Category: Trojan


Symantec says hackers stole source code in 2006

Filed under: Applications, Computers, Cybersecurity, Internet, PC, RootKit, Security, Software, Trojan, Virus by Ryan Boese — 1 Comment
January 18, 2012

Symantec Corp said a 2006 breach led to the theft of the source code to its flagship Norton security software, reversing its previous position that it had not been hacked.

The world’s biggest maker of security software had previously said that hackers stole the code from a third party, but corrected that statement on Tuesday after an investigation found that Symantec’s own networks had been infiltrated.

The unknown hackers obtained the source code, or blueprint for its software, to Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, Symantec spokesman Cris Paden said.

Last week, the hackers released the code to a 2006 version of Norton Utilities and have said they planned to release code to its antivirus software on Tuesday. It was not clear why the source code was being released six years after the theft.

Source code includes instructions written in computer programming languages as well as comments that engineers share to explain the design of their software. For example, a file released last week from the source code of a 2006 version of Norton Utilities included a comment that said “Make all changes in local entry, so we don’t screw up the real entry if we back up early.”

Companies typically heavily guard their source code, which is considered the crown jewels of most software makers. At some companies access is granted on an as-needed basis, with programmers allowed to view code only if it is related to the tasks they are assigned.

The reason for all the secrecy is that companies fear rivals could use the code to figure out the “secret sauce” behind their technology and that hackers could use it to plan attacks.

Paden said that the 2006 attack presented no threat to customers using the most recent versions of Symantec’s software.

“They are protected against any type of cyber attack that might materialize as a result of this code,” he said.

Yet Laura DiDio, an analyst with ITIC who helps companies evaluate security software, said that Symantec’s customers should be concerned about the potential for hackers to use the stolen source code to figure out how to defeat some of the protections in Symantec’s software.

“What we are seeing from Symantec is ‘Let’s put the best public face on this,’” she said. “Unless Symantec wrote all new code from scratch, there are going to be elements of source code in there that are still relevant today.”

Symantec said earlier this month that its own network had not been breached when the source code was taken. But Paden said on Tuesday that an investigation into the matter had revealed that the company’s networks had indeed been compromised.

“We really had to dig way back to find out that this was actually part of a source code theft,” he said. “We are still investigating exactly how it was stolen.”

Paden also said that customers of pcAnywhere, a program that facilitates remote access of PCs, may face “a slightly increased security risk” as a result of the exposure.

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information.”

Ryan: This is one of the reasons I had been telling people for years not to use Symantec programs. I knew they had been hacked because Viruses had been disabling out Norton on machines I had been fixing and I was seeing a big trend with this.

Source: Reuters / Yahoo! News

Tags: , , , , , , , , , , , , ,
Comment

Smartphone scams: Owners warned over malware apps

Filed under: Android, Applications, Cybersecurity, Droid, Exploit, Hackers, Internet, Malware, Mobile, Trojan, WiFi by Ryan Boese — Leave a comment
November 6, 2011

Get Safe Online says that there has been an increase in smartphone malware as the market has grown.

Criminals are typically creating Trojan copies of reputable apps and tricking users into installing them.

Once on the phone, the app can secretly generate cash for criminals through premium rate text messages.

Get Safe Online, a joint initiative between the government, police and industry, said it was concerned that users of smartphones, such as Android devices, were not taking steps to protect their devices.

Get Safe Online said fraudsters are designing apps which generate cash secretly in the background without the owner realising until their monthly bill.

A typical scam involves an app designed to send texts to premium rate services without the user knowing.

Apps can appear to be bona fide software or sometimes masquerade as stripped down free versions of well-known games.

Rik Ferguson, a hacking researcher with internet security firm Trend Micro, said: “This type of malware is capable of sending a steady stream of text messages to premium rate numbers – in some instances we’ve seen one being sent every minute.

“With costs of up to £6 per message, this can be extremely lucrative. The user won’t know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device’s back-end infrastructure.”

Online banking

Another major security firm, Symantec, recently warned in its annual threat assessment that Android phones were at risk and that it had found at least six varieties of malicious software.

Minister for Cyber Security Francis Maude said: “More and more people are using their smartphone to transmit personal and financial information over the internet, whether it’s for online banking, shopping or social networking.

