Quick heal blog

DNS poisoning vector

 January 7, 2009

Estimated reading time: 1 minute

The Internet Systems Consortium has released an update for all supported BIND 9.x versions. In this update a potential DNS poisoning vector has been addressed. The problem appears to affect only specific BIND configuration where DNSSEC has been enabled. Refer to the ISC BIND Server software Index

Christmas Ecard Malware

 December 25, 2008

Estimated reading time: 1 minute

Beware of e-mails consist of a hyperlink to a “Christmas card”. If a user visits this site, he will see the following. The user will need to click on either button, get a Security Warning and will need to accept the fact that an executable is being run.

AVAR 2008 International Conference hosted in India

 December 22, 2008

Estimated reading time: 3 minutes

New Delhi, 11th December 2008: Quick Heal Technologies hosted Asia’s Premier Information Security Conference – Association of Anti-Virus Asia Researchers (AVAR 2008 International Conference) for the very first time in New Delhi, India. AVAR 2008 was a unique three day event showcasing the latest technologies in Information Security and Anti...

Out of band Microsoft Patch

 December 16, 2008

Estimated reading time: 1 minute

Microsoft has announced that they will be releasing an out of cycle security bulletin tomorrow for the IE zero day vulnerability being exploited. Click here for more information. Many site were discovered hosting the exploit code, which were injected using SQL Injection attacks. The site pages were having links to...

Microsoft Updates

 December 9, 2008

Estimated reading time: 1 minute

Overview of the December 2008 Microsoft patches and their status. 8 crtical and important updates have been covered. MS08-070 Multiple vulnerabilities in activeX controls from visual basic 6.0’s runtime allow random code execution. Also affects Visual studio, Foxpro, Frontpage, and MS Project. The vulnerable files are distributed with 3rd party...

Mumbai in Spam and Scams

 November 29, 2008

Estimated reading time: 1 minute

As Mumbai is under terrorist attack, like other major events, this one caught a lot of media coverage, which opens a door for people who likes to make money on tragedies like this. Over the last few days Internet community saw a spike on domains related to the Mumbai attack....

MS08-67 exploited by worm

 November 26, 2008

Estimated reading time: 1 minute

I-Worm.Downadup is using the vulnerability MS08-67 to spread, below is some of the details what we have analyzed so far. – The worm deletes user created System Restore points. – It attempts to contact,,…. – It generates random domain names to download payload, the name are generated...

McColo Corp taken down

 November 12, 2008

Estimated reading time: 1 minute

A good news! Based on the investigative research of the Washington Post’s Brian Krebs, US-based McColo has been taken offline by their various upstream providers. The McColo network not only was a large source of spam, but also trafficked in malware. More info

Microsoft Updates

 November 11, 2008

Estimated reading time: 1 minute

Overview of the November 2008 Microsoft patches and their status. MS08-068 The NTLM protocol allows an attacking server to reflect credentials and use them against the client gaining the rights of the logged on user. MS08-069 Multiple vulnerabilities allow memory corruption (code execution with the rights of the logged on...

Updates for Adobe 8 version

 November 4, 2008

Estimated reading time: 1 minute

Adobe released a security update for Adobe Reader 8 and Acrobat 8, which cover 8 different vulnerabilities. For more details click here List of CVE’s addressed CVE-2008-2992 CVE-2008-2549 CVE-2008-4812 CVE-2008-4813 CVE-2008-4817 CVE-2008-4816 CVE-2008-4814 CVE-2008-4815 This set of vulnerabilities can lead to Internet Security options being changed, privilege escalation, DOS or...