So called ‘fix’ stuffs web connection!

You really can’t deny that Microsoft are keen to ensure their products are secure, hence ‘Patch Tuesday’. That said, maybe they should do just a little more testing before they release.

The issue we’re relating here’s stems from the release of MS08-037 which addressed four vulnerabilities in the Windows DNS service. Basically, the ZA prevented users from accessing the internet as the number of random UDP ports that DNS uses was increased…can you see where we’re going?

Zone Labs became aware of the issue yesterday when Windows users started to download and install the patch.  Zone Labs recommend users remove the patch until a work around is found - so much for being a ’security patch’.

Popularity: 20% [?]

Bad news for gamers.

A new Trojan is spreading fast in World of Warcraft. The malware, which originated in Asia, is slowly spreading through the gaming world with the main activity being in China and Taiwan.

The malware attempts to steal log-in details from YouXiChaYuan and Perfect World, two online games popular in China and some other Asian countries.

The Trojan, ‘W32/OnlineGames!tr’, appears to be limited to specific language versions of Windows or the World of Warcraft client - for now. Hackers tend to rewrite malware code to target new sectors and attempt to bypass security mechanisms so expect to see this Trojan heading you way. As yet, the method of infection is unknown.

“With the online gaming market thriving with consumers, malicious activity will very likely continue for some time in this emerging sector as it forms a viable target,” said Derek Manky of Fortinet.

Unhappy times ahead; make sure you’re protected with the latest anti-malware updates and signatures.

Popularity: 80% [?]

Traditional methods failing.

Security specialist are now acknowleding that the standard approach to combating malware is flawed. Blacklisting, where code is prevented from running, is a reactive measure. Enter Whitelisting. This control method allows only pre-approved software (the whitelist) to run on a machine. Any unknown or unwanted code is prevented from executing.

Vendors such as Bit9 have been pushing this control method for some time now and have an impressive capability. Also, Microsoft appear to be taking  whitelisting one step further with Bitlocker. The tool encrypts the hard disk and only allows it to work on a specific machine. The software can also be set up for user authentication, so a computer will only boot after the user enters a unique key stored on USB. Who said Microsoft weren’t interested in security?

Popularity: 20% [?]

The word according to PC Tools.

Yes, you read it right. It looks like Vista is more susceptible to malware than it’s younger version, Windows 2000.  Not good news for Microsoft.

Using ThreatFire security service, PC Tools found that Vista lets through 639 threats per 1,000 compared to 586 for Windows 2000. Windows 2003 comes in even lower with 487 but XP does not fair well: 1,021 - I’m not sure how that works based on a figure of 1,000 analysed threats! Working on those figures, 64% of the Vista installation base is infected and 100% of XP - can’t be right, I’m clean (I think).

Microsoft bites back.

What else would you expect? According to a spokesman from MS, statistics from the Malicious Software Removal Tool show the figures to be far lower - but didn’t give any figures. MSRT ran on around 400 million Windows machines in November 2007 and, apparently, the figures returned do not show the same level of vulnerabilities found by PC Tools.

Just to be safe, I’m going to fire up my Ubuntu laptop.

Popularity: 21% [?]

Don’t panic, it’s all in hand…

…other peoples hands! Yes, you guessed it. Just when the government thought we had forgotten about their apalling data security track record another hot potato pops up. An answer to parliamentry questions showed that 600HMRC staff have been disciplined for unnecessarily accessing data: 238 in 2005, 180 in 2006 and 192 in 2007. Staff are apparently bound by a strict policy only allows them to access your personal records if there is a business case. Judging by the figures it would appear that the policy has become elastic!

Crying into my soup.

HMRC has stated that it takes a very serious approach to breaches of data integrity. Each breach resulted in disciplinary action with the majority of cases resulting in dismissal - cool. They’ve looked at your personal data then they’re allowed to leave the building! I feel so much safer now. To be fair, these number pale in comparison to the loss of two data discs from HMRC. They only had the deatails of 25 million people on them!

