Microsoft fixes security flaw in malware protection engine

Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer.
The Malware Protection Engine is used in Windows Live OneCare, Microsoft Security Essentials, Windows Defender, Forefront Client Security, Forefront Endpoint Protection 2010, and the Microsoft Malicious Software Removal Tool.
The vulnerability could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key, the company said in a security advisory.
The security update has been pushed out to users of Microsoft's security products via the company's automatic update to patch the elevation of privilege vulnerability.
Microsoft said the update would have been automatic for enterprises, providing administrators had ensured that definition and engine updates were approved in their update management software.
"Since the Microsoft Malware Protection Engine is a part of several Microsoft anti-malware products, the update to the Microsoft Malware Protection Engine is installed along with the updated malware definitions for the affected products," the company said.
Microsoft claims there have been no exploits of the flaw, which was reported to the company by an independent security researcher.
Version 1.1.6502.0 is the latest version of the Microsoft Malware Protection Engine affected by this vulnerability, which is fixed from version 1.1.6603.0.
http://www.computerweekly.com/Articles/2011/02/24/245564/Microsoft-fixes-security-flaw-in-malware-protection.htm

• 
• 
• 
• 
• 

Lavasoft Rogue Gallery puts fake antivirus and rogue applications on display

It is very difficult for less-savvy computer users to stay out of trouble on the Internet, and part of the problem is that they just don't know how to identify potential threats. Fortunately, there are plenty of great online resources you can use, or point your friends and family to. We've already covered the excellent Facecrooks, which helps users avoid trouble on Facebook, and today we're taking a look at the Lavasoft Rogue Gallery.

Lavasoft is the company behind Ad-Aware, the granddaddy of adware removal apps. Though its malware cleanup crown has been snatched away by Malwarebytes in recent years, Ad-Aware remains enormously popular -- and Lavasoft provides a nice public service by displaying the fake antivirus (fakeAV) and rogue applications it discovers for all to see.

Rogue applications are those nasty programs which appear to be useful utilities like antivirus or Windows tune-up tools. In reality, of course, they're some of the nastiest threats around. They're easy enough to spot if you know what to look for, so spending a few minutes going through the Lavasoft Rogue Gallery is highly recommend to anyone who needs a bit of help avoiding Internet dangers.

• 
• 
• 
• 
•