Archive for February, 2006

Latest Video Games News

Here are the latest video game headlines from around the web.

Hardware Reviews from Cnet

Here are the latest reviews and news from Cnet.

Big Patch Tuesday Coming Up

Microsoft announced that it is preparing to release 7 patches for several products, with it including atleast 2 critical patches, detail from their website of what patches are being releases are below.

One Microsoft Security Bulletin affecting Microsoft Windows Media Player. The highest Maximum Severity rating for this is Critical. These updates will not require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scanning Tool.

Four Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. Some of these updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

One Microsoft Security Bulletin affecting Microsoft Windows and Microsoft Office. The highest Maximum Severity rating for these is Important. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

One Microsoft Security Bulletin affecting Microsoft Office. The highest Maximum Severity rating for this is Important. These updates may require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer.

Microsoft Windows Malicious Software Removal Tool
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. Note that this tool will NOT be distributed using Software Update Services (SUS).

Microsoft will not release any NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

Microsoft will release one NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Gateway CEO Steps Down

Wayne Inouye, the CEO of Gateway computers, has turned in his resignation, they said to pursue other interests.

Rick Snyder, Gateway’s chairman and former company president, will serve as interim CEO until a permanent replacement is found, the company said. The sudden resignation of Inouye comes as the computer maker continues to lose market share to rivals such as Dell, despite his efforts to refocus the company on its PC roots. Source: News.com

Me, I never really liked Gateway computers, and it was mostly because they liked that big, jacked up 1500 key keyboard when they were first getting big. I haven’t tried one in years, so I can’t really say how good or bad they are nowadays, as I’ve mainly been exposed to Dell, IBM and HP computers.

How Much Spyware is Really on the Internet?

In a recent study from the University of Washington, they tried to examine exactly how much spyware is on the internet, a large undertaking involving the scanning of over 18 million urls.

Using a crawler, we performed a large-scale, longitudinal study of the Web, sampling both executables and conventional Web pages for malicious objects. Our results show the extent of spyware content. For example, in a May 2005 crawl of 18 million URLs, we found spyware in 13.4% of the 21,200 executables we identified. At the same time, we found scripted ?drive-by download? attacks in 5.9% of the Web pages we processed. Our analysis quantifies the density of spyware, the types of threats, and the most dangerous Web zones in which spyware is likely to be encountered. We also show the frequency with which specific spyware programs were found in the content we crawled. Finally, we measured changes in the density of spyware over time; e.g., our October 2005 crawl saw a substantial reduction in the presence of drive-by download attacks, compared with those we detected in May.1 In the span of just a few years, spyware has become the Internet?s most ?popular? download. A recent scan performed by AOL/NCSA of 329 customers? they found that 80% were infected with spyware programs. More shocking, each infected computer contained an average of 93 spyware components.

This is not really surprising, in the study they mention they only used Lavasoft Adaware to scan their “virtual machines”, and Adaware and some of the other anti-spyware programs include cookies, so they always show some spyware showing up, even though cookies are harmless, although they can gather information.

Their results:

May 2005 18,237,103 URL’s, 2,773 Domains, 21,200 Executables Found, 529 (19.1%) Domains with Executables, 2,834 (13.4%) Infected Executables, 106 (3.8%) Infected domains, 82 Unique Spyware Programs Found.

October 2005 21,855,363 URL’s, 2,532 Domains Found, 23,694 Executables Found, 497 (19.6%) Domains with Executables, 1,294 (5.5%) Infected Executables, 111 (4.4%) Infected domains, 89 Unique Spyware Programs Found.

Overall, we found that as of October 2005, approximately 1 in 20 of the executable files we crawled contained spyware, an indication of the extent of the spyware problem on the internet.

