Norton Internet Security 2010 delivers fast and light comprehensive online threat protection. It guards your PC, network, online activities and your identity with innovative, intelligent detection technologies optimized to combat today’s aggressive, rapid-fire attacks. Improved Norton Safe Web technology blocks Internet threats before they can infect your PC. So you can browse, buy and bank online with confidence. It even warns you of unsafe web sites right in your se (more…)

The Adobe corporation are in the headlines yet again, must be embarrassing now!

Adobe confirmed that the software pioneers were well informed of “potential vulnerabilities” influencing Adobe Reader, Acrobat 9.1.2 and Adobe Flash Player 9 as well as 10. Thus, advising users to make sure their systems are completely secure since hackers are still lurking in the midst.

However, latest reports have suggested that these “vulnerabilities” were substantially clear to many of the public using Adobe Flash Player a whole seven months ago. What do you have to say for yourself Adobe? The first instance where the issue in Flash Player was identified in late December last year and noted in Adobe’s “credible” bug and issue management system.

Recognition must go to Purwire‘s  valued researcher Paul Royal, who has been working at the internet security service provider since January 2009.

Zdnet reported earlier that this so called flaw was a “data loss corruption” but Adobe’s ‘strong’ response team were completely misleaded this time which lead to their public humiliation. However, their reaction to this has been positive hence announcing patches shall be attainable on the 31st July for Linux, Mac and Windows users.

Adobe said in their security advisory that the bug can cause problems for users and so they should remove the authplay.dll file which comes with Adobe Reader,

“A critical vulnerability exists in the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) for Windows, Macintosh and Linux operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat v9.x for Windows. This vulnerability (CVE-2009-1862) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows.”

Have you suffered any problems with Adobe Flash Player? What have you done? Has it been successful? Feel free to comment below.

Analysts suggest that the malware compromises websites by injecting malicious Javascript code into certain parts of website. The victim only has to visit infected pages to run the risk of the Javascript attack.

The malware alters access credentials and folder permissions of the compromised website, to allow an attacker a back door entry to the site even after the user has changed passwords.Administrators will be unable to search out and delete the scripts, as the malicious code will be altereed in certain ways.

This malware attack was first detected in March, but it was thought that the attacks were halted in April, when Google delisted the attacking sites. However, a new variant of the Gumblar has arisen recently, and has been spreading very quickly. Security firm ScanSafe estimated that Gumblar attacks increased by 188 per cent in the last week alone.

Mary Landesman, senior security researcher at ScanSafe, said, “The gross infection rate is exceptional, especially this late in the game…Basically, it has been enjoying a free reign”

Landesman also suggested that the payload carried by the attack, is highly dangerous. The malware supposedly intercepts web traffic and redirects it to fraudulent domains. This allows the attackers to collect referral fees, and places the user at risk of further infection.

Additionally, the malware is supposed to contain botnet controllers and is programmed to collect all FTP permissions on the infected websites, allowing Gumblar to infect any sites which the user administrates, further fostering the spread to new domains.

Thus, the infection is spreading rapidly across the web, and added to the fact that it is so difficult to get rid of, researchers suggest that the Gumblar has een much more successful than previous malware attacks.