“Research from Get Safe Online shows that 17% of smartphone users now use their phone for money matters and this doesn’t escape the notice of criminals.”

Tony Neate, head of Get Safe Online, urged people to check their phone’s security.

“Mobile phones are very personal. I have talked to people who are never more than a yard away from their mobile phone. Because of that attachment, they start to think that they are in a way invincible.

“It’s the end user that picks up the tab – it’s your phone that incurs the costs. Whether you have pay-as-you-go or a monthly account, that money is going to come from the account and go to the criminal.”

Source: BBC News

Tags: , , , , , , , ,
Comment

Researcher Says That 8% of Android Apps Are Leaking Private Information

Filed under: Android, Applications, Droid, Google, Malware, Technology, Telecom, Trojan, Virus by Ryan Boese — Leave a comment
July 21, 2011

Android has had its fair share of malware problems. Whenever malware are detected, Google reacts swiftly and remove them. However, according to security researcher Neil Daswani, around 8% of the apps on the Android market are leaking private user data.

Neil Daswani, who is also the CTO of security firm Dasient, says that they have studied around 10,000 Android apps and have found that 800 of them are leaking private information of the user to an unauthorized server. Neil Daswani is scheduled to present the full findings at the Black Hat Conference in Las Vegas which starts on July 30th.

The Dasient researchers also found out that 11 of the apps they have examined are sending unwanted SMS messages.

Google needs to take charge

This malware problem on Android has become too much. One of the main reason that we see malicious apps in the market is because of the lack of regulation in the apps that get into the Android Market.

Sure, the lack of regulation can be good. It means that developers can make their apps without worrying if Google will accept their apps or not. It fits into the pre-existing application distribution model where anyone can develop and publish their own apps.

However, this comes at a price – the malware problem. Yes, most of the problems with these malicious apps can be avoided if only users read the permission requirements of the apps. But, what percentage of the users actually read the permission requirements of all the apps they download?

I think that it is time that Google make approval of the apps a requirement before it gets into the Market. They do not need to do it like Apple, but a basic security check before an app gets on the market will be nice.

If nothing is done about and this problem is allowed to grow, it will end up killing the platform.

Ryan:  I’ve been using Lookout Mobile Security on Android OS for awhile now and it appears to be working great. You can find it here.

Source: Digitizor

 

Tags: , , , , , , , , ,
Comment

Where Have All the Spambots Gone?

Filed under: Computers, Cybersecurity, Exploit, Hackers, Internet, RootKit, Security, Technology, Trojan by Ryan Boese — Leave a comment
July 3, 2011

First, the good news:  The past year has witnessed the decimation of spam volume, the arrests of several key hackers, and the high-profile takedowns of some of the Web’s most notorious botnets. The bad news? The crooks behind these huge crime machines are fighting back — devising new approaches designed to resist even the most energetic takedown efforts.

The volume of junk email flooding inboxes each day is way down from a year ago, as much as a 90 percent decrease according to some estimates. Symantec reports that spam volumes hit their high mark in July 2010, when junk email purveyors were blasting in excess of 225 billion spam messages per day. The company says daily spam volumes now hover between 25 and 50 billion missives daily. Anti-spam experts from Cisco Systems are tracking a similarly precipitous decline, from 300 billion per day in June 2010 to just 40 billion in June 2011.

There may be many reasons for the drop in junk email volumes, but it would be a mistake to downplay efforts by law enforcement officials and security experts.  In the past year, authorities have taken down some of the biggest botnets and apprehended several top botmasters. Most recently, the FBI worked with dozens of ISPs to kneecap the Coreflood botnet. In April, Microsoft launched an apparently successful sneak attack against Rustock, a botnet once responsible for sending 40 percent of all junk email.

In December 2010, the FBI arrested a Russian accused of running the Mega-D botnet. In October 2010, authorities in the Netherlands arrested the alleged creator of the Bredolab botnet and dismantled huge chunks of the botnet. A month earlier, Spamit.com, one of the biggest spammer affiliate programs ever created, was shut down when its creator, Igor Gusev, was named the world’s number one spammer and went into hiding. In August 2010, researchers clobbered the Pushdo botnet, causing spam from that botnet to slow to a trickle.

