Watch out! It seems there is malware that fakes Windows Genuine Advantage Notification and Validation Tool

See the topic at AUMHA (thanks to Microsoft MVP Steve Wechsler for the link).  The HijackThis log show: O23 – Service: Windows Genuine Advantage Validation Notification (wgavn) – Unknown owner – C:WINDOWSsystem32wgavn.exe Note that, the legitimate Windows Genuine Advantage Notification Tool is WgaTray.exe located in WINDOWSsystem32 and there is no Windows Services for it!  The said file is being requested for further analysis.  

OneCare Firewall: a light-weight approach to a heavy-duty problem

Agnitum, the maker of Outpost Firewall reviewed Microsoft’s OneCare Firewall Although the program is very intuitive, nice to look at, and easy to use – which is good for the program’s target audience of inexperienced users – its functionality is a big let-down and does not serve that inexperienced user audience well. It reminds us of those a colorful and feature-rich Graphical User Interfaces (GUI) with nothing behind them that you sometimes see at exhibitions, because the vendors couldn’t finish the whole program in time. Microsoft OneCare needs a serious overhaul before it can be considered anything more than just … Continue reading OneCare Firewall: a light-weight approach to a heavy-duty problem

F-Secure Security Bulletin FSC-2006-4: Scanning bypass vulnerability in antivirus products for Windows

Affected Software F-Secure Anti-Virus client and server products for the Windows operating system Affected versions  F-Secure Anti-Virus 2003 – 2006F-Secure Internet Security 2003 – 2006F-Secure Service Platform for Service Providers 6.xx and earlierF-Secure Anti-Virus for Workstations version 5.44 and earlierF-Secure Anti-Virus Client Security version 6.01 and earlierF-Secure Anti-Virus for Windows Servers version 5.52 and earlierF-Secure Anti-Virus for Citrix Servers version 5.50 – 5.52F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlierNote: Earlier versions of F-Secure Service Platform for Service Providers are known as F-Secure Personal Express Antivirus products for Windows client and server systems fail to detect malware under certain circumstances. … Continue reading F-Secure Security Bulletin FSC-2006-4: Scanning bypass vulnerability in antivirus products for Windows

Opera SSL Certificate "Stealing" Weakness

Affected Software: Opera 8.x Secunia Research has discovered a weakness in Opera, which can be exploited to display the SSL certificate from a trusted site on an untrusted site. The weakness is caused due to Opera not resetting the SSL security bar after displaying a download dialog from a SSL enabled web site. This allows an untrusted web site to display yellow SSL security bar from a trusted web site. NOTE: A more convincing exploit can be done using pop-up windows, which do not have a visible address bar. The weakness has been confirmed in Opera 8.54. Prior versions may also … Continue reading Opera SSL Certificate "Stealing" Weakness

CA Products Scan Job Description Format String Vulnerability

Affected Software:  CA eTrust PestPatrol Anti-Spyware Corporate Edition 8.xCA Integrated Threat Management (ITM) 8.xeTrust Antivirus 8.x A vulnerability has been reported in some CA products, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to a format string error within the handling of the description field of a scan job. This can be exploited to cause the affect products to crash and may allow arbitrary code execution via a specially crafted scan job description that contains format string specifiers. Successful exploitation requires that the … Continue reading CA Products Scan Job Description Format String Vulnerability

Give us open access to Whois data, says US gov’t

The US Federal Trade Commission (FTC) has made a pitch for open access to Whois, saying the databases are a key weapon in its fight against spyware and other internet fraud. The agency on Tuesday called access to the Whois databases, which contain contact information for website operators, “critical to the agency’s consumer protection laws”. It was responding to a recommendation from an Internet Corporation for Assigned Names and Numbers (Icann) committee to restrict use of the data to strictly “technical purposes”. More in http://management.silicon.com/government/0,39024677,39159942,00.htm

Anti-virus market hits $4bn

Worldwide anti-virus software revenues hit $4bn last year, 13.6 per cent up on sales from 2004. According to analyst firm Gartner, the market is almost evenly split between enterprise and consumer sales, with shares of 51.5 per cent and 48.5 per cent respectively. Gartner reckons the consumer market for anti-virus software is becoming commoditised, a development it reckons will spur product changes that will impact on enterprise software products. Chief among developments in the consumer segment is a move towards offering all-in-one security suites, which offer firewall and anti-spyware features as well as defences against computer viruses and Trojans. The … Continue reading Anti-virus market hits $4bn