Blog
Quick heal blog

Microsoft Updates

 December 9, 2008

Estimated reading time: 1 minute

Overview of the December 2008 Microsoft patches and their status. 8 crtical and important updates have been covered. MS08-070 Multiple vulnerabilities in activeX controls from visual basic 6.0’s runtime allow random code execution. Also affects Visual studio, Foxpro, Frontpage, and MS Project. The vulnerable files are distributed with 3rd party...

Mumbai in Spam and Scams

 November 29, 2008

Estimated reading time: 1 minute

As Mumbai is under terrorist attack, like other major events, this one caught a lot of media coverage, which opens a door for people who likes to make money on tragedies like this. Over the last few days Internet community saw a spike on domains related to the Mumbai attack....

MS08-67 exploited by worm

 November 26, 2008

Estimated reading time: 1 minute

I-Worm.Downadup is using the vulnerability MS08-67 to spread, below is some of the details what we have analyzed so far. – The worm deletes user created System Restore points. – It attempts to contact w3.org, ask.com, msn.com…. – It generates random domain names to download payload, the name are generated...

McColo Corp taken down

 November 12, 2008

Estimated reading time: 1 minute

A good news! Based on the investigative research of the Washington Post’s Brian Krebs, US-based McColo has been taken offline by their various upstream providers. The McColo network not only was a large source of spam, but also trafficked in malware. More info

Microsoft Updates

 November 11, 2008

Estimated reading time: 1 minute

Overview of the November 2008 Microsoft patches and their status. MS08-068 The NTLM protocol allows an attacking server to reflect credentials and use them against the client gaining the rights of the logged on user. MS08-069 Multiple vulnerabilities allow memory corruption (code execution with the rights of the logged on...

Updates for Adobe 8 version

 November 4, 2008

Estimated reading time: 1 minute

Adobe released a security update for Adobe Reader 8 and Acrobat 8, which cover 8 different vulnerabilities. For more details click here List of CVE’s addressed CVE-2008-2992 CVE-2008-2549 CVE-2008-4812 CVE-2008-4813 CVE-2008-4817 CVE-2008-4816 CVE-2008-4814 CVE-2008-4815 This set of vulnerabilities can lead to Internet Security options being changed, privilege escalation, DOS or...

Out of cycle patch…

 October 25, 2008

Estimated reading time: 1 minute

Microsoft has released an out of cycle patch for newly discovered vulnerability in Server Service. The full description is covered in Microsoft Security Bulletin MS08-067 and has been rated critical. The vulnerability could allow remote code Execution. This vulnerability is exploited currently by a Trojan Gimmiv.A. Quick Heal users are...

Music malware

 July 21, 2008

Estimated reading time: 1 minute

A malware that infects multimedia files has been recently discovered. The malware modify the media file .WMA (Windows Media Audio) such that they download a fake codec when played. When a user tries to play an infected file, a popup message is displayed, asking the user to download a certain...

Angelie Jolie spam mail

 July 16, 2008

Estimated reading time: 1 minute

We are noticing a spike in the number of spam mails having subject line Sensation, Angeline Jolie… Angelina Jolie in hardcore… Angelina Jolie … Angelina Jolie shows her … Angelina Jolie shows her …. Angelina Jolie nude The mail contain link to download a Trojandownloader binary from the remote site....

Hackers turn to recruitment sites

 July 13, 2008

Estimated reading time: 1 minute

The Russian hacker are not satisfied with the traditional means anymore and are turning to recruitment sites. By harvesting all the information and selling it to interested parties. Currently it is known that the Russian gang, Phreak is behind this activity. The tool that scours through popular job recruitment sites...