But botmasters are not idly standing by while their industry is dismantled. Analysts from Kaspersky Lab this week published research on a new version of the TDSS malware (a.k.a. TDL), a sophisticated malicious code family that includes a powerful rootkit component that compromises PCs below the operating system level, making it extremely challenging to detect and remove. The latest version of TDSS — dubbed TDL-4 has already infected 4.5 million PCs; it uses a custom encryption scheme that makes it difficult for security experts to analyze traffic between hijacked PCs and botnet controllers. TDL-4 control networks also send out instructions to infected PCs using a peer-to-peer network that includes multiple failsafe mechanisms.

Getting infected with TDL-4 may not be such a raw deal if your computer is already heavily infected with other malware: According to Kaspersky, the bot will remove threats like the ZeuS Trojan and 20 other malicious bot programs from host PCs.  “TDSS scans the registry, searches for specific file names, blacklists the addresses of the command and control centers of other botnets and prevents victim machines from contacting them,” wrote Kaspersky analysts Sergey Golovanov and Igor Soumenkov.

The evolution of the TLd-4 bot is part of the cat-and-mouse game played by miscreants and those who seek to thwart their efforts. But law enforcement agencies and security experts also are evolving by sharing more information and working in concert, said Alex Lanstein, a senior security researcher at FireEye, a company that has played a key role in several coordinated botnet takedowns in the past two years.

“Takedowns can have an effect of temporarily providing relief from general badness, be it click fraud, spam, or credential theft, but lasting takedowns can only be achieved by putting criminals in silver bracelets,” Lanstein said. “The Mega-D takedown, for example, was accomplished through trust relationships with registrars, but the lasting takedown was accomplished by arresting the alleged author, who is awaiting trial. In the interim, security companies are getting better and better about working with law enforcement, which is what happened with Rustock.”

Attacking the botnet infrastructure and pursuing botmasters are crucial components of any anti-cybercrime strategy: TDSS, for example, is believed to be tied to affiliate programs that pay hackers to distribute malware.

Unfortunately, not many security experts or law enforcement agencies say they are focusing attention on another major weapon in battling e-crime: Targeting the financial instruments used by these criminal organizations.

Some of the best research on the financial side of the cybercrime underworld is coming from academia, and there are signs that researchers are beginning to share information about individuals and financial institutions that are facilitating the frauds. Recent studies of the pay-per-install, rogue anti-virus and online pharmacy industries reveal a broad overlap of banks and processors that have staked a claim in the market for handling these high-risk transactions. Earlier this week I published data suggesting that the market for rogue pharmaceuticals could be squashed if banks and credit card companies paid closer attention to transactions destined for a handful of credit and debit card processors. Next week, I will publish the first in a series of blog posts that look at the connections between the financial instruments used by rogue Internet pharmacies and those of the affiliate networks that push rogue anti-virus or “scareware.”

Source: Krebs on Security

Tags: , , , , , , , , ,
Comment

Fake Anti-Virus Software Targets Firefox Users

Filed under: Exploit, FireFox, Internet, Malware, Trojan, Virus by Ryan Boese — 1 Comment
June 14, 2011

One of the most malicious types of Malware out there is the Fake Anti-Virus. These malware programs get onto your machine, post as anti-virus software, warn you that your computer is full of viruses and needs to be cleaned. Of course, it’s cleaned by entering your credit card number to buy the “anti-virus program.” Most people aren’t fooled by these programs, but they’re nasty anyway since they often make it difficult to access your real anti-malware programs.

Well, if you use Firefox on a Windows PC to surf the web, be warned. There’s a new species of Fake Anti-Virus malware targeting Firefox users. Sophos reports that it directs you to a screen that looks exactly like Windows Update — except that when you click the button to update your computer, you get a nice, tasty dose of malware instead.

The page is nearly an exact replica of the real Microsoft Update page with one major exception… It only comes up when surfing from Firefox on Windows. The real Microsoft Update requires Internet Explorer.

The same site was also hosting the traditional Windows XP explorer scanner we have seen for years, as well as a new Windows 7 scanner.

Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional.

They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience.

As always when surfing the web, if something pops up, always be leery. And always verify what site you’re downloading any file from. Especially if you didn’t initiate the download.

