Just a couple of days ago, I blogged about finding a media player that could play video clips on its own, without having to go through the hassle of installing an unknown codec that can put your system at risk. For those who frequently watch videos, I sure hope you took my advice. Several hours ago, I happened to stumble along another website that poses as a codec download site. Apparently, perfectcodec(dot)com is a distribution vector for yet another TROJ_ZLOB variant.

The design of the website looks so professional that it can even trick the most experienced users.

When executed, The TROJ_ZLOB variant that can be downloaded from this site displays a EULA dialog box in its setup routine to fool the user into thinking that it’s a legitimate application.

This malware (to be detected by Trend as TROJ_ZLOB.BLQ) has been sent to the proper channels so that an appropriate solution can be deployed. We’ll keep you posted for updates.

Microsoft already released their November patch, they released 6 bulletins that covers 1 zero-day vulnerability, Microsoft XML Core Services Could Allow Remote Code Execution. below are the details of November’s release

• MS06-066- Vulnerabilities in Client Service for NetWare Could Allow Remote Code Execution
  
• MS06-067- Cumulative Security Update for Internet Explorer
  
• MS06-068- Vulnerability in Microsoft Agent Could Allow Remote Code Execution
  
• MS06-069- Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution
  
• MS06-070- Vulnerability in Workstation Service Could Allow Remote Code Execution
  
• MS06-071- Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

Click the links above for detailed information on these bulletins.