The Flash security flaw that we recently wrote about has been addressed by Adobe and a new version is being offered.
This security flaw was affecting PC and Mac users and allowed hackers to redirect you to nasty .SWF files which could then potentially execute malicious code on your machine.
You can feel secure (as well as warm and fuzzy) by downloading a Flash update with the fix here.
It's a pretty fast response to a pretty serious issue, so Adobe gets the pass this time.
Special thanks to commenter daniel free for the heads up!
It has come to our attention that there's an Adobe Flash player vulnerability in the wild that may affect your PC.
Simply by visiting a naughty website, the unsuspecting web visitor will be attacked with a piece of code that redirects you to an evil .SWF file that can then execute nasty code on their PC.
Adobe has blogged about the issue, but hasn't issued any releases, or patches to take care of the problem as of yet. Security firm Symantec says that 20,000 web pages may be affected by this style of attack.
Since there's no real way around getting hit with this one, you can either disable your flash player altogether, or get the No-Script add-on for your Firefox browser.
The internet is a scary place. No, we're not talking about predators out to rob you or offer candy to your kids. We're talking about malware like viruses, worms, and trojans. According to security company Symantec, the amount of malware on the internet has reached an all-time high, with over 1 million malicious programs in circulation.
A surprsingly large number of those threats were developed in the last year, with 711,912 new pieces of malware coming out in 2007 compared with 125,243 in 2006.
The good news for Linux and OS X users is that most of these threats are targeted at computers running Windows. And the good news for Windows users is that most of these applications are variations of older threats, which means if your anti-virus software is up to date, you should be relatively safe.
Of course, Symantec puts reports like this out there in order to sell its own security software. But there are several excellent free anti-virus suites that will also help protect your computer from most threats.
If you're not sure whether or not it's safe to download that email attachment your nice new friend from Nigeria sent you, odds are you shouldn't. But if you want a second, third, and 14th opinion you might want to forward your email to VirusTotal.
All you have to do is hit the forward button, and send your message to scan@virustotal.com. Change the subject line to SCAN and delete anything in the body of the message you don't feel like sharing. Note that there's a 10MB file size limit, and if you forward a message with multiple attachments, VirusTotal will only check one.
VirusTotal will scan your file using a variety of anti-virus tools including AVG, ClamAV, Kaspersky, and McAfee. When it's done, VirusTotal should send you an email letting you know the status of your file. But it may take a while to get that response if the server is busy.
You can also upload files directly to VirusTotal's main page for a quicker scan. But that only works if you've already got the potentially infected file on your computer.
Have you been so busy sending angry letters to Saturday Night Live about their choice of actors to portray Barack Obama that you've fallen behind on your Download Squad reading? Not to worry. Here's a roundup of some of the stories you might have missed this week:
Download Squad at Future of Web Apps
Download Squad's Grant Robertson hit up the Future of Web Apps 2008 conference in Miami this week. And he's been kind of busy. Here are just a few of the topics he's covered or live-blogged:
This week DivX shut down the online video sharing site Stage6. The web service never got as much attention as YouTube, DailyMotion. But it was a favorite among online video connaisseurs for its excellent video quality. DivX is now directing users to check out online video site Veoh.
TotalEdit is an advanced text editor with programs that could come in handy for coders, including syntax-coloring, code-folding, and line-numbering. There's also a portable version you can run from a USB drive. But one of the best things about this article is the fact that a bunch of readers weighed in with their favorite text editors in the comments.
There's nothing special about Windows Mobile, Palm, or Symbian devices that make them virus-resistant. It's just that for the most part malicious hackers haven't tried to target mobile devices because there hasn't been that much information worth stealing. But as people put more and more valuable data on their cellphones and PDAs, those devices are becoming more attractive targets.
And so we probably shouldn't be surprised that McAfee released an alert this week that a virus targeting the Windows Mobile operating system is making the rounds. The WinCE/InfoJack trojan has been packaged with several Windows Mobile programs, including a version of Google Maps, and a game collection.
McAfee has traced the program back to a single web site, whose maintainer says it was designed to track what type of devices people are using to run applications. But it has a ton of properties of a virus. For example, if it's on a memory card it will automatically install itself on a Windows Mobile device when that memory card is inserted. It backs itself up to protect itself from deletion. It installs itself as an autorun program, and allows unsigned applications to install without asking for permission first.