Source: Forbes

Tags: , , , ,
Comment

Fake security software takes aim at Mac users

Filed under: Apple, Mac, Macbook, Malware, Trojan, Virus by Ryan Boese — 1 Comment
May 2, 2011

Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said today.

A security firm that specializes in Mac software called the move “a very big step forward” for malware makers targeting Apple’s users.

Phony antivirus software, dubbed “rogueware” by security experts, has long plagued people running Microsoft Windows, but this is the first time scammers have targeted the Mac with a sophisticated, professional-looking security application, said Peter James, a spokesman for Intego, a Mac-only antivirus company headquartered in France.

“This is indeed a very big step forward for Mac malware,” said James.

The program, dubbed MAC Defender, is similar to existing “rogueware,” the term for bogus security software that claims a personal computer is heavily infected with malware. Once installed, such software nags users with pervasive pop-ups and fake alerts until they fork over a fee to purchase the worthless program.

Until now, rogueware has been exclusively targeting Windows PCs.

That’s changed, according to Kurt Baumgartner, a senior malware researcher with Moscow-based Kaspersky Lab, who today said that one group distributing MAC Defender has also been actively spreading Windows rogueware.

“They have been revving up for this for months,” said Baumgartner of the work to prep MAC Defender.

Last month, Baumgartner had reported that “.co.cc” domains — which are often used to spread malware and host attack code-infected Web sites — had begun to host fake security sites and deliver the “Best AntiVirus 2011″ rogueware.

During his early-April sweep through the .co.cc domains, Baumgartner found a URL explicitly aimed at Macs: “antispyware-macbook(dot)co(dot)cc”.

“It is very odd that this group is marketing ‘Fast Windows Antivirus 2011′ from ‘macbook’ domains,” Baumgartner said at the time in a blog post.

Today, Baumgartner said that a group using .co.cc domains was serving up fake security software for Macs as part of a broader campaign to trick Windows users into downloading and installing phony programs.

That campaign is currently exploiting the hot news topic of Bin Laden’s death to get people to click on links that redirect their browsers to the rogueware downloads. The scammers have used “black hat” SEO (search engine optimization) tactics to push links to rogueware higher on Google Images’ search results.

But that’s not the only way Mac owners have been duped into installing MAC Defender.

On Saturday — the day before President Obama announced the killing of Bin Laden — messages from infected users began appearing on Apple’s support forums.

“What is macdefender and why is it trying to install itself on my computer?” asked someone identified as “wamabahama” on April 30.

“FYI, my daughter said the program started after clicking on a ‘hair style photo,’” added “Mr. Fix It Home Services” on the same support thread. Others reported stumbling upon MAC Defender after searching for images of prom tuxedos or for pictures of a character in the movie “Princess Bride.”

On Monday, Intego published a detailed advisory about MAC Defender, noting that that it was “very well designed, and looks professional.”

Intego spotted MAC Defender and acquired samples on Saturday, said James, who pointed out that users must enter their administrative password to install the program. “So there’s still a social engineering angle here,” he said.

In fact, users see a generic Windows-oriented page when they first click a link to the rogueware. “They’re not even getting a Mac-specific page,” James said.

But unless users have Safari set not to automatically open files after downloading, MAC Defender’s installation screen opens without any user action. That’s been enough to con some into approving the install by typing their administrative password.

The program also relies on an unusual technique to make users pay up.

“Every few minutes, it opens a porn page in the browser,” said James of MAC Defender. “We think they’re doing this because most people will assume that that means they’ve got a virus on their Mac, and they need to get rid of it by paying for the program.”

MAC Defender demands $60-$80, depending on whether users select a one-year, two-year or lifetime “license.”

Ironically, there are only eight to 10 serial numbers that MAC Defender accepts, said James, and those are tucked into the binary file — unencrypted — where advanced users may be able to root them out.

James also called out the MAC Defender’s look and feel as an indicator that the criminals are serious about reaping profits from Mac users. “This was done by a very sophisticated Mac interface developer,” James said. “It’s an obvious sign that [scammers] are starting to target Macs. Earlier [scams], such as 2008′s MacSweeper just didn’t bother trying to look professional.”

