DP's Security Bits

At the same time, further testing confirms that a workaround issued by third parties and endorsed by Microsoft Corp. is effective in most regards, and in the most important circumstances, but not in all. Also, the workaround has side effects that could prove troublesome.

AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:

• Alwil Software (Avast)
• Softwin (BitDefender)
• ClamAV
• F-Secure Inc.
• Fortinet Inc.
• McAfee Inc.
• ESET (Nod32)
• Panda Software
• Sophos Plc
• Symantec Corp.
• Trend Micro Inc.
• VirusBuster

• 62 — eTrust-VET
• 62 — QuickHeal
• 61 — AntiVir
• 61 — Dr Web
• 61 — Kaspersky
• 60 — AVG
• 19 — Command
• 19 — F-Prot
• 11 — Ewido
•  7 — eSafe
•  7 — eTrust-INO
•  6 — Ikarus
•  6 — VBA32
•  0 — Norman

The record label has agreed to compensate buyers of CDs that contained the XCP and MediaMax DRM programs and to provide software utilities to allow consumers to uninstall both types of software from their computer.

CNet

• Use an Internet firewall. Firewalls help protect PC owners against attackers who might try to delete information from their computer, make their computer crash or even steal personal information. For a firewall to be effective it needs to be set up properly, such as the one included in Windows XP Service Pack 2.
• Run regular updates. To help protect against new threats, PC owners need to stay on top of security updates. One of the easiest ways to do this is to use Windows’ Automatic Update, which installs security updates so the PC owner doesn’t have to worry about them.
• Install and keep up to date an anti-virus program. Anti-virus programs help protect PCs from harmful programs that attach themselves to other programs or files to spread from computer to computer. But anti-virus programs need to be kept to up to date to help protect against new threats as they emerge.
• Use anti-spyware software. Spyware, as the name implies, can be used to spy on other PCs by collecting the owner’s personal information or changing the configuration of a computer without the owner’s consent. Spyware can significantly slow down the performance of a computer, make unwanted changes to important settings and be difficult to remove.

Visa USA acknowledged Saturday that a U.S. merchant "may have experienced a data security breach" that compromised credit card account information.

The statement came in response to a News.com inquiry related to customers whose Visa debit cards had been put on fraud watch or deactivated due to a security breach. The customers include a San Francisco Bay Area man whose Wells Fargo-issued card was deactivated this week and a couple in Ohio whose card was placed on a watch.

CNet

The company's Acrobat and Reader software products have been updated to give users a pop-up warning when a document that is tagged for tracking attempts to make a connection to a Web service.

Adobe Director of Security Solutions John Landwehr confirmed that the feature has been added to version 7.05 of the two products in order to offer "security and privacy" to PDF users.

eWeek

One day after private security researcher Alex Wheeler flagged the issue as a serious risk, Symantec issued an advisory of its own, confirming the vulnerability exists in 64 enterprise and consumer-facing products.

"Symantec is currently working to create and distribute product updates for all affected products," the company said in a note to customers.

Google has fixed a security flaw that had opened the door to phishing scams, account hijacks and other attacks, security researchers said Wednesday.

The flaw, known as a cross-site scripting vulnerability, existed because Google did not properly secure its mechanism for two error pages, according to Web security company Watchfire, which discovered the problem. Watchfire posted to a security mailing list an advisory on the issue.

Attackers could exploit the flaw to launch phishing scams or steal a user's credentials, said Ory Segal, director of security research at Watchfire. Phishing scams are designed to trick people into giving up sensitive information such as usernames, passwords, credit card details and Social Security numbers.

CNet

Don't open media files from sources you don't trust--it may lead to your computer being hacked, a security researcher has warned.

Tom Ferris, an independent security researcher, has provided more details on a security flaw in Apple Computer's popular iTunes and QuickTime software that could put systems running Windows and Mac OS X at risk of attack. He first disclosed the flaw in early December.

"The vulnerability allows an attacker to cause the program to crash and could allow the execution of arbitrary code," Ferris said. "The flaw exists in all current and earlier versions of iTunes and QuickTime."

CNet

The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file, according to a security advisory issued Tuesday by IMlogic.

People who click on the file will see an image of Santa, but what they are less likely to notice is a so-called rootkit being installed onto their system. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. The malicious attacker can then distribute messages to the user's IM contacts, using a similar technique to lure the unsuspecting acquaintance to click on the link.