Microsoft to Release KB961051 on the Dec 17, 2008

According to McAfee and I will quote:

December 16, 2008: Microsoft has announced an out-of-cycle patch release for a critical, remote-code-execution, vulnerability in Microsoft Internet Explorer (CVE-2008-4844). The patch, to be released on December 17, will address the vulnerability across multiple versions on Internet Explorer running on supported Windows platforms.

[via McAfee Threat Center]

From what I am understanding it will be KB961051 and will be a critical update on all Windows platforms.  Microsoft issued a security advisory for this on there Technet support website.   This will probably be put online sometime tomorrow and will be available to download after 10am PST although this is just a rumor because when I go to that article they talk about the work around and how to fix it temporary until they release the patch.  This is releated to the IE Vulnerability that is in the wild and has been causing havok on the internet.

IE vulnerability in the Wild

Well this was bound to happen, hackers found this vulnerability and is using it for their own purposes. 

It seems they put a virus on your system.  Microsoft has issued an Recommendation and to check out Microsoft Security Bulletin MS06-055.

“What we’ve seen from the exploit so far is it stealing game passwords, but it’s inevitable that it will be adapted by criminals,” he said. “It’s just a question of modifying the payload the trojan installs.”

Said Mr Ferguson: “If users can find an alternative browser, then that’s good mitigation against the threat.”

[Via BBC News]

I personally like to recommend a program that will do a better job at security and that is Firefox,  I also suggest people use the Thunderbird and not Microsoft mail program.  This will greatly reduce your likely hood of getting a virus or Trojan.   Most of the time hackers like to find new ways to infection to get into your system.  If you want to preven having a virus in the future, I’d recommend going to my Malware Resource and check out a good firewall and anti-virus.   This will prevent you from getting some of the viruses and other types of malware.

Removing Win32/Bagle.HE worm

Here is another virus that seems to be spreading lately.   From the looks of it, it sees to be another email worm.  Here is what eset says:

Aliases

Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)

Win32/Bagle.HE is a worm that spreads via e-mail. The size of its executable is 40565 B .

When executed the worm copies itself in the following locations:

• Documents and Settings\All Users\Application Data\hidn\
  hldrrr.exe
• Documents and Settings\All Users\Application Data\hidn\
  hidn2.exe

In order to be executed on every system start, the worm sets the following Registry entry:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key

It seems to have a manual removal process, Unless you pay for the other software but according to the 411 on PC Security:

Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.

The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.

Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.

Facebook : Beware Spam for breakfast. (Virus)

In today’s society, we’ve been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:

The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user’s friends via the site.

“Unfortunately, users are very trusting of messages left by ‘friends’ on social networking sites,” said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. “So, the likelihood of a user clicking on a link like this is very high.”

[Via Channel Web]

This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they’ll say you need and if you’ve already installed this list of codecs then you know they’ll not telling the truth and you can quickly get away from the site laughing.

trojan.zlob removal tricks!!

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.”  So to remove this little Trojan you would want to download one an Anti-virus and firewall.   Once you install the software the program should fix the problem for you.   This one seems to be really easy to fix.   So Please read my post on how to better protect your self if you want to prevent this in the future.

Avg detected Trojan Horse Generic 12.htc?

Just got a warning from AVG about, trojan horse generic 12.HTC, haven’t heard of it, anyone out there hear if this one? apparently it infects explore.exe, and after months of explore.exe crashing I’d say it’s a legit virus.

[Via Answer Bag]

Some tricks and tips to remove this little virus is quite simple. It is embedded in your system so how do you remove this threat? Easy follow these steps and you will have a better chance of getting rid of the virus:

1. Find out all you can on the virus – Finding out the extent of where the virus lays is really a good idea.  Just because you found one place doesn’t mean it isn’t also hiding some other place.  Some good ways to figure out where it might be is to download Hijackthis and Then onces you download it and install.  Run it, and when you get the LOG file you will want to go to HijackThis Log Analysis Site 1 and HijackThis Log Analysis Site 2, and see what it says.

Is Hulu the “salad course”?

As I’ve been watching Hulu the last few months.  I’ve come to think that Hulu isn’t offering us the viewers the chance of a full course meals.  They seem to like to stop after the first 2-3 seasons on most of the shows.    I recently contacted Hulu about the Naruto episodes and here’s what they had to say about it:

Thanks for the email. On background, sometime in the coming weeks, Hulu
will get the remaining episodes of Naruto Season 1, and we'll also get
episodes from Season 2-3 in the future as well. 

Please let me know if you have any questions. Thanks.
Brandon Boone

So why does Hulu do this? I have a theory and this is one that most people will agree on. My theory is that the distributors are trying to entice us into buying the rest of the seasons from someplace, like Amazon or Itunes. Now I am going to have to say this is really stupid way of business and will sooner or later create even more of a demand to download these shows illegally. In the past people have always looked for the cheap way to watch there favorite shows.