Intego spotted MacSweeper, a fake Macintosh system cleaning program, in January 2008.

MAC Defender has also created some collateral damage: The rogueware uses the same name as a legitimate German company that develops Mac software.

“A new malware application named MAC Defender (MacDefender.app) for OS X surfaced a few days ago,” warned the MacDefender site. “If you see an application/installer named like this DO NOT DOWNLOAD/INSTALL it. I would never release an application named like this.”

The rogueware’s name choice was probably a twist on “PC Defender” and “Windows Defender,” phrases used in the titles of numerous Windows-based fake AV programs, said James.

Mac users running Safari can prevent MAC Defender from automatically opening after it downloads by unchecking the box marked “Open ‘safe’ files after downloading” at the bottom of the General tab in the browser’s Preferences screen.

Source: ComputerWorld

Tags: , , , , ,
Comment

‘Most Sophisticated’ Android Trojan Surfaces in China

Filed under: Android, Malware, Mobile, Trojan, Virus, Wireless by Ryan Boese — Leave a comment
December 30, 2010

Geinimi, a highly sophisticated Trojan, has been detected in Android devices in China.

However, it appears to be more of a sign of things to come rather than a serious threat to U.S. Android users.

Dubbed Geinimi (a scrambulation of Gemini) by Lookout Mobile Security, a startup based in San Francisco, the botnet-like Trojan sends location information, device identity and even stored contacts to an unknown server.

According to Lookout co-founder Kevin MaHaffe, the most significant feature of Geinimi is its sophisticated command-and-control mechanism.

“A server can tell the Trojan what it can do, which makes it more advanced than other Android malware we’ve seen,” he said. ”

The mobile Trojan has been found in apps infected and repackaged to look like legitimate apps, and uploaded onto Chinese third-party app stores. Infections have been found in games like “Monkey Jump 2,” “Sex Positions,” “President vs. Aliens,” “City Defense,” and “Baseball Superstars 2010.”

GetJar and Android Marketplace have not reported any cases yet.

One quick and dirty method for detecting mobile Trojans, MaHaffe says, is to learn an app’s permissions and compare them to what the downloaded app is actually asking for. For instance, if the app’s description only lists requests for age and gender, a red flag should go up if your downloaded app suddenly asks for your home address, too.

Although the Geimini Trojan has yet to land in the U.S., MaHaffe warns smartphone users not to get lazy about protecting their phones as mobile malware becomes increasingly sophisticated.

“Attackers are still figuring it out on the mobile landscape,” he said. “There’s a lot of sophistication for PC malware, but smartphone users need to start protecting their phones as they do their computers.”

For starters, MaHaffe advises people to use the same level of discernment towards smartphone downloads as they would with PC downloads.

“People probably wouldn’t download software from nefarious Web sites,” he said. “Same thing with mobile apps—be careful where you download mobile apps from. Look at developer ratings, user reviews of the app.”

Source: PC Magazine

Tags: , , ,
Comment

Security alert: New Trojan Horse apps said to attack the Mac

Filed under: Apple, Exploit, Mac, Trojan by Ryan Boese — 2 Comments
October 27, 2010

Some security mavens have long theorized that as the Mac becomes more popular, we’d start to see malware that would start targeting the platform. Sure enough, this morning’s crop of email blasts from PR firms included a few notices of trojans that are affecting Mac users.

First, from SecureMac, comes word of trojan.osx.boonana.a, which comes disguised as a link on social networking sites asking “Is this you in this video?” Clicking the link downloads and runs a Java applet that then installs further applications to modify system files and open the system to password-free access. The other malicious apps report back to command and control servers, as well as hijack user accounts to spread the trojan through email spam.

The SecureMac press release notes that the “Java component of the trojan horse is cross-platform,” but it’s not clear from their statement that the other components are capable of running under Mac OS X.

Next, Intego reported that a similar Java trojan known as Koobface.A is also being spread through social networking systems such as Facebook and Twitter.

Intego reports that these trojans will give you fair warning, as the standard Mac OS X Java security alert (see below) will be displayed. If you’re not expecting a Java applet to be running on your machine, click the Deny button and the applet will not run. If you want more information about what’s happening, click the Show Details button, and you’ll see that content with an untrusted root certificate wants to run on your computer. Clicking Deny will protect your machine from a possible malware infection. Allowing the Java applet to run will launch an installer that will be displayed on your machine. If you haven’t launched an installer deliberately, then quit it immediately.