Final though: Does anyone want to emigrate to New Zealand with me!!!

Popularity: 20% [?]

Annoying UAC beaten with a shovel!

A non-profit organisation, NeoSmart, claims to have bypassed Vista’s User Access Control. On Sunday they posted an article on their website which suggests that UAC has only been added as ‘annoyance-ware’ - I made that word up. Will it carry? To be fair, I think any of you that use Vista are already aware that this feature is pretty useless. In my opinion, the prompt that you receive should be more along the lines of: “Do want to run this software even though it might turn your machine into a useless lump of plastic and metal?”. Back to the article.

The system was designed to be broken!

Yes, you read that the subtitle right. Critics have said that, by bypassing UAC, NeoSmart are doing feature was doing as Microsoft intended - Yeah, let’s spend about $10 billion dollars on product with tightly integrated security features. The best part is that we want the security to be bypassed! It’s an odd world.curity”.

As you may know, UAC was designed to stop the installation or execution of dangerous code. I think most people will agree that it’s more of a hindrance. The constant requests for confirmation of trivial tasks make this a contender for ‘annoyance-ware of the year’ award.

Lowdown

NeoSmart have developed iReboot. This that helps users decide which OS they would like to reboot into. UAC caught the application at startup and  stopped it from running. Using some dark coding arts, the NeoSmart eggheads worked around this issue by splitting iReboot two. One of the parts, a background process, runs privileged access to the operating system. This does not require administrator approval at boot time. The second component runs as a client program and talks to the background service. This allows the code to run without invoking UAC.

There’s not much more I can say. Another hole or simply Microsoft having some fun to the tune of $10 billion. You work it out.

Popularity: 20% [?]

Global slush fund.

I’m assuming that you have some interest in technology. If you didn’t you wouldn’t be here, right? So that means you also have an interest in protecting your data. You should also be concerned about security mechanisms in place with 3rd parties. You’re not alone. SMEs are placing far more emphasis on securing channels with partner organisations. All to the tune of an anticipated £5.3 billion this year. This is a global figure which is expected to rise to over £6.6 billion by 2012. That would buy a lot of toys for my cat!

This may not seem like a huge amount of cash considering the figures represent a global perspective. Consider this: key players in the tech market have been making up ground in terms of Anti Virus and email security. That will cause the overall cost of security products to fall in the long run. Now add price reductions into the spend figure and you can see the significance.

Click here to go to the home page.

Popularity: 48% [?]

Security for all.

Checkpoint does the security thing really well. Their latest offering is no exception. The Power-1 gateways come in two flavours: 5070 and 9070. This offering has been designed to work on anything from relatively inexpensive SOHO product right up to heavyweight enterprise hardware in the data centre.

Administration of the Power-1 can be carried out from a single GUI installed on CheckPoint, Crossbeam, Nokia, Sun, and IBM hardware. An interesting new feature incorporate into Power-1 is SmartDefense. This technology is aimed at UTM (Unified Threat Management) and dealing with emerging threats. I do question this capability. Does any vendor really know the direction of ‘emerging threats’? If you have spare £20,000, or so, then this may well be worth looking at.

Technical specs here.

Click here to go to the home page.

Popularity: 21% [?]

Gone are the days of simple mischief.

The end goal of a cracker used to be simple. Break into a system, deliver some malicious code successfully and then tell all their fellow mayhem-makers. Times have changed. Malicious software now accounts for a significant number of security breaches resulting in the loss or theft of confidential data. Creation of spam relay point on corporate networks was cited as another major issue by companies.

Advances in malware detection has seen massive reductions in the overall number of infections, down from 35% two years to 14% this year but the sophistication of attacks has increased. It would appear that criminals are intent on using malware to leverage security flaws in order to steal or destroy data.

The results of the latest findings will be shown at Infosecurity Europe in London nest week.

Click here to go to the home page.

Popularity: 20% [?]