Here is the top ten list of spyware laden sites in their study:

Results from the May 2005 scan:

observedscenicreflections.com 1,776 WhenU 364
screensaver.com 191 180Solutions 236
celebrity-wallpaper.com 136 EzuLa 214
screensavershot.com 118 Marketscore 143
download.com 116 BroadCastPC 67
gamehouse.com 111 Claria 44
galttech.com 38 VX2 41
appzplanet.com 37 Favoriteman 36
megspace.com 36 Ebates MoneyMaker 31
download-game.com 30 NavExcel 24

Results from the October 2005 scan:

observedscenicreflections.com 503 WhenU 340
gamehouse.com 64 Marketscore 47
screensavershot.com 137 Claria 41
screensaver.com 107 BroadCastPC 37
hidownload.com 50 Aurora 36
games.aol.com 30 FOne 35
appzplanet.com 27 Zango 34
dailymp3.com 27 EzuLa 33
free-games.to 27 Web3000 32
galttech.com 23 180Solutions 25

Note that the top 10 spyware program lists exclude data from the outlier sitescenicreflections.com, which contained 1,776 instances of ?Tur-boDownload? and 1,354 of ?WhenU? in the May crawl.

Remember people, their is no such thing as FREE on the internet, if you observe the list above, obviously if you are downloading screensavers, games and other programs that don’t cost you any money, you will end up paying for them with a slower computer, more popups and tons more spyware. Even a site like download.com has plenty of executables containing spyware, as this is the only way some of these “programs” can make any money. Also, you are practically guaranteed spyware if you go looking for “FREE” copies of programs you know you should be paying for. Check out the whole study in this pdf.

ZDNet add’s:

According to the PDF, adult sites was one of the categories. The other categories were entertainment sites, celebrity, games, kids’ sites, music sites, online news, warez/piracy, screensaver/wallpaper and CNET’s download.com. It’s no surprise to me that warez/piracy sites ranked the highest in downloading spyware. In my tests of such sites, just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

Top Ten Cybercrime, Viruses and Spyware

Panda Software has released the top ten in cybercrime, viruses and spyware for January 2006, most frequently detected by Panda ActiveScan, the free online antivirus solution.

Malware and % frequency
W32/Sdbot.ftp at 2.99%
Exploit/Metafile at 1.99%
W32/Sober.AH.worm at 1.30%
W32/Netsky.P.worm at 1.25%
W32/Gaobot.gen.worm at 0.90%
W32/Tearec.A.worm at 0.80%
Trj/Torpig.A at 0.80%
Trj/Qhost.gen at 0.76%
W32/Alcan.A.worm at 0.70%
W32/Parite.B at 0.61%

Since July 2005, Sdbot.ftp has been the threat that has had most impact. This is a script used by certain malware specimens to download, via FTP, the Sdbot worm. It does this by exploiting several operating system vulnerabilities such as LSASS or RPC-DCOM.

Metafile, which first appeared towards the end of December 2005, was the second most prevalent threat in January 2006. This is an exploit or code written to take advantage of a security vulnerability in GDI32.DLL, used by programs such as Windows Picture and Fax Viewer. This threat affects the following Windows platforms: Windows 98, Millennium Edition (ME), 2000, XP and Server 2003.

The impact of Metafile, along with the top-ranking position of Sdbot.ftp, once again highlights the success of malware creators in exploiting vulnerabilities in major programs to bolster the impact of their creations.

Here is the spyware ranking for January 2006

Spyware and % frequency
Spyware/New.net at 1.28%
Spyware/Smitfraud at 0.55%
Spyware/Virtumonde at 0.46%
Spyware/RXToolbar at 0.37%
Spyware/Altnet at 0.35%
Spyware/BetterInet at 0.29%
Spyware/Media-motor at 0.26%
Spyware/SafeSurf at 0.23%
Spyware/MarketScore at 0.22%
Spyware/Petro-Line at 0.20%

January’s spyware ranking shows that first place remains unaltered with respect to the previous month, with New.net (1.28%) in first place. The remaining examples of spyware in the Top Ten all have frequency percentages of less than 1%: Smitfraud, Virtumonde, RXToolbar, Altnet, BetterInet, Media-motor, SafeSurf, MarketScore and Petro-Line. The most notable features of this spyware ranking, with respect to December’s classification, are the appearance of Smitfraud and SafeSurf, replacing Cydoor and Premeter, which last month, held second and third places respectively.

As always, we recommend Panda Software and their Free Online Virus Scan as a first step, to actively protect yourself, you should check out all of their great products after you run the Free Scan.