MSRT March 2016 – Vonteera

As part of our ongoing effort to provide better malware protection, the March release of the Microsoft Malicious Software Removal Tool (MSRT) will include detections for Vonteera – a family of browser modifiers, and Fynloski – a family of backdoor trojans. In this blog, we’ll focus on the Vonteera family of browser modifiers. BrowserModifier:Win32/Vonteera We…

0

Microsoft partners with Interpol, industry to disrupt global malware attack affecting more than 770,000 PCs in past six months

‘Simda.AT’ designed to divert Internet traffic to disseminate other types of malware. Today Interpol and the Dutch National High Tech Crime Unit (DNHTCU) announced the disruption of Simda.AT, a significant malware threat affecting more than 770,000 computers in over 190 countries. The Simda.AT variant first appeared in 2012. It is a widely distributed malware that…

2

Our commitment to Microsoft antimalware

We are fully committed to protecting our consumer and business customers from malware. Our strong solutions provide the comprehensive defense needed against malicious code and attacks. Our support of antimalware partners helps in building a strong and diverse ecosystem to fight malware. Over the past year, we’ve continued to make investments in our protection technologies:…

3

A Technical Analysis on the Exploit for CVE-2011-2110 Adobe Flash Player Vulnerability

On June 14, Adobe released updates and a security bulletin (APSB11-18) referencing attacks affecting Adobe Flash Player (versions 10.3.181.23 and earlier). These attacks have been observed as hosted on webpages containing malformed SWF files. We spent some time analyzing this Flash Player vulnerability (described in CVE-2011-2110) and are providing some technical details of this in-the-wild…

0

re-BOOT This Year Clean

It is that time of the year again to start anew. In terms of personal computers, the act of restarting the machine is called a reboot – an action that triggers execution of code from a special part of the disk called the Master Boot Record (a.k.a. MBR). As the year 2010 ended, I looked…

0

MSRT January ‘11: Win32/Lethic

Win32/Lethic is a trojan that communicates with a remote server to distribute spam. Variants of Lethic install executable files with varied file names such as “shelldm.exe” or “xcllsx.exe”. The malware loads as a process when Windows starts. The trojan establishes a connection to remote servers using varied TCP ports, such as 1430, 8900, 8090 and…

0

A Peek at MSRT November Threat Reports

By continuing to include new variants of the existing threat families, the MSRT has removed malware from more than 1.5 million machines three days after its release on 10 November.  This month we’ve also added Win32/FakeVimes and Win32/PrivacyCenter to the MSRT detection and have removed these new rogues from more than 110,000 machines.  A lot…

0

What’s Another 32-bits to Malware?

The migration of PC computing from 32-bit to 64-bit is in full swing at last, and if you’ve been confused as to what it all means, you’re not alone.  PCs built for years now have been capable of running both 32-bit and 64-bit operating systems, but for that you need 64-bit version of Windows (and…

0

MSRT October Release – Case Study

As of October 21st, the MSRT has removed the newly added threat, Win32/FakeScanti from 56,700 infected machines. For this month, it was the 12th most prevalent threat family worldwide and 7th in the US. Overall the MSRT has cleaned 2,516,235 machines this month from all kinds of malware infections. We all know the threat landscape…

0

Microsoft Security Essentials – Week One

Now that Microsoft Security Essentials is generally available to consumers in 19 countries, we’ve had a chance to go over the data, and there are some very interesting results. Just in the first week we saw well over 1.5 million downloads of Microsoft Security Essentials, but the price (free to Windows users) is hard to beat!…

0