Hi-tech criminals are “escalating” attacks on an unpatched bug in the Windows XP help and support system.

Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.

Windows PC’s falling victim will have control of that machine handed over to attackers.

Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.

To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.

Mr Ferguson from Trend Micro said there were other steps users could take to stay safe. “It is important to ensure that your security software is capable of identifying and blocking malicious websites,” he said, “as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security.”

Microsoft said it was working on a lasting fix for the loophole.

Source: BBC Technology

Fake anti-virus software that infect PC’s with malicious code are a growing threat, according to a study by Google.

Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software.

Scammers trick people into downloading programs by convincing them that their PC is infected with a virus. Once installed, the software may steal data or force people to make a payment to register the fake product.

“Surprisingly, many users fall victim to these attacks and pay to register the fake anti-virus software,” the study said. “To add insult to injury, Fake anti-viruses often are bundled with other malware, which remains on a victim’s computer regardless of whether a payment is made.”

More than half of the fake software was delivered via adverts, said Google.

Source: BBC Tech News

The number of viruses, worms and trojans in circulation has topped the one million mark.

The new high for malicious programs was revealed by security firm Symantec in the latest edition of its bi-annual Internet Security Threat Report.

The vast majority of these programs have been created in the last twelve months, said Symantec. The report notes: “almost two thirds of all malicious code threats currently detected were created during 2007.”

The vast majority of these viruses are aimed at PCs running Microsoft Windows and are variants of already existing malicious programs that have proved useful to hi-tech criminals in the past.

Source: BBC Tech News

With the rapid increase in adware and spyware infestations its good to see that Microsoft are helping out with their new Malware Protection Center.

As Microsoft stated in their recent security email:

“Get the latest information about malware and potentially unwanted software on the Microsoft Malware Protection Center Portal. Browse the MMPC’s malware encyclopedia, download the latest virus/spyware definitions, submit malware samples, and find links to additional content.”

Visit the Microsoft site for more details.

I found this news item today which clearly shows that surfing the net with an unprotected PC can be extremely dangerous -

“There is now a 50% chance of being infected by an internet worm within just 12 minutes of being online using an unprotected, unpatched Windows PC”, according to Sophos, one of the big anti-virus companies. That’s how bad it has become. Even the U.S. Computer Emergency Readiness team says “the average time-to-exploitation … for an unprotected computer is measured in minutes.”

A recent study found that over 90% of computers are infected by some type of malware picked up from internet usage.

Check out our software reviews page to get your defences against viruses, adware, spyware and hackers.