RealNetworks warns of media player security flaws - Computerworld

If you use the RealPlayer media software, go to this page and download an update to patch some serious holes in the software. You need to know which version of Real Player you currently have installed. To find this out, open RealPlayer and select About Real Player from the Help menu. Note that this page is for older versions of Real Player.

If you use the new Real Player 10, you can download an update right from Real's home page. I recommend the basic player - it has a lot fewer annoying pop up ads and other marketing noise.

These kind of back doors can allow a bad guy to steal files from you or remotely control your PC!

FEBRUARY 06, 2004

RealNetworks Inc.'s media player software contains vulnerabilities that could let an attacker take control of a PC on which the software is used to download multimedia files, the company confirmed this week.

Corrupt files posing as normal music and video files could allow an attacker to gain control of the downloader's computer, although RealNetworks stressed in a statement that, as far as it is aware, this has not yet happened.
There are three vulnerabilities: Files could be created that will open on the user's browser a Web site from which remote JavaScript can be operated; files could be created that let an attacker download and use his code on a user's machine; or media files could be created that will create buffer overrun errors.

The problems have been fixed, and RealNetworks advised users to download updates from its Web site.

The affected applications are RealOne Player, RealOne Player Version 2 for Windows only (all languages), RealOne Player 8, RealPlayer 10 Beta (English only) and RealOne Enterprise Desktop or RealPlayer Enterprise (all versions, stand-alone and as configured by the RealOne Desktop Manager or RealPlayer Enterprise Manager).

Microsoft offers a free tool to remove Mydoom

If your PC uses Windows 2000 or Windows XP, Microsoft has a free detection and removal tool. If you've received suspicious e-mail messages with ZIP files attached or have not been keeping your antivirus up to date, download this tool and make sure your PC is free of this nasty virus.

What You Should Know About the Mydoom Worm Variants: Mydoom.A and Mydoom.B:
Automatically Check For and Remove Mydoom Infection
If you are using Microsoft Windows 2000 or Windows XP, you can use our Mydoom (A,B) Worm Removal Tool to easily help detect and remove the Mydoom.A and Mydoom.B worms. To do so, go to the MyDoom (A,B) Worm Removal Tool for Windows XP and Windows 2000 in the Download Center, and then follow the instructions for using the tool.

Watch out - misleading Google ads for spyware removal tools

Patrick Kolla, author of Spybot Search & Destroy (a highly recommended tool for deleting malware) is having a problem with unscrupulous advertisers on Google using his trademark. It appears that these adverisers actually provide software that installs spyware on your machine which they then charge you to remove!

News - The home of Spybot-S&D!

Big fake warning

For the past two weeks, I got massive complaints from people who saw recommendations for Spybot-S&D on some TV show or heard about it on TV, and tried to go for it through the TV/radios website. Somehow, a bad link to Spybot-S&D is on its way and leading people to think that SpyHunter or SpyKiller would be the recommended Spybot-S&D. People downloading these two are forced to pay to remove spyware, and in the case of SpyKiller are even directed to us for support!

So my warning: please double-check what you've got before you pay anything!

Also, if you were mislead to SpyHunter or SpyKiller through Google AdWords, please contact Google. Google promised me some weeks ago they wouldn't do any more advertisement on my trademarked name "spybot", but I again receive complaints that they do, and this struggle with Google is going on for 4 months now.

Spyware Warrior: Rogue Anti-spyware Programs

Just found a terrific site all about Spyware tools. Here's a list of programs you should not use. They pretend to be spyware removal tools but in fact infect your machine with spyware!

Spyware Warrior: Rogue Anti-spyware Programs Part 3: "Rogue Anti-spyware Programs Part 3

I mentioned some of these before, but this is a more inclusive list.
Spy Wiper
AdWare Remover Gold
BPS Spyware Remover
Online PC-Fix SpyFerret
SpyBan
SpyBlast
SpyGone
SpyHunter
SpyKiller
SpyKiller Pro
SpywareNuker
TZ Spyware-Adware Remover
xp-AntiSpy
SpyAssault
InternetAntiSpy
Virtual Bouncer
AdProtector
SpyFerret
SpyGone
SpyAssault
Sources: Doxdesk.com: parasite, Tom Coyote Forums, Spywareinfo.com forums, safernetworking.org, home of Spybot Search & Destroy

SpywareBlaster - Prevent spyware from ever being installed!

Here's a terrific new addition to your spyware prevention toolkit. This program is easy to install and use, provides protection against a lot of nasty spyware, and doesn't need to be running all the time to protect you. SpywareBlaster is "donation-ware". If you find it useful, the author requests a small donation.

SpywareBlaster can prevent the installation of any spyware ActiveX controls from a webpage. It does this while not interfering with 'friendly' ActiveX controls - so your browser can work correctly and you can have peace of mind!

You won't get any more annoying 'Yes/No' boxes popped up, asking you to install a spyware ActiveX control (which can increasingly be found in pop-up ads!). In fact, Internet Explorer will never even download or run the spyware ActiveX control!

In addition, SpywareBlaster can prevent many of these spyware ActiveX controls from running, even if they are already installed on your system.

The newest SpywareBlaster version can even block spyware/tracking cookies! And SpywareBlaster does not need to be running in the background to provide this protection!

The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!)

SpywareBlaster also provides the exclusive System Snapshot! - Take a snapshot of your computer in its clean state, and use System Snapshot later to revert many changes made by spyware and browser hijackers!

