malware

Microsoft Update KB977165 triggering widespread BSOD

One of Microsoft's "Patch Tuesday" security fixes is triggering a widespread "Blue Screen of Death" problem.  The cause is not the update itself, but an existing infection.  So far, reports suggest that this problem affects Windows XP and Windows Vista. Once the update is applied and the system rebooted, Windows will bluescreen at boot.  When booted to Safe Mode, the system will freeze. Removing the update from the Windows Recovery Console or using live media will get the system booting again, at least until the update is reapplied.

On Borrowed Time: The Threat of Ransomware

"Ransomware" is a type of malware that holds files or computer operations for ransom.  In the most common scenario, ransomware will encrypt files on an infected computer and demand that the user pay for the decryption key. Ransomware presents an unusual threat in that simply removing it from the computer does not solve the problem.  When files have been encrypted, removing the ransomware does not make them available again.  The files must be decrypted.

Defending Windows with Application Whitelisting

The SANS Internet Storm Center recently featured a post about the increasingly stubborn fake anti-malware "scareware" that has been remarkably successful at infecting machines and convincing people to purchase the fake software. http://isc.sans.org/diary.html?storyid=7066 Among the comments on that post, others who have encountered this kind of malware questioned what protection measures might be effective.