Friday, December 28, 2007

New Rogue - MalwareCrush

They don’t stop trying do they? I’ve just had a report about another new rogue that goes by the name of MalwareCrush.

MalwareCrush is a rogue anti-spyware program that uses aggressive advertising and is installed onto your computer through the use of Trojans and other malware. This software is typically installed on your computer when you download programs masquerading as a video codecs required to view a video on a web page. In reality, though, when you install these Trojans, they will instead show fake security alerts in your Windows taskbar and install MalwareCrush onto your computer without your consent.

Once MalwareCrush is installed, it will automatically start and scan your computer. When the scan is finished it will have found the malware that actually installed it in the first place, but will require you to purchase the software before you can attempt to remove it. This is obviously a scam and you should not purchase the software under any circumstances.

Removal guide and screenshots at Bleeping Computer

Monday, December 10, 2007

Microsoft Security Bulletin Advance Notification for December 2007

Microsoft have released an advance notification for the normal monthly updates that are due to be released next Tuesday. Don't forget to prepare for the updates as I've outlined in an earlier entry - How To Prepare for Patch Tuesday.

The following updates are planned for release on Tuesday December 11th.

Critical (3)

Microsoft Security Bulletin 2
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, DirectX, DirectShow...

Microsoft Security Bulletin 6
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Windows Media Format Runtime...

Microsoft Security Bulletin 7
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows, Internet Explorer...

Important (4)

Microsoft Security Bulletin 1
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows...

Microsoft Security Bulletin 3
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution...
Affected Software: Windows...

Microsoft Security Bulletin 4
Maximum Severity Rating: Important
Impact of Vulnerability: Elevation of Privilege...
Affected Software: Windows...

Microsoft Security Bulletin 5
Maximum Severity Rating: Important
Impact of Vulnerability: Local Elevation of Privilege...
Affected Software: Windows...
---

Microsoft Windows Malicious Software Removal Tool
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS
For this month:
• Microsoft is planning to release -six- non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).
• Microsoft is planning to release -one- non-security, high-priority update for Windows on Windows Update (WU).
Note that this information pertains only to non-security, high-priority updates on Microsoft Update, Windows Update, and Windows Server Update Services released on the same day as the security bulletin summary. Information is not provided about non-security updates released on other days..."

Sitemeter