Source: TUAW

Tags: , , , ,
Comment

Yellow alert over Windows shortcut flaw: ‘Wide-scale exploitation is only a matter of time’

Filed under: Exploit, Malware, Microsoft, Trojan, Virus, Windows by Ryan Boese — 4 Comments
July 20, 2010

Windows Shortcut’s zero-day attack code has gone public.

The development increases the risk that the attack vector, already used by the highly sophisticated Stuxnet Trojan to attack Scada control systems, will be applied against a wider range of vulnerable systems.

All versions of Windows are potentially vulnerable to the exploit.

Just viewing the contents of an infected USB stick is enough to get pwned, even on systems where Windows Autoplay is disabled. Maliciously-crafted Windows shortcut (.lnk) files might also to be able to push malicious code through other attack routes left open by the vulnerability, such as Windows shares.

The SANS Institute’s Internet Storm Centre has responded to the heightened threat by moving onto yellow alert status for the first time in years. “We believe wide-scale exploitation is only a matter of time,” writes ISC handler Lenny Zeltser.

“The proof-of-concept exploit is publicly available, and the issue is not easy to fix until Microsoft issues a patch. Furthermore, anti-virus tools’ ability to detect generic versions of the exploit have not been very effective so far.”

Microsoft has acknowledged the problem – and published workarounds deigned to guard against attack – ahead of a possible patch. Going by previous form, and given the seriousness of the flaw and the amount of platforms affected, Microsoft’s security gnomes will have their work cut out to release a fix as part of August’s Patch Tuesday much less any sooner.

The Siemens SIMATIC WinCC SCADA systems specially targeted by the Stuxnet Trojan use hard-coded admin username / password combinations that users are told not to change. Details of these passwords has been available on underground hacker forums for at least two years, Wired reports.

Worse still, changing Siemens’ hard-coded password will crash vulnerable SCADA systems, IDG reports. Siemens is in the process of developing guidelines for customers on how to mitigate against the risk of possible attack.

An overview of the vulnerability and its implications can be found in a blog posting by Rik Ferguson of Trend Micro here.

Source: The Register

Tags: , , , , , ,
Comment

Microsoft: 10,000 PCs Hit With New XP 0day Attack

Filed under: Computers, Exploit, Hackers, Internet, Security, Trojan, Virus, Windows by Ryan Boese — Leave a comment
June 30, 2010

Nearly a month after a Google engineer released details of a new Windows XP flaw, criminals have dramatically ramped up online attacks that leverage the bug.

Microsoft reported Wednesday that it has now logged more than 10,000 attacks. “At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged,” Microsoft said in a blog posting. “Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up.”

The attacks, which are being launched from malicious Web pages, are concentrated in the U.S., Russia, Portugal, Germany and Brazil, Microsoft said.

PCs based in Russia and Portugal, in particular, are seeing a very high concentration of these attacks, Microsoft said.

According to security vendor Symantec, these attacks peaked late last week. “Symantec has seen increased activity around this vulnerability. The increased activity started around June 21 and peaked around June 26 and 27,” a company spokesman said via instant message Wednesday. Attacks have leveled out since then, he added.

Criminals are using the attack code to download different malicious programs, including viruses, Trojans and software called Obitel, which simply downloads more malware, Microsoft said.

The flaw that’s exploited in all of these attacks lies in the Windows Help and Support center software that comes with Windows XP. It was disclosed on June 10 by Google researcher Tavis Ormandy. This Help Center software also ships with Windows Server 2003, but that operating system is apparently not vulnerable to the attack, Microsoft said.

Ormandy was criticized by some in the security for not giving Microsoft more time to patch the flaw, which he disclosed to the software vendor on June 5. He released details of the bug five days later, apparently after failing to convince Microsoft to fix the issue within 60 days.

In a security advisory released June 10, Microsoft outlines several ways to turn off the Windows Help Center Protocol (HCP).

Microsoft’s next set of security are due July 13.

Source: Yahoo!

Tags: , , , , , ,
Comment