Microsoft advisory on Sober “Awakening”



Microsoft has posted a security advisory (912920) on the previously reported “awakening” of the Sober worm, expected January 6th.

Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006

Further they give the following note….

Microsoft will release an updated version of the Malicious Software Removal Tool on January 10, 2006, that will further assist in the detection and removal of known malware threats including Sober and its known variants. See Microsoft Knowledge Base Article 891716 for additional details on how to deploy the Malicious Software Removal Tool with the latest definitions to help protect against malware.

So, four days after it’s release they’ll have an update for the malicious software removal tool, hopefully with new signatures for the latest variant. How convenient, that is their scheduled security patch day.

This is the kind of coordination you would hope for from virus writers to conveniently release a new version just a couple days before a patch. Contrast this to the wreckless release of a security vulnerability last week in wmf files…. (Ok sarcasm off…..)

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft releases official VML patch!! The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that's been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered......
  • Zotob worm bites big media outlets According to several reports there are several big media outlets seeing what is reported as the zotob worm which exploits a Microsoft Windows vulnerability (MS05-039) disclosed last week. There seems to be no better way for something to make the news than for it to affect the companies that bring......
  • How to Remove Windows PC Defender | Windows PC Defender Removal Windows PC Defender is a rogue antivirus application that resembles the legitimate antispyware known as Windows Defender from Microsoft. Their intent apparently is to mimic the look an theming of that application to trick potential customers into trusting and downloading (and paying for) their product. It is a clone of......
Blog Traffic Exchange Related Websites
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • How to Remove Stamps From Envelopes for Stamp Collecting [/caption]Ever wonder how to remove stamps from envelopes for stamp collecting. Here are some time tips on how to do it. First you need to figure out if you should remove the stamp from the envelope at all. Some stamps are worth much more attached to the original envelope. A......
  • Encryption: Never Leave Home Without It As portable drives have gotten physically smaller and larger in storage capacity, they've become an indespensible gadget for many.  If you use yours to store vital and sensitive information, you need to secure that information with encryption.  I should not need to tell you about the long list of......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site