This Issue Sponsored By
AutoProf
Sponsor: AutoProf
===============
In the News
- Spam Volume Reaches Record Levels - New Adware Scheme Takes Advantage of IE Vulnerabilities
==== In the News ====
by Paul Thurrott, [email protected]
Spam Volume Reaches Record Levels
Email security firm MessageLabs reported this week that spam volumes recently reached a record 76 percent of all email traffic worldwide. The company based that figure on the more than 1 billion email messages it scanned for customers in May 2004. More than 700 million of those messages were spam, MessageLabs said. Furthermore, almost 10 percent of all email messages carry a malicious virus of some type. "Email-borne viruses have plagued businesses for years, whereas spam has become the primary pain point only recently and now far surpasses the number of virus-infected emails," MessageLabs Chief Technology Officer (CTO) Mark Sunner said. "In spite of a convergence of attack techniques, the growth patterns remain different. Spam levels follow a constant upward curve while the viral threats remain steady. The only exception is when volumes spike during major outbreaks such as MyDoom or when virus wars break out between the authors." The news casts doubts on legislative-based antispam efforts and suggests that spam-filtering technology is having trouble keeping up with the influx. Indeed, after switching to an excellent server-based spam filter last year, I recently had to augment the filter with client-based tools because the amount of spam in my inbox has grown, once again, to the same levels that existed before I put the server-side spam filter in place. This week alone, I've deleted more than 400 spam messages, all of which made their way, undetected, past the server-side filter.
New Adware Scheme Takes Advantage of IE Vulnerabilities
A malicious adware creator is taking advantage of two vulnerabilities in Microsoft Internet Explorer (IE) to surreptitiously install adware products and pop-up ad generators on users' computers as they browse the Web. The flaws, which let attackers run code on victims' machines and let malicious code bypass IE's security zones, were only recently discovered. "We consider that any use of an exploit to run a program is a criminal use," Microsoft Security Program Manager Stephen Toulouse said. "We are going to work aggressively with law enforcement to prosecute individuals or companies that do so." Toulouse said that the company is now working with the Federal Bureau of Investigation (FBI) to track down the culprits and that Microsoft will likely issue an IE patch to fix the problem soon instead of waiting for next month's regularly scheduled batch of security fixes. Although reports vary, the malicious code apparently installs an ILookup search toolbar that changes IE's home page and connects to adware-related sites, generating pop-up windows and, occasionally, even desktop shortcuts. The effects are similar but not identical to the behavior I saw during a recent Trojan attack, which I've documented in three parts in Windows & .NET Magazine UPDATE (see the URLs below). In my case, my machine was infected after I inadvertently turned off Windows Firewall in Windows XP Service Pack 2 (SP2) and used Google to search for video game hints. One of the pages that came up in the Google search results loaded the offending code.
Still Waiting for a Truly Secure System
http://www.winnetmag.com/Article/ArticleID/42787/42787.html
Details About the Trojan Attack
http://www.winnetmag.com/Article/ArticleID/42845/42845.html
My Trojan War Becomes a Quagmire
http://www.winnetmag.com/Article/ArticleID/42944/42944.html
==== Announcement ====
(from Windows & .NET Magazine and its partners)
Does Your Company Currently Use Microsoft Windows NT Server?
If your answer is "yes," Windows & .NET Magazine wants your opinion! Take a short survey, and register to win an Xbox. Click the link below to help us understand why more than 3 million servers currently run NT Server. Give us your opinion about consolidating file print servers and upgrading to Windows Server 2003. http://websurveyor.net/wsb.dll/12237/ntserver.htm
==== Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )
The Exchange Server Seminar Series Coming to Your City in June
Join industry experts Kieran McCorry, Donald Livengood, and Kevin Laahs for this free event! Learn the benefits of migrating to an integrated communications environment, consolidating and simplifying implementation of technology, and accelerating worker productivity. Register now and enter to win an HP iPAQ and $500 cash! http://www.winnetmag.com/roadshows/exchange2003
==== Sponsored Links ====
Argent
Comparison Paper: The Argent Guardian Easily Beats Out MOM http://ad.doubleclick.net/clk;6480843;8214395;q?http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNTTextLink
Microsoft(R) TechNet
Microsoft(R) TechNet Webcasts: essential guidance, industry experts http://ad.doubleclick.net/clk;7759917;8214395;c?http://www.microsoft.com/technet/community/webcasts/default.mspx
============= In the News ====
Spam Volume Reaches Record Levels
New Adware Scheme Takes Advantage of IE Vulnerabilities
Still Waiting for a Truly Secure System
Details About the Trojan Attack
My Trojan War Becomes a Quagmire
==== Announcement ====
Does Your Company Currently Use Microsoft Windows NT Server?
==== Events Central ====
The Exchange Server Seminar Series Coming to Your City in June
==== Sponsored Links ====
Argent
Microsoft(R) TechNet
==== CONTACT US ====
About the newsletter -- [email protected]
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
==============
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
Manage Your Account
View the Windows & .NET Magazine Privacy policy at
Windows & .NET Magazine a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2004, Penton Media, Inc. All Rights Reserved.