<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18928">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#8ea8c4>
<P><FONT face=Arial><FONT size=2><FONT size=2 face=Arial>hi, what would you
suggest for protecting our computer against all sorts of malware and security
threats? I am currently using Avast anti virus and Iobit Security 360 anti
malware programs. so far, no threats detected by Avast or Iobit Security 360 on
my machine. in addition, Iobit Security 360 also provides patches for security
holes. I can't say that my system is completely protected, but at least I
encounter no great trouble running my computer. thanks for any
advice.</FONT></FONT></FONT></P>
<BLOCKQUOTE
style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B>
<A title=1cankhan@gmail.com href="mailto:1cankhan@gmail.com">vicky</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=share@ncbm.org.my
href="mailto:share@ncbm.org.my">share@ncbm.org.my</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Thursday, July 29, 2010 11:14
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [Share] window rushing out patch
for vulnerability</DIV>
<P><FONT size=2 face=Arial><BR></FONT> </P>
<DIV><FONT size=2 face=Arial>It's been a busy 24 hours looking into this
newest flaw in Windows. Lots of research has gone into it and most of the
results are not good news for Windows<BR>users. It is important to think about
this attack as two separate pieces, one that is a new zero-day vulnerability
that could easily be adopted by any<BR>malware author, the other a unique
payload that appears to be designed to go after some very specific
infrastructure targets.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT size=2 face=Arial>For corporate users (unless you run a power
plant, water system or other <BR>SCADA<BR> system) the important part is
the zero-day flaw. Warning: I am about to go a bit geeky.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT size=2 face=Arial>The flaw is in how shell32.dll tries to load
control panel icons from applets. By making a specially crafted shortcut
pointing to a malicious file, you<BR>can make Windows Explorer blindly execute
the malicious file when the location of the shortcut is merely browsed to. In
this case the malicious file is<BR>a rootkit and a dropper that immediately
hide the special shortcut (.lnk) files. Allowing executable code to load in
the process of trying to retrieve<BR>an icon seems like a major oversight in
the design of Windows.</FONT></DIV>
<DIV><FONT size=2 face=Arial>to continue, go to sophos below
:</FONT></DIV>
<DIV><FONT size=2 face=Arial> <A
href="http://www.sophos.com/blogs/chetw/g/2010/07/16/windows-day-attack-works-windows-systems/">http://www.sophos.com/blogs/chetw/g/2010/07/16/windows-day-attack-works-windows-systems/</A><BR><BR></FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<P>
<HR>
<P></P>_______________________________________________<BR>Share mailing
list<BR>Share@ncbm.org.my<BR>http://lists.ncbm.org.my/cgi-bin/mailman/listinfo/share<BR></BLOCKQUOTE></BODY></HTML>