Dutch Police Arrest 52 in E-Mail Scam

January 30, 2004
By Douglas Heingartner, Associated Press Writer

AMSTERDAM, Netherlands (AP) Dutch police have arrested 52 people suspected of defrauding gullible Internet users in one of the largest busts of the infamous 'Nigerian e-mail' scam.

Also known as an 'advance fee' or '419' scheme, the scammers sent spam e-mails asking for help in transferring a large sum of money out of a politically or economically troubled country, in exchange for a generous percentage.
Robert Meulenbroek, spokesman for the Amsterdam prosecutor's office, said the ring broken this week had reaped millions of euros (dollars). Recent victims included people from the United States, Japan, England, Russia, Sweden and Switzerland.

A task force of 80 officers raided 23 apartments, seizing computers, fake passports and euro50,000 ($62,000) in cash. One suspect was injured attempting to escape by leaping from a third-floor apartment, he said.
The detainees were not identified under Dutch privacy rules, but most were believed to be Nigerian, police said.
In a variation on one of the world's oldest scams, the Nigerian e-mail con presents himself as a well-connected person who needs access to a Western bank account to transfer a large sum of money that cannot be spent in his own country.

Yes, it's a scam. Rule #1: If it sounds to good to be true, it is.

Esther Dyson in the New York Times

Esther Dyson weighs in on the idea that we can take responsibility for our own security. Of course I agree. That's what the Invisible PC Project is all about.

The idea is simple: People on the Internet should be accountable to one another, and they are free to decide whom to interact with. The goal is not a free-for-all, anarchic Net, but one where good behavior is fostered effectively -- and locally.

In the real world, good behavior is fostered by a combination of government regulations and society standards. But the Internet is no longer the community it once was. It has become too large for people to really know one another.

The solution is not necessarily more government, but rather more visibility of the kind we used to have: People need to know one another, and they need to be able to decide whom they want to know. (The new social networking tools are one manifestation of this desire, but we also need to be able to communicate safely with people we may not consider friends or business partners, but whom we wouldn't shy away from on the street.)

The default anonymity of the Internet makes it easy for individuals to do bad things -- send spam, invade people's privacy and send data around the Net, launch viruses and other attacks. And that same anonymity makes it hard to enforce laws against those actions, even as it preserves our freedom.

But the Internet's technology also makes it easier for individuals to protect themselves: They can take their safety and privacy into their own hands with tools such as firewalls and spam blockers. And, of course, on the Internet, it's easier for people to get up and move to a virtual neighborhood that they like better.

Read the whole essay.
It's a good argument for taking responsibility for making the Internet the kind of neighborhood we want it to be.

eWeek: Microsoft Patches Serious IE Flaw

By Dennis Fisher
February 2, 2004

Microsoft Corp. on Monday finally released a patch for a dangerous vulnerability that lets attackers trick Internet users into visiting malicious sites. The flaw has been public knowledge for some time, but Microsoft failed to include a fix for it with January's scheduled patch releases.

Run Windows Update and get this patch. You can either choose Windows Update from your Start Menu or from the Tools menu in Internet Explorer. Protect yourself from bad guys "phishing" for your credit card information!

Your first line of defense is... you!

This came in the Lavasoft (Ad-Aware) newsletter, The Eye, this morning:

Let's start with a very simple question: In your defenses, such as antivirus software, antitrojan software, firewall software, and etc., which do you consider your first line of defense? Antivirus software is a good first line of defense in that when possibly malicious code enters the system, the antivirus program can stop it dead in its tracks and prevent it from spreading. The antitrojan software has the same effect. And your firewall prevents malicious users from gaining unauthorized access to your system.

But, after this last worm spread, and I looked around various online forums, I noticed something was missing. A very big piece of the puzzle. The one piece that has the largest influence on preventing things like viruses and worms from entering the computer and doing anything in the first place.

So what was your answer to the question? If you didn't say the first line of defense was you, the user of the computer, it's time to rethink your security strategy.

Users hold the largest chance of keeping malicious code like viruses and worms off their systems by one extremely easy method, and many fail to exercise it. Instead, they rely on their antivirus program to catch anything suspicious. The method only takes a few seconds to do, and it can prove wonders in preventing system infection and preventing the spread of such items. If you receive something in your email, whether it's from someone you know or someone you don't, and it contains an attachment, and it looks suspicious in any way, your very next step should be to click Delete.

You can read the entire article and subscribe to The Eye here.

IT Losing Ground in Virus Battle

February 2, 2004
By Dennis Fisher

After years of success deploying more effective and smarter defenses, anti-virus researchers contacted last week in the wake of the MyDoom outbreak acknowledged for one of the first times that the battle may be getting away from them.

The MyDoom virus, which hit Jan. 26 and infected several-hundred-thousand machines, is the fastest-spreading virus in the history of the Internet, experts said. At its peak late last week, MyDoom had infected one in every 12 pieces of e-mail, according to MessageLabs Inc., a New York-based e-mail security company. MyDoom also is the latest in a line of recent viruses that, while not particularly innovative, have been maddeningly effective."

You can keep yourself safe but you must remain vigilant Install antivirus software on your machine. Keep its virus definitions up to date. Use a firewall. See the Invisible PC website for suggested free tools to make your PC invisible and protect yourself from Net vermin.