Adobe is pushing users to adopt automatic updates for Adobe Reader on Windows, in the hope of stemming the tide of security attacks related to people using older versions of the PDF-reading software.

The software maker introduced a default setting for automatic updates on Tuesday, releasing the feature alongside its quarterly patch bulletin on Tuesday. Automatic updates apply fixes to Adobe Reader in the background while people are using their PCs.

“With today’s update, we are entering the next phase in the roll-out by turning the automatic update option on by default for all Adobe Reader users on Windows,” Adobe wrote in a blog post on Tuesday.

With the move, the software maker is getting more aggressive about pushing its updates out to users, many of whom stay with older versions of Adobe Reader even though these have security flaws. The widely used software has frequently been the target of hackers, and the company has released three out-of-band security fixes for vulnerabilities in Adobe Reader since its March quarterly advisory.

The next time the Adobe updater detects that fixes are available, it will present Windows users with a dialog box suggesting they turn on automatic background updates. People can also decline to use the feature.

Source: ZDNet

The US leads the world in numbers of Windows PC’s that are part of botnets, reveals a report.

More than 2.2 million US PCs were found to be part of botnets, networks of hijacked home computers, in the first six months of 2010, it said.

Compiled by Microsoft, the research revealed that Brazil had the second highest level of infections at 550,000.

Infections were highest in South Korea where 14.6 out of every 1000 machines were found to be enrolled in botnets.

The 240-page Microsoft report – http://www.microsoft.com/security/sir/default.aspx – took an in-depth look at botnets which, said Cliff Evans, head of security and identity at Microsoft UK, now sat at the centre of many cybercrime operations.

The research was undertaken, he said, to alert people to the growing danger from the malicious networks.

“Most people have this idea of a virus and how it used to announce itself,” he said. “Few people know about botnets.”

Hi-tech criminals use botnets to send out spam, phishing e-mails and launch attacks on websites. Owners of botnets also scour infected machines for information that can be sold on the underground auction sites and markets found online.

Botnets start when a virus infects a computer, either through spam or an infected web page. The virus puts the Windows machine under the control of a botnet herder.

“Once they have control of the machine they have the potential to put any kind of malicious code on there,” said Mr Evans. “It becomes a distributed computing resource they then sell on to others.”

Despite the large number of people being caught out, Mr Evans said that defending against malware was straightforward.

He said people should sign up for automatic updates, make sure the applications they use are regularly patched, use anti-virus software and run a firewall.

Microsoft has just issued its largest ever list of fixes for flaws in Windows, Internet Explorer and a range of other software.

This month’s update issued patches for 49 vulnerabilities, including one that plugs a hole exploited by Stuxnet, the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units.

“With the significant number of holes identified on the same day, businesses will be racing against time to fix them all,” said Alan Bentley, senior vice president at security firm Lumension.

“Not only is this Microsoft’s largest patch load on record, but 23 of the vulnerabilities are rated at the most severe level,” he added.

Source: BBC Tech News

Hi-tech criminals are “escalating” attacks on an unpatched bug in the Windows XP help and support system.

Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.

Windows PC’s falling victim will have control of that machine handed over to attackers.

Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.

To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.

Mr Ferguson from Trend Micro said there were other steps users could take to stay safe. “It is important to ensure that your security software is capable of identifying and blocking malicious websites,” he said, “as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security.”

Microsoft said it was working on a lasting fix for the loophole.

Source: BBC Technology

Thousands of PC’s around the world have been paralysed by a security update that wrongly labelled part of Windows as a virus.

The update was sent out by security firm McAfee and made affected PC’s endlessly restart.

Corporate customers of McAfee seemed to be hardest hit but some individuals reported problems too.

McAfee apologised for the mistake and released a fix to ensure PCs started working again.

The problems were caused by an update to the long list McAfee’s anti-virus uses to identify which programs are malicious.

McAfee’s 5958 update wrongly identified the Windows svchost.exe file as the wecorl.a virus. This worm tries to replace an existing svchost file with its own version to help it take over a machine. The update wrongly labelled svchost as the virus and then quarantined it. This caused many PC’s to crash as Windows uses many copies of the file to keep the operating system going.

Computers inside businesses running Windows XP with service pack 3 applied were the hardest hit according to reports. The University of Michigan said 8,000 of its 25,000 computers were hit by the faulty update.

Source: BBC Tech News

Security firm Symantec released results of a survey on password management that showed 63 percent of respondents don’t change their passwords very often.

The survey results, released last Friday, also showed 45 percent use a few passwords that they alternate for all accounts, and some 10 percent don’t change their passwords at all. The survey also found that about 10 percent of respondents have used their pet’s name as a password. This is as bad as using words that can be easily guessed, such as your name, your significant other’s name, or your birthday.

The survey was done online at the Symantec Security Response blog over the course of a few days with some 400 responses from readers.

Symantec says that organizations as well as consumers can take precautions to lower their security risk and the first step is by using effective passwords.

An effective password is one that’s hard to guess and yet at the same time easy for the owner to remember.

Here are a few tips for choosing a strong password:

• Use a mix of numbers, letters, punctuation, and symbols.
• Take a word or phrase that’s meaningful to you and alter it.
• Replace the first few characters in your password with numbers or symbols.
• The longer the better – 10 to 20 characters are ideal.
• Avoid personal information, repetition, sequences, and dictionary words.

At a loss. Try the QBS PC help password generating tool. It’s safe and free to use.

Source: ZDNet

A number of BitDefender users, whose 64-bit Windows systems stopped working or were unable to be rebooted after updating their security programs, vented their frustration by flooding the antivirus (AV) vendor’s forum pages over the weekend.

