particlestorm.net

Microsoft dropped a bomb shell on the security world today with its latest monthly security patch. This round of fixes includes a major flaw in the way Windows handles the JPEG graphics format. Most of the images you see in emails and on the Internet are JPEG files, commonly ending in “.jpg”. By just looking at an infected JPEG file this flaw can allow bad people to install viruses on your computer. That means, without the fix installed, by just opening an email with a picture or looking at a website you can become infected!

I highly recommend that everyone who is using Microsoft Windows go to http://windowsupdate.microsoft.com and install the fix. You should also go to http://office.microsoft.com/officeupdate/ to fix this problem in Microsoft Office products.

The good news is that there isn’t a virus that takes advantage of this latest problem with Windows and other Microsoft products. But, if the past is any indication, there will be viruses released in the next month that will spread using this security problem. So, every Windows user needs to install the updates before it is too late.

Here is a good article from CNet: Click Here

Here is the link to Microsoft’s security bulletin: Click Here

There is a new security threat on the loose in the Net. There is a file floating around in emails and on news groups that says it is a picture of Osama Bin Laden committing suicide. But it really is a Trojan horse called Hackarmy, also known as Hacarmy, that will infect your Windows computer when you try to look at the file. Click here for a link to a news article about the new virus and click here for a more technical writeup of the Trojan horse from SARC. So, no matter how curious you are, do not open any files that are claiming to be pictures of Bin Laden killing himself.

There is another computer virus in the wild that is causing lots of problems. This latest virus, called Evaman, is clogging the mail servers of Hotmail and Yahoo. The virus can infect all versions of Windows via the email it sends out. The email will arrive with one of the following subject lines:

Delivery Status (Failure)
failed transaction
failure delivery
mail failure
returned mail
server error

The attachment to the email is the virus so do not open it! More technical information about the virus can be found on Symantec’s Security Response page.

Sometimes I feel really sorry for people who use Internet Explorer. Besides being technologically inferior to other browsers, such as Mozilla and Opera, it is filled with security holes. Techworld.com broke a story today about a new security hole in Internet Explorer that has no fix. You can read that story by clicking here. This problem is really bad because by just clicking on a link an attacker can install files on your computer and gain complete control of it. I expect a new round of worms to come out of this, because Internet Explorer is also used to render email under Outlook Express. Did I mention there is no fix for this security problem? All a web browser should ever do is render web pages on the screen… it has no business running programs. Why does Microsoft build stuff into their programs that just opens them up to later security issues? I recommend everyone switch to Netscape, Mozilla, or Opera and stop using Internet Explorer and Outlook Express.