Worm Exploits MS08-067 Bug DOWNAD, also known as the Conficker worm, was first seen in the wild taking advantage of the MS08-067 vulnerability. True to form, it propagated via shared networks. Like its predecesors—the Sasser and Nimda worms—it also raised security concerns with regard to a spike in port 445 activity. A few days after its appearance, reports suggested that the threat had spread. More than 500,000 unique hosts spread across networks in the United States, China, India, the Middle East, Europe, and ...

The month of October in the threat landscape is often associated with scary social engineering tactics in time for Halloween. As in years past, the threats that lurk in and plague the current threat landscape are real. Most of them can cause irreparable damage, often resulting in information, or worse, identity theft as shown in the following blog entries: Weather Report for Halloween: High Chances of a Storm “Halloween Costumes” Bring More Fright Than Expected But just how scary is the Web 2.0 ...

Microsoft’s new OS, Windows 7, was made available to the general public earlier today. To say that this was eagerly anticipated is an understatement, however, as in the United Kingdom, pre-orders on Amazon for copies exceeded both the last book of the Harry Potter series as well as the Nintendo Wii. This made it the biggest grossing pre-ordered item in the history of the online retailer's British site. Trend Micro Senior Threat Researcher David Sancho had this to say about the new OS: Microsoft has been ...

Anybody want to know Trend Micro's top secret internal strategic plans for our upcoming projects? How about our financial returns for the next quarter? Well, sorry, obviously we are not going to give that sort of information out publicly—we'd need to be crazy to do something like that. On the other hand, if you want a heads up on Microsoft's upcoming Windows 8 and Windows 9 OSs (128-bit, apparently) just wander over to the LinkedIn social networking site. PC Pro has published a short ...

Microsoft's monthly patch cycle for September has come out, and it's something of a mixed bag for users. While there were only 5 advisories, all of them were rated as Critical by Microsoft, because if exploited all five could be used to execute arbitrary code on user systems. The patches fix vulnerabilities in the JScript Scripting Engine (MS09-045), the DHTML Editing Component ActiveX control (MS09-46), the Windows Media Format runtime (MS09-47), the TCP/IP stack (MS09-48), and the Wireless LAN AutoConfig service ...