Dont we all hate those nasty worms and virus programs that destroy your entire Operating System? Well I do for sure and searched Symantec for the latest removal tools for Backdoor.Agent.B, W32.Evaman.C, W32.Erkez.B@mm, W32.Korgo and W32.Donk.Q worms!

Windows XP SP2 is save agains trojan horses, hackers, viruses and other intruders but they open up the door for everyone if you share files for your local area network. Here is a quick translation by google, if anyone can translate it in proper english it would be appriciated. As soon as you install SP2 on a Windows XP PC with a certain configuration, your file and printer releases are despite activated Firewall, world-wide visibly likewise all other services. The PC must make only for an internal LAN releases as well as by modem or ISDN a connection available to the InterNet manufacture. DSL users are excluded likewise concerned, those, which already integrated a Firewall in the DSL modem or one DSL-rout use. In addition the InterNet connecting release of this PC must be deactivated. Read More

PC-Welt berichtet das folgende:

"Windows XP Service Pack 2 mit erweiterten Sicherheitstechnologien unterstützt Sie darin, Ihren PC gegen Viren, Würmer und Hacker abzusichern." So wirbt Microsoft auf seiner deutschen Web-Seite für Service Pack 2. Was der Windows-Hersteller verschweigt: Statt Viren, Würmern, und Hackern lädt das angeblich so sichere SP2 für Windows XP ganz normale Surfer zum Spaziergang auf Ihrem Rechner ein. Mehr

Bitdefender, Kaspersky, F-Secure, McAfee and Norton released new virus updates to protect your system against the latest known threats. There are also new security updates available for The Cleaner, Ad-Aware SE and Spybot S&D! Check the links for more details.

Freeware Qwik-Fix Pro uses Active System Hardening to protect Windows desktops and servers against new threats by blocking the underlying vulnerabilities exploited by worms and viruses. Qwik-Fix Pro protects from hundreds of specific worms and viruses and safeguards PCs from falling victim to the next worm or virus before vendor security patches become available. Qwik-Fix Pro? users were protected in advance from Sasser, MSBlaster, SoBig.F, and even the recent Scob and download.ject worms.

C|Net reports that a group of security researchers discovered that spyware makers are using a flaw in the way the multimedia software loads graphical themes, or skins, to infect PCs with their wares. The digital music player--made by America Online subsidiary Nullsoft, whose informal mascot is the llama--improperly allows the skin files to run programs.

Microsoft has released version 2.0 of the Windows XP Security Guide

The Microsoft Windows XP Security Guide provides several levels of security guidance for customers interested in hardening deployments of Windows XP for desktop and laptop clients in their environment.

Also, version 1.2 of the Antivirus Defense-in-Depth Guide is also available.

Symantec Corp. announced on Tuesday that it has discovered the first "proof of concept" virus targeting AMD’s 64-bit processors.
The virus is similar to the proof-of-concept Rugrat virus, named Shruggle. Like Rugrat, Shruggle does not spread from machine-to-machine, but infect only one system at a time, targeting 64-bit executable files.

The virus is written in AMD64 assembly code, said Symantec Analysts, meaning it will not be a threat to 32-bit versions of Windows.
"Shruggle is a fairly simple proof-of-concept virus," said Oliver Friedrichs, Senior Manager, Symantec Virus Response Team, "to show that the AMD platform is just as susceptible to attack as any other platform."

VCatch 5.0.21.2 is a new, free tool, developed to protect your computer from web viruses. Whether you use an Email application, Web based Email, ICQ, or one of the new file-sharing programs (Napster, Gnutella etc.),

AIM has a critical vulnerability that could allow attackers to compromise your computer and execute malicious code on it. The vulnerability is a buffer overflow within the handling of the "Away" messages which can be easily exploited. According to the Secuin.com advisory: "A malicious Web site can exploit this via the AIM URI handler by passing an overly long argument to the 'goaway?message' parameter," the advisory said. "Successful exploitation may allow execution of arbitrary code on a user's system when ? a malicious Web site is visited with certain browsers." Read more..

Microsoft has released an updated removal tool for the Mydoom, Zindos, and Doomjuice worms

This tool will help to remove the Mydoom.A, Mydoom.B, Mydoom.E, Mydoom.F, Mydoom.G, Mydoom.J, Mydoom.L, Mydoom.O, Zindos.A, Doomjuice.A, and Doomjuice.B worms from infected machines.

Microsoft has released revision 1.3 of the Windows Server 2003 Security Guide.

The 50 latest Virus/Trojan Removal tools from Symantec are listed. You should always update your antivirus program with the latest updates because almost every day new virus threats come and go. Great news for people who dont have any scanner installed, there are enough virus/trojan removal tools available to remove those nasty infected files. Tools available for: Klez virus, Bugbear virus, Sobig virus, Blaster virus, Sober virus, Mydoom virus and many many more! (Total of 50)

The Microsoft Windows security updates for July 2004 address newly discovered issues in Windows, including Microsoft Internet Explorer and Microsoft Outlook Express, both components of Windows. If you have any of the software listed on this page installed on your computer, you should visit the Windows Update Web site to install related updates.2 of them are critical. Visit Microsoft for more informations.

Thanks to Jim McMahon over at MajorGeeks.com for the heads up.

This may be of interest to your users. Basically it is a remover for The Home Search Random DLL Hijack. To our knowledge it is the only tool that will remove this particular p[parasite.

Security firms and Homeland Security within the U.S is warning everyone of a new large scale attack on the Internet that's currently under way. Security firms say that thousands of web sites have already been infected by a virus. If a user goes to a web site which has been infected, the user will become infected if running Internet Explorer. The virus takes advantage of an exploit in Internet Explorer, an exploit that Microsoft has yet to fix. Once a end-user has been infected with the virus, their computer will be used to send spam to millions of people. NetSec, one of the large security firms, said there are some well known sites already infected but they declined to name the affected Web sites for liability reasons but said they are "big, big sites." Read more

A new virus is out that affects only cell phones and is probably the first known mobile virus. According to Kaspersky Labs, an anti-virus firm, the new virus called "Cabir" infects cell phones running the Symbian Operating System. The new virus was written by 29a, a group of virus writers that specializes in proof-of-concept viruses. The virus spreads thru a wireless Bluetooth connection and attempts to find other phones with the Symbian operating system. Read More..

Messenger Plus Zone reports that on 6/11/04 at around 6:30PM Eastern Standard Time, Messenger Plus! Zone obtained a copy of a file ("SWMPplugin.exe") that is known as Backdoor.Prorat (Symantec). The trojan was circulated as a Messenger Plus! Plugin that add's new sounds, and after receiving this file it was processed and scanned and it is a dangerous backdoor. The Trojan can allow a hacker to gain complete control of your computer. The trojan HAS been reported to Patchou.

RealNetworks Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary code on a user's machine. While we have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem.

Security Update 2004-06-07 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

DiskImages LaunchServices Safari Terminal