Fake Security Software All Up

In a recent blog posted on 18th November we talked about the significant threat that AV rogues had posed for our users this year.  Besides the prevalent rogues covered by the MSRT, the following is a longer list of AV rogues detected by Microsoft AV products such as Microsoft Security Essentials, Forefront Client Security, etc….


Do and don’ts for p@$$w0rd$

Almost a year ago, we started a project designed to monitor incoming attacks against a normal user on a day-to-day basis. We presented you with details about the geographical area from where the attacks originated and what services were targeted, and we gave you just a hint about FTP dictionary-based attacks. Now we’re going into…


A Peek at MSRT November Threat Reports

By continuing to include new variants of the existing threat families, the MSRT has removed malware from more than 1.5 million machines three days after its release on 10 November.  This month we’ve also added Win32/FakeVimes and Win32/PrivacyCenter to the MSRT detection and have removed these new rogues from more than 110,000 machines.  A lot…


What’s Another 32-bits to Malware?

The migration of PC computing from 32-bit to 64-bit is in full swing at last, and if you’ve been confused as to what it all means, you’re not alone.  PCs built for years now have been capable of running both 32-bit and 64-bit operating systems, but for that you need 64-bit version of Windows (and…


Plays Well With Others

Just over a week ago the Microsoft Malware Protection Center released the seventh edition of our Security Intelligence Report covering the first half of 2009.  Like all of our previous reports we have distilled information and insight from the wide array of telemetry we have available to us. New to this edition, however, is the inclusion…


Rogues FakeVimes and PrivacyCenter added to MSRT

This month we’ve added two more rogue families to the Malicious Software Removal Tool (MSRT) – Win32/FakeVimes and Win32/PrivacyCenter. Both have been around since early 2009, but have become more prevalent in the last few months. Win32/FakeVimes has gone through a lot of different names, usually with two or three active at any given time….


Greetings from Tokyo…

This year at the PacSec conference, I will present a Microsoft view of the threat landscape during the first six months in 2009. It will be based on telemetry data published in the latest Security Intelligence Report (SIR) published on Nov 2nd, 2009. You can find agenda of the conference at http://pacsec.jp/agenda.html From data gathered…


The Low-Down on Daonol

A relatively new trojan has been making the rounds and causing some problems, particularly on Windows XP systems. Trojan:Win32/Daonol is malware which hooks various system calls in order to steal credential information and redirect some Web traffic. It also protects itself by keeping some security-related software from running. Several recent versions of this malware are…


Security Intelligence Report v7 is Now Available

Twice a year we put together a report detailing trends that we see which are threat related in the computer security environment.  Today we have released our seventh report which you can find at www.microsoft.com/sir. I’m very excited about this report. We, the MMPC, and our partners in the Microsoft Security Engineering Center, Bing, Windows…