According to an IDG report, users on forum boards started signaling the problem on Saturday evening. The complainants said several Windows files, and the security vendor’s own program files, were identified as “Trojan.FakeAlert.5″ malware after they performed an update for their BitDefender AV programs.

In an e-mail update Monday to ZDNet Asia, Vitor Souza, BitDefender’s global communications director, explained that “multiple” BitDefender and Windows files which comprise .exe, .dll and other binary files, were incorrectly detected as malware and “moved to quarantine”.

The faulty updates were applied to the company’s home user product line as well as BitDefender Business Client and BitDefender Security for File Servers.

Those using BitDefender’s products from 2008 to 2010, on Windows XP, Windows Vista and Windows 7 platforms, were affected.

Intersetingly, back in In 2005, changes to BitDefender technology were blamed for the accidental deletion of thousands of GFI customers’ e-mail messages. Last year, CA also incurred the wrath of customers after its AV technology wrongly identified a Windows XP systems file as a virus, and quarantined the associated files.

ZDNet

Microsoft is re-releasing the patch that caused Windows systems to crash in February with a Blue Screen of Death.

The software maker has re-written the installation package for the update, MS10-015, and will push it out automatically to users. It has written logic into the update to prevent the fix from being installed if the Alureon rootkit is present, it said in a Microsoft Security Response Center statement.

The Alureon rootkit, which makes changes to the operating system kernel, caused the February crashes, according to Microsoft. “I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist,” wrote Microsoft’s senior security communications manager lead, Jerry Bryant, in the statement. “Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit. If these conditions are detected the update will not be installed and the result will be a standard Windows Update error.”

Windows users, primarily those on XP, were hit by the Blue Screen of Death (a succession of system error messages) after Microsoft first released the update on 9 February. Microsoft soon suspected the crashes were due to malware, but delayed re-releasing the patch until it identified the cause.

Adobe issued a fix on Tuesday for a critical vulnerability in its Download Manager program that could be used by an attacker to download malware onto a user’s PC.

People who downloaded Adobe Reader for Windows from Adobe’s Reader download site or Flash Player for Windows from Adobe’s Flash Player site prior to the release of the security bulletin on Tuesday are vulnerable, the company said.

The issue is resolved for any new downloads of Reader and Flash Player from those sites. Download Manager is a tool that helps users efficiently download files from web servers. It is used one time per session and is deleted when the computer is restarted. However, Adobe recommends users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine,” said the security bulletin.

Check to see if you’ve got a vulnerability by seeing whether the C:\Program Files\NOS\ folder and its contents (NOS files) are present on your computer. If they are, Adobe recommends running the ‘services.msc‘ prompt and making sure that ‘getPlus(R) Helper‘ is not in the list of services. If it is, it should be removed.

Source: ZDNet

As mobile phones get more sophisticated, hi-tech criminals are dusting off some old tricks and scams.

Security companies have noticed a rise in trojans known as diallers that used to be popular during the days of dial-up net access.

On a smartphone the diallers are being used to call premium rate lines leaving victims with a big bill!

Experts say the diallers are proving popular as a quick way for criminals to cash in.

Diallers were widely used during the days of dial-up net access when most people connected via modem.

Many diallers lurked on porn sites and, once they snared a victim, disconnected their modem and then placed a long distance call. Many victims were left with huge phone bills.

The economics of international calls meant that some of the cash spent on the call would be shared with the criminals. Some diallers were very sneaky in that they muted the speaker on a modem so victims could not spot when the overseas call was being placed.

Now, the security wing of software firm CA has said it is seeing a rise in diallers for smartphones. This time, instead of calling international numbers, the diallers call premium rate lines and land victims with the bill.

Source: BBC Tech News

A bug, which cropped up on Friday (11/12), meant that users of Office 2003 were unable to access files protected using Microsoft’s rights management service (RMS) technology.

“The issue of the inability to open Office 2003 documents protected with RMS has now been resolved with a hotfix,” Microsoft said in a short statement on its Office sustained engineering blog.

Microsoft has said that the problem was due to an Office 2003 certificate that expired. “This resulted in Office 2003 customers not being able to open Office 2003 documents protected with the Active Directory Rights Management Service (AD RMS) or Rights Management Services (RMS),” a representative said, adding that Microsoft first learned of the issue on Thursday night and had the fix up by Mid-day Saturday.

“The original intent was to refresh and strengthen these certificates over time to keep up with newer technology,” the representative said. “We have not done a thorough post-mortem on this incident since we were very focused on fixing the problem. Looking ahead, we are exploring long-term solutions that will prevent something like this from happening again in the future.”

On Wednesday, Microsoft announced new security features in the upcoming release of Internet Explorer 8 Beta 2.

The features are designed to combat the rising tide of drive-by downloads and malicious scripts contained within carefully crafted links embedded in email and web pages. Most of the new features require systems to be running Windows Vista Service Pack 1 (SP1) or Windows XP SP3.

Perhaps the most anticipated addition is Internet Explorer’s (IE’s) new anti-malware protection. Opera 9.5 and Firefox 3 both recently added anti-malware protection. Safari has so far not announced plans for similar protection.

Using mostly its own anti-malware technology, Microsoft will attempt to block emerging threats by masking the entire IE8 browser screen with a warning to users.

Source: ZDNet

The number of viruses, worms and trojans in circulation has topped the one million mark.

The new high for malicious programs was revealed by security firm Symantec in the latest edition of its bi-annual Internet Security Threat Report.

The vast majority of these programs have been created in the last twelve months, said Symantec. The report notes: “almost two thirds of all malicious code threats currently detected were created during 2007.”

The vast majority of these viruses are aimed at PCs running Microsoft Windows and are variants of already existing malicious programs that have proved useful to hi-tech criminals in the past.

Source: BBC Tech News