Microsoft and Yahoo have made an announcement to make MSN Messenger and Yahoo! Messenger compatible. They estimate this to be done by the second quarter of 2006. Here are some features that will be available for the two Instant Messsenger ApplicationsExchang messages between MSN and Yahoo!Compatible friends lists, emoticons and features of each IM. Read…

PoCs to exploit three of the new MS Vulnerabilities have already been released byImmunitysec. Below are the dates of release and the vulnerability which has been exploited October 11, 2005: MS05-046 (Netware) PoC remote exploit for the Netware bug https://www.immunitysec.com/downloa{BLOCKE}artners/ms_netware.tar.gz October 11, 2005: MS05-051 (MS DTC) Trigger for the bug in MS DTC on Windows…

We’ve just gotten hold of an exploit for WinRar and we’ve tested/created our own POC (based on the original one) and yes, it works (tested on WinXPSp2, Winrar v.3.41).How it works The POC works by submitting a loong string (~530 bytes) as an argument to WinRar.exe. WinRar crashes on this, we get our buffer overflow,…

Note: Data below are based on the Virus Encyclopedia entry for SYMBOS_COMWAR.C which has been available since October 16, 2005. Some very interesting twists have been added to this new variant…looks like its evolving and are learning new tricks and social engineering skills.:) Aside from spreading through bluetooth it also sends itself as an MMS…

There have been several studies conducted that explore this new threat of cross-site scripting (XSS) viruses. Currently, cross site scripting has never been utilized to create viruses. These viruses would be both platform independent and would not be affected by common firewall configurations.Cross Site Scripting viruses could have a significant impact for Internet continuity (i.e.:…