While there are a handful of anti-virus applications for Windows Mobile out there, something tells us we're about to see a lot more of them soon.
We were at a major electronics retailer a few days ago, gazing lovingly at the little ASUS Eee. We were not alone. There were three other people poking, prodding, and tapping the tiny machine.
We watched as a couple approached the little machine with a salesman. They jiggled the keys. They ran their fingers on the touchpad. They asked why the user interface wasn't as familiar as their home machine.
"Linux," said the salesman. (He was ever so helpful.)
The next question, "Does it come with anti-virus?"
That certainly stumped the salesman. He answered a non-answer, really. "Linux," he said, "It has Linux anti-virus."
For the record, the Eee, which runs a form of Xandros, does in fact have anti-virus. We are pretty sure the reason for this is two-fold. One, it puts some people's minds at rest to have something called "anti-virus" on their computer. Two, it does isolate and quarantine viruses -- viruses that might not affect Linux itself, but could easily be passed on to a Windows machine.
That's not to say there aren't viruses that can target Linux. Historically, there have been some. And there are browser exploits, of course, that no operating system is completely immune from. However, viruses, as we think of them in the Windows world, are highly unusual.
We know what you want to ask, so here's the answer right away: Runscanner is not a sequel to (or, heaven help us, a prequel to) the movie Blade Runner. So what is it?
Runscanner is a free windows system utility which scans your system for all configured running programs. Runscanner will detect all programs that start automatically, including spyware, adware, and homepage hijackers. In other words, if opening your web browser makes your screen blow up like the fourth of July fireworks show, you'll probably want to download and run Runscanner.
Runscanner offers a lot in its small package: Google search integration, Authenticode signature analysis, VirusTotal integration, and FileAdvisor and CastleCops integration, which allow you to compare the MD5 hash of your files with their respective online databases.
With three modes: beginner, classic, and expert, you can wade in slowly or jump right into the deep end. The Beginner mode is particularly unique: you can't make any changes to your system when in beginner mode. However, you can save the Runscanner log files and upload them to a Forum Expert. They in turn can mark the items that need fixing, send the file back to the beginner, and have them run only the fixes the expert has designated as necessary. Creepy, but with good execution; kind of like Michael Jackson's "Thriller."
Classic mode's primary use is to eliminate malware, and offers easy one-click fixes. Expert mode includes startup tweaks, with more scanning, reporting, and filtering options.
If you thought the Y2K bug had a lot of world ending potential, you might want to skip this post right now. If we don't blow ourselves up by 2038, the end of the world is going to have little to do with nukes and a lot to do with Unix because Unix systems can't keep track of the date past January 19, 2038.
According to Y2K38.info, Unix keeps track of the date and time using a four byte integer that represents the number of seconds past January 1, 1970. The integer can only get so big before having to restart from zero. If a machine can't restart it's time, which may be the case for many Unix systems, it will crash. Hackosis confirms this problem has the potential to affect Linux boxes too. Unfortunately, machines running on *nix operating systems act as the backbone for much of the cyber-world, meaning we may see anything from planes falling out of the sky to the internet shutting down when this hits.
Are you scared yet? Probably not, and neither are we. 2038 is far, far away, and it's very unlikely that we'll be using the same technology for pretty much anything when the year comes. Also, there's way too much money to be lost to a simple little bug, and no company's going to stand by and let that happen. Finally, keep in mind that Y2K38.info has been around since before the year 2000, meaning the author wrote much of the content on the site without seeing the results of the Y2K bug. However, the site is still up, so the author must believe it's still a problem. For those interested, the site is headlined by a countdown timer in binary, decimal, and date forms, which are definitely worth checking out if you're into ones and zeros.
In an amusing move that is sure to have caused a few flushed faces, Kaspersky Antivirus recently declared Windows Explorer malicious code. While we've known Explorer to crash from time to time, this treatment seems a bit excessive.
The gaffe came in the form of a routine virus update this past Wednesday night. Kaspersky mistakenly identified Explorer as an infected file. For those not familiar with Windows' internals, Explorer serves as the core of the Windows interface, handling the Desktop, Start bar, and file management. Without this core component, Windows becomes inoperable.
