Symantec’s integration with Veritas in the UK has run into computer problems, leaving many Symantec customers unable to renew their corporate anti-virus licenses and large numbers of computers unprotected.

An adviser working for PCWorld Business’ national licensing department told us the problem is widespread.

“It is affecting loads of our customers - from GPs right through to our government customers,” he said.

He said he understood that Symantec shut down its computer systems for a refit - part of its integration with Veritas - but that there had been no backup made. Upon rebooting, he said, more problems surfaced, as well as a backlog of orders and all the new orders that were still coming in.

One GP told El Reg: “We are a small GP practice, with 12 Symantec Antivirus Corporate Edition licences. On 6th October, without prior warning, my server notified me that these licences had expired. But, no problem, as there is a 60 day grace period, and just over 1 week later I ordered 12 renewal licences from my supplier PC World Business (PCWB).

A new vulnerability has been identified in Microsoft Word. Security Analysts at MicroWorld Technologies inform that exploits for the vulnerability are out already, which can successfully thrust Trojan Downloaders into user computers.

Microsoft Corporation said they are investigating the vulnerability that exists in Microsoft Word 2000, 2002 and 2003, Word Viewer 2003, Word 2004 for Mac, and Word v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.

According to MicroWorld Experts, a specially crafted Word file carrying a Trojan Dropper named ‘MSWord.Agent’ can push Trojan downloaders into victim’s computers. The Trojans deposited this way can log on to predefined websites and bring in dangerous malwares like Backdoors and Rootkits into a victim’s computer.

“One stream of malware writers are quiet enthusiastic about exploring application software vulnerabilities as they think that’s a lot more easier and rewarding than getting into the OS level intricacies,” commented Sulabh Mahant, a Security Expert at MicroWorld Technologies. “And incidentally, that’s a fast growing tribe which is quiet apparent in the present tide of exploits targeting various vulnerabilities in a range of applications, including some of the AntiVirus products.”

Spam levels barely declined in Ireland during November as virus rates rose again, new figures from IE Internet reveal.
Less than half of all emails circulating in Ireland now constitute legitimate traffic, as the spam rate recorded last month was 55.61pc. This figure was only marginally down from October levels, which were the highest since the Dublin company began recording these statistics three years ago.

Although the US remains the highest source of unwanted junk email into the country with 26.61pc of the total, China has caught up considerably and last month just over a quarter (25.76pc) of spam originated from there. The UK is much more on the radar than before with 20.59pc whereas South Korea, a longtime mainstay of the list, did not feature in the top five senders for November.

The rate of virus infection was 11.23pc and the interesting development was the appearance of two new pieces of malware that between them accounted for more than 40pc of the total.

The first, W32/Warezov, is a worm that spreads by email posing as an operating system security update. It can beat antivirus products on the infected PC and set up a remote access facility on it so that the machine can be controlled by an unauthorised third party to launch denial of service attacks or to send spam.

Symantec Corp. today announced the availability of public beta versions of Norton Internet Security 2007 and Norton AntiVirus 2007 compatible with the upcoming Windows Vista operating system. Now, early consumer adopters of Vista can use these security tools designed to proactively protect their PCs from a vast array of online threats—including spyware, viruses, worms, hackers, phishing sites, and crimeware—while maximising security, performance, and ease-of-use.

“As we near the consumer Vista release scheduled for January 2007, we want to reassure our more than 50 million active users that our leading PC security products will be available from day one to protect their PCs from today’s evolving online threats,” said Rowan Trollope, vice president, Consumer Engineering, Symantec. “With the beta release of Vista compatible versions of Norton AntiVirus and Norton Internet Security, users of the latest Windows operating system will be able to completely secure their computers with the award-winning Norton products from Symantec.”

The company says since Windows Vista does not include virus protection, enterprises should deploy an antivirus solution alongside Windows Vista to combat spyware/adware and viruses. Its solution is Symantec AntiVirus