Virus disguised as Internet Explorer 7 download!

Nothing proves the total impotence of the US Government more than their total inability to find and jail the worm and virus writers. If there were any real terrorists out there (aside from the obvious fakes used by CIA and Mossad to start wars) they have to know the US is wide open to a cyber attack because the US Government cannot even track down a pimply-faced smelly kid hacking into credit card bureaus from his basement. WRH

▐ Fake beta download advertised on email link
By James Niccolai, IDG News Service

A new virus is disguised as a test version of Microsoft's Internet Explorer 7 web browser.
Security experts have warned of a virus spread via email with the subject line "Internet Explorer 7 Downloads". The emails, which appear to come from admin@microsoft.com, include a convincing graphic purporting to be from Microsoft and offer a download of a beta 2 version of IE 7 – despite the fact that the final version of the browser was released last October.

The virus is delivered when recipients click on a link in the graphic rather than in an attachment. Clicking the graphic will download an executable file called IE 7.exe. The file is actually a new virus called Virus.Win32.Grum.A -- Mikko Hypponen, chief research officer at F-Secure, said:

"The idea of sending a link seems to be a trend among attackers; it's still fairly new and it works much better than sending a file.”

Security firm Sophos said the virus could spread by emailing itself to contacts in a user's address book. The virus tampers with registry files to ensure it gets installed, and tries to download additional files from the internet, said Graham Cluley, a senior technology consultant for Sophos. Other specifics are still unknown, but this type of virus often installs a keystroke logger to steal personal information, and can establish a network of infected computers to launch a denial of service attack, Cluley said.

"We don't know anything yet about where it is coming from," Hypponen said. "It's fairly well made and hard to analyse with normal tools."

F-Secure had received many reports of the email but few submissions of the virus itself, indicating that damage so far is limited. Cluely agreed: "I wouldn't classify this as one of the biggest viruses of the year, but that doesn't mean it isn't a threat," he said.

The virus is being hosted on several servers around the world. They appear to be web servers that have been hacked, Hypponen said. The SANS Internet Storm Centre asked administrators to check their logs to make sure they are not hosting the file. The virus affects only Windows users. [Thanks Bill Gates!]"Microsoft is aware of this issue and is currently investigating this matter, including customer impact," a spokesperson for the software giant said..

How NSA access was built into Windows

By Duncan Campbell
September 4th 1999 -- A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" [local] trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer. ...read more»

N.B. I just checked, Windows XPs search did not find the driver «advapi.dll». Perhaps NSA renamed the File already several times since the above article was written? --tj

Do you have MS VISTA yet?

IDG News Service
January 10, 2007 -- THE U.S. agency best known for eavesdropping on telephone calls had a hand in the development of Microsoft's Vista operating system, Microsoft confirmed Tuesday.

By Robert McMillan
The National Security Agency (NSA) stepped in to help Microsoft Corp. develop a configuration of its next-generation operating system that would meet U.S. Department of Defense (DOD) requirements, said NSA Spokesman Ken White. -- This is not the first time the secretive agency has been brought in to consult private industry on operating system security, White said, but it is the first time the NSA has worked with a vendor prior to the release of an operating system.

By getting involved early in the process, the NSA helped Microsoft ensure that it was delivering a product that was both secure and compatible with existing government software, he said. The NSA's involvement in Vista was first reported Tuesday by The Washington Post.

The NSA has provided guidance on how best to secure Microsoft's Windows XP and Windows 2000 operating systems in the past. The agency is also credited with reviewing the Vista Security Guide published on Microsoft's Web site. ... read more»