CNET News posted a news story on Germany's new antihacking law

CNET News reports that AMD developing a patch for the security flaw in the Vista ATI driver

A free, easy-to-use and effective spyware remover providing real-time protection.

Remove all known AIM viruses with one consolidated removal tool.

Detect and quarantine/remove the malware found on your PC.

Microsoft published a desktop security guide for Internet Explorer 7

InfoWorld reports that Symantec has patched a critical flaw in the 2006 versions of Norton AntiVirus, Norton Internet Security, and Norton System Works.

News.com reports that Microsoft will release next week nine security patches

Update your Spybot S&D detections without the need for the included WebUpdate.

According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.

Macaulay, a software engineer, was able to hack into a MacBook through a zero-day security hole in Apple's Safari browser. The computer was one of two offered as a prize in the "PWN to Own" hack-a-Mac contest at the CanSecWest conference here.
The successful attack on the second and final day of the contest required a conference organizer to surf to a malicious Web site using Safari on the MacBook--a type of attack familiar to Windows users. CanSecWest organizers relaxed the rules Friday after nobody at the event had breached either of the Macs on the previous day. ZdNet has more.

Microsoft broke with its monthly patch cycle Tuesday to repair a bug in the way Windows handles animated cursors. Cybercrooks had been using the hole since last week to attack Windows PCs. But the fix is not compatible with software that runs audio and networking components from Realtek Semiconductor, some Windows users have found.
"Apparently the update is not compatible with Realtek," CNET News.com reader Dave House wrote in an e-mail. "We lost all Ethernet and audio functions. Removing the update and doing system restores brought the systems back." ZdNet has more.

A new worm was spammed out this weekend purporting to be a beta version of Microsoft's Internet Explorer 7 browser.
Emails with spoofed headers such as admin@microsoft.com contain a file that claims to be a beta version of the browser, despite the fact that the full code was released in October 2006. The 'ie7.0.exe' file contains the Grum-A worm. Vnunet has more.

Microsoft has decided to rush out a fix for a flaw in its Windows operating system, saying that the problem has become too serious to ignore.
The flaw, which will be patched on Tuesday, was originally disclosed to Microsoft in December, but it was not publicly reported until Wednesday of last week. The bug lies in the way Windows processes .ani Animated Cursor files, which are used to create cartoon-like cursors in Windows.
Since the first attacks based on this flaw were reported, security experts say that more than 100 Web sites are now serving up malicious Web pages that take advantage of the bug, and a new worm , has begun spreading in China, according to by Symantec Corp. InfoWorld has more.

Romanian hackers, eat your hearts out: The United States has far and away the most malicious code, spam, phishing, attack and botnetwork activity on the planet, according to Symantec's most recent semi-annual Internet Security Threat Report.
In this, its 11th edition of the report, Symantec has for the first time ranked countries as far as their Internet malfeasance is concerned. Tapping into its global intelligence network, Symantec found that the United States spawned 31 percent of the worldwide total for malicious activity. China came in second with 10 percent, and Germany came in third with 7 percent.... E-Week has more.

Security company Symantec says new research supports fears that Windows Vista's use of the IP tunneling protocol Teredo is potentially insecure. Microsoft is using Teredo to enable a transition from IPv4, which is the traditional version of the network layer protocol for packet-switched networks now used as the Internet's background, to IPv6, an updated protocol whose biggest benefit is the exponential increase it will bring in the number of IP addresses available for networked devices. ExtremeTech has more.

A vulnerability in the way OpenBSD handles IPv6 data packets exposes systems running the traditionally secure open-source operating system to serious attack. A memory corruption vulnerability error exists in the OpenBSD code that handles IPv6 packets, Core Security Technologies said in an alert published Tuesday. Exploiting the flaw could let an attacker commandeer a vulnerable system, according to Core, which said it discovered the issue and crafted sample exploit code. ZdNet Downunder has more.

Yahoo reports:A vulnerability in Microsoft Corp.'s Internet Explorer (IE) browser could help fraudsters make phishing Web sites appear legitimate, a security researcher reported Wednesday.
The flaw lies in the way IE7 processes a locally stored HTML (Hypertext Markup Language) error message page that is typically shown when the user cancels the loading of a Web page, said Aviv Raff, a security researcher based in Israel.

The megapatch is the seventh Apple security patch release in three months. It deals with vulnerabilities in Apple's own software, as well as third-party components such as Adobe Systems' Flash Player, OpenSSH and MySQL. Sixteen of the vulnerabilities addressed by the update were previously released as part of two high-profile bug-hunting campaigns. The vulnerabilities pose varying risks to Macs. Several of the flaws could be exploited to gain full control over a Mac running the vulnerable component, according to Apple's advisory. Other holes are limited and could only be exploited to crash a Mac or used by somebody who already has access to a machine to elevate privileges, for example. More at ZdNet

Researchers are fuzzy about the impact of a flaw discovered in Microsoft Windows Explorer, but US-CERT's advisory said there's exploit code out there for it.
At issue is Windows Explorer's failure to properly handle malformed Office documents. Although researchers aren't clear about the implications, the advisory said that it may allow an attacker to take over a system and execute arbitrary code. Crashing Windows Explorer is the least of the woes the flaw could cause, US-CERT says. EWeek has more.