Blog
Quick heal blog
I-Worm.Downadup is using the vulnerability MS08-67 to spread, below is some of the details what we have analyzed so far. – The worm deletes user created System Restore points. – It attempts to contact w3.org, ask.com, msn.com…. – It generates random domain names to download payload, the name are generated...
A good news! Based on the investigative research of the Washington Post’s Brian Krebs, US-based McColo has been taken offline by their various upstream providers. The McColo network not only was a large source of spam, but also trafficked in malware. More info
Overview of the November 2008 Microsoft patches and their status. MS08-068 The NTLM protocol allows an attacking server to reflect credentials and use them against the client gaining the rights of the logged on user. MS08-069 Multiple vulnerabilities allow memory corruption (code execution with the rights of the logged on...
Adobe released a security update for Adobe Reader 8 and Acrobat 8, which cover 8 different vulnerabilities. For more details click here List of CVE’s addressed CVE-2008-2992 CVE-2008-2549 CVE-2008-4812 CVE-2008-4813 CVE-2008-4817 CVE-2008-4816 CVE-2008-4814 CVE-2008-4815 This set of vulnerabilities can lead to Internet Security options being changed, privilege escalation, DOS or...
Microsoft has released an out of cycle patch for newly discovered vulnerability in Server Service. The full description is covered in Microsoft Security Bulletin MS08-067 and has been rated critical. The vulnerability could allow remote code Execution. This vulnerability is exploited currently by a Trojan Gimmiv.A. Quick Heal users are...
A malware that infects multimedia files has been recently discovered. The malware modify the media file .WMA (Windows Media Audio) such that they download a fake codec when played. When a user tries to play an infected file, a popup message is displayed, asking the user to download a certain...
We are noticing a spike in the number of spam mails having subject line Sensation, Angeline Jolie… Angelina Jolie in hardcore… Angelina Jolie … Angelina Jolie shows her … Angelina Jolie shows her …. Angelina Jolie nude The mail contain link to download a Trojandownloader binary from the remote site....
The Russian hacker are not satisfied with the traditional means anymore and are turning to recruitment sites. By harvesting all the information and selling it to interested parties. Currently it is known that the Russian gang, Phreak is behind this activity. The tool that scours through popular job recruitment sites...
A new vulnerability has been found in Snapshot Viewer for Microsoft Access which is being exploited. The flaw lies in the Snapshot Viewer ActiveX control, which ships with all supported versions of Microsoft Office Access except Microsoft Access 2007 according to Microsoft. Snapshot Viewer lets PC users view a Microsoft...
Microsoft warns that an unpatched Word vulnerability has become the subject of targeted attacks.According to Microsoft’s testing, it only affects Microsoft Office Word 2002 Service Pack 3. Using the vulnerability a hacker can inject hostile code onto vulnerable system. Redmond has published workarounds as a stop-gap measure while its researchers...