Realizing their mistake, the company pulled the flawed definition about two hours later. However, untold numbers of customers were already experiencing the quarantine, and in some cases deletion of explorer.exe. While this isn't the first time a virus company has make a false positive, it is none the less a serious mistake that will certainly mean serious downtime for some organizations. Or at least, the organizations that haven't switched to Linux or Mac by now.
Late last week, Intego Security released a press release detailing a new Trojan web variant, aimed at Mac users. A Trojan, known as OSX.RSPlug.A (or OSX/Puper), is installed on the system by the user, under the guise that it is a video codec, required for playing a free video file.
The installer, under the clever name MacCodec, requires administrative access to install (meaning the user has to not only specifically agree to download the file, he/she has to enter in the admin password before it will install), and instead of installing a codec, it runs a script that creates a scheduled task that changes the DNS server, in an attempt to redirect users to malicious phishing sites. Unsurprisingly, this Trojan seems to be almost exclusively targeting porn sites that offer those always-hard-to-resist "Download Sample Now" or "Free movie clip" downloads.
Like clockwork, the pandering , the hysteria and the schadenfreude has already hit the web. Many of these articles fail to adequately underscore a few points that, we at Download Squad, think are pretty important for users to consider:
ZoneAlarm has launched a public beta of a new security tool that basically puts your web browser into a sandbox. Visit sites you know are unsafe, check your bank statements on a computer that you know is infected with viruses and spyware.
We caught up with ZoneAlarm Director of Consumer Product Management John Gable at ShowStoppers in New York, and he told us a bit about the new product. ZoneAlarm ForceField sets up a "virtualized surfing" system, that prevents your PC from downloading malicious code from the web. It also prevents keylogging, blocks spyware, and scans downloads. There's also a private browsing feature that immediately erases all details of your browsing session once you shut down the browser.
ZoneAlarm ForceField is free while in beta, but will cost $30 when it's officially launched next year. The program works with Internet Explorer and Firefox (but not Opera), and is Windows only.
ZDNet UK is reporting that a just-discovered bug in OpenOffice can victimize versions of the software running on Mac and Linux in addition to Windows. The bug allows an attacker to use malformed TIFF images to run malicious code on the user's computer, ostensibly for the purpose of spreading the malicious code like a trojan. The official explanation of a heap overflow exploit can be found here. (Sounds likes when there's too much garbage in our can.)
OpenOffice's developers have not yet released a fix for the bug (update: the bug does not exist in version 2.3 or newer), but the firm that discovered it is advising OpenOffice users to "be careful" with attachments received from unknown sources. Good advice--whether you run OpenOffice, Microsoft Office, or Wordstar.
If a computer virus that hasn't been seen in more than 5 years rears its ugly head again, is it safe to call it a plague? Probably not, but we think it would be funny to call Stoned.Angelina a plague, since as many as 100,000 computers may now be infected with the 13-year old virus.
German laptop maker Medion has released somewhere between 10,000 and 100,000 PCs with the boot sector virus preloaded for your convenience. Stoned.Angelina was first reported in 1994, and hasn't really been seen in the wild since 2001.
The computers all include BullGuard anti-virus software, which will pleasantly point out if you have an infected computer. But since the virus is in the boot sector, BullGuard is unable to remove the problem without your intervention.
Fortunately the virus is considered pretty much harmless. And BullGuard has made a tool available that can fix your boot sector.
If your'e a Skype user, be aware that a worm is spreading across the Skype network. The worm sends you a short chat message from a buddy's Skype client, asking you to open a malicious file, ostensibly sent to you by your buddy.
They're calling this trojan "Ramex" or "Skipi", and, at least as of last night, Symantec and F-Secure both contain updates for their anti-virus software to block it, so update your virus definitions. In the meantime, a little bit of vigilance goes a long way. So far, it appears Mac and Linux users aren't affected.
The Flash security flaw that we recently wrote about has been addressed by Adobe and a new version is being offered.
It has come to our attention that there's an 
Have you been so busy sending angry letters to Saturday Night Live about their choice of actors to portray Barack Obama that you've fallen behind on your Download Squad reading? Not to worry. Here's a roundup of some of the stories you might have missed this week:
Late last week, Intego Security released a 
