January 27, 2012 - Symantec Security Response is aware of in-the-wild malware exploiting the Microsoft Windows Media Player 'winmm.dll' MIDI File Parsing Remote Buffer Overflow Vulnerability (BID 51292). Microsoft has already issued a patch against this vulnerability in the monthly patch release (continue reading...) Read more
January 10, 2012 - Hello, welcome to this month’s blog on the Microsoft patch release. This is a smaller month—the vendor is releasing seven bulletins covering a total of eight vulnerabilities. Only one of this month's issues is rated 'Critical' and it affects Windows Media. (continue reading...) Read more
December 13, 2011 - Hello, welcome to this month’s blog on the Microsoft patch release. This is an average month—the vendor is releasing 13 bulletins covering a total of 19 vulnerabilities. Three of this month's issues are rated ‘Critical’ and they affect Media Player, Microsoft (continue reading...) Read more
November 8, 2011 - Hello, welcome to this month’s blog on the Microsoft patch release. This is a small month—the vendor is releasing four bulletins covering a total of four vulnerabilities. Only one of this month's issues is rated ‘Critical’ and it affects the Windows (continue reading...) Read more
November 6, 2011 - In late September 2011, it was reported that a previously unknown and un-patched vulnerability in Hancom Office (a word processing software predominantly used in Korea) was exploited in the wild. We often hear of new exploits targeting software used (continue reading...) Read more
November 1, 2011 - The group that initially discovered the original Duqu binaries, CrySyS, has since located an installer for the Duqu threat. Thus far, no-one had been able to recover the installer for the threat and therefore no-one had any idea (continue reading...) Read more
October 26, 2011 - In recent days, we have seen blogs about a specific type of Mass Injection campaign. We take this opportunity to publish our findings in this blog. This particular campaign has already picked up pace and it is infecting a lot of (continue reading...) Read more
October 11, 2011 - Hello and welcome to this month’s blog on the Microsoft patch release. This is an average month — the vendor is releasing 8 bulletins covering a total of 23 vulnerabilities. Nine of the issues are rated ‘Critical’ and they affect Internet (continue reading...) Read more
September 13, 2011 - Hello and welcome to this month’s blog regarding the Microsoft patch release. This is a smaller month in terms of patches—the vendor has released five bulletins covering a total of 15 vulnerabilities. This month, all of the issues are rated “Important” (continue reading...) Read more
July 12, 2011 - Hello and welcome to this month’s blog on Microsoft’s patch releases. This is an average month—the vendor is releasing four bulletins covering a total of 22 vulnerabilities. Only one of the issues is rated ‘Critical’ and it affects the Microsoft Bluetooth (continue reading...) Read more
July 12, 2011 - Hello and welcome to this month’s blog on Microsoft’s patch releases. This is an average month—the vendor is releasing four bulletins covering a total of 22 vulnerabilities. Only one of the issues is rated ‘Critical’ and it affects the Microsoft Bluetooth (continue reading...) Read more
July 11, 2011 - Once in a while, a piece of malware will come along that grabs headlines. Rarer is malware that is talked about around the water cooler (at places other than Symantec). But the rarest of all is malware that actually makes (continue reading...) Read more
July 11, 2011 - Once in a while, a piece of malware will come along that grabs headlines. Rarer is malware that is talked about around the water cooler (at places other than Symantec). But the rarest of all is malware that actually makes (continue reading...) Read more
June 29, 2011 - A colleague of mine recently wrote about one of the June “Microsoft Tuesday” vulnerabilities being exploited in the wild. Because we're a bit like that, we decided to allow the exploit to compromise one of our honeypot computers so (continue reading...) Read more
June 20, 2011 - Backdoor.Bifrose first came to our attention in 2004. It is a remote administration backdoor tool that allows unauthorized access to a compromised computer. Once installed, the malware has a range of capabilities, including: running processes, opening windows, opening a (continue reading...) Read more
June 17, 2011 - Symantec Security Response has confirmed that the Microsoft Internet Explorer Time Element Uninitialized Memory Remote Code Execution Vulnerability is being exploited in the wild. The vulnerability affects Internet Explorer versions 6, 7, and 8; however, the exploit we have (continue reading...) Read more
June 14, 2011 - Hello and welcome to this month’s blog on the Microsoft patch release. This is fairly busy month —the vendor is releasing 16 bulletins covering a total of 34 vulnerabilities. Fifteen of the issues are rated ‘Critical’ and they affect (continue reading...) Read more
May 5, 2011 - (continue reading...) Read more
April 6, 2011 - Posted on behalf of Jason Zhang and Joseph Rabaiotti, Malware Research Analysts, Symantec.cloud Portable document format (PDF) is one of the most commonly used file formats with which to exchange electronic documents across platforms and applications. Because (continue reading...) Read more
April 5, 2011 - Volume 16 of the Symantec Internet Security Threat Report covers trends in the Internet security threat landscape during 2010. It has been an interesting year, to say the least. We saw vulnerabilities implicated in major events such as the (continue reading...) Read more