Microsoft Security Advisory (2639658): Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege – Version: 1.3

Ted — Thu, 10 Nov 2011 04:00:03 +0000

Revision Note: V1.3 (November 8, 2011): Added link to MAPP Partners with Updated Protections in the Executive Summary.
Summary: Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.

Microsoft Security Advisory (2639658): Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege – Version: 1.2

Ted — Sat, 05 Nov 2011 03:00:05 +0000

Revision Note: V1.2 (November 4, 2011): Revised the workaround, Deny access to T2EMBED.DLL, to improve support for non-English versions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Customers with non-English versions of Microsoft Windows should reevaluate the applicability of the revised workaround for their environment.
Summary: Microsoft is investigating a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We are aware of targeted attacks that try to use the reported vulnerability; overall, we see low customer impact at this time. This vulnerability is related to the Duqu malware.

PandaLabs Report – Q3 2011

Ted — Fri, 04 Nov 2011 11:00:03 +0000

The new PandaLabs Report Q3 11 is out. Take a look at what has happened in the computer security field during the last 3 months. Just click on the picture. In this quarter 5 million new malware samples have been created and the record of new Trojans has been broken as it the preferred category by [...]—
read the article

Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of Privilege – Version: 1.1

Ted — Tue, 20 Sep 2011 03:00:03 +0000

Revision Note: V1.1 (March 8, 2011): Revised advisory FAQ to announce updated version of the MSRT and added Forefront Security for Exchange Server to the list of non-affected software.
Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.

Microsoft Security Advisory (2506014): Update for the Windows Operating System Loader – Version: 1.0

Ted — Mon, 19 Sep 2011 15:00:03 +0000

Revision Note: V1.0 (April 12, 2011): Advisory published.
Summary: Microsoft is announcing the availability of an update to winload.exe to address an issue in driver signing enforcement. While this is not an issue that would require a security update, this update addresses a method by which unsigned drivers could be loaded by winload.exe. This technique is often utilized by malware to stay resident on a system after the initial infection.

Ransomware posing as Microsoft

Ted — Fri, 16 Sep 2011 11:00:04 +0000

We’ve found yet another malware piece, this time it is a ransomware to take some of your money. Once you get infected (you can receive it in a number of different ways, most likely via spam messages and P2P), your computer is restarted. What for? Well, the malware installs itself to run every time your [...]—
read the article

Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of Privilege – Version: 1.1

Ted — Tue, 13 Sep 2011 03:00:05 +0000