conficker
Latest
Microsoft to malware: your AutoRunning days on Windows are numbered
Beware, malware. The Windows AutoRun updates for Vista and XP SP3 that Microsoft released in February have so far proven successful in thwarting your file corrupting ways. Although Windows 7 was updated to disable AutoPlay within AutoRun for USB drives -- freezing the ability for a virus to exploit it -- the aforementioned versions had remained vulnerable up until right after January. Fast-forward to the period between February and May of this year, and the updates have reduced the number of incidents by 1.3 million compared to the three months prior for the supported Vista and XP builds. Amazingly, when stacked against May of last year, there was also a 68 percent decline in the amount of incidents reported across all builds of Windows using Microsoft's Malicious Software Remove Tool. There's another fancy graph after the break to help illustrate, and you'll find two more along with a full breakdown by hitting the source link down under.
Customer greeted with malware on Vodafone-issued HTC Magic (good thing it's discontinued)
Crapware's bad enough, but having your life torn asunder simply by plugging in that shiny new (insert USB-connected device here) is an exciting new trend -- viruses find their way into the darnedest places, don't they? It seems an employee at anti-malware firm Panda Research who'd ordered a new Magic off Vodafone UK's site was greeted with no fewer than three nefarious executables upon plugging the device into her PC: a bot client, a password stealer, and a Conficker variant, and running a network sniffer quickly confirmed that the virii were live and ready to do harm as soon as the autorun in the Magic's mounted mass storage was executed on her Windows machine. If this were a widespread issue, we'd certainly have heard about it in other places, so odds are good (as Panda points out) that this was simply a case of HTC or Vodafone doing an awful job of wiping a refurbished set -- but it gives you pause and kind of makes you wish you worked for an anti-malware firm, at least on days when you're plugging in a new phone for the first time. The silver lining, we suppose, is that Vodafone has recently discontinued the Magic, though that creates another problem: the only Android device it currently stocks now is the lowly Tattoo, so the X10 and Nexus One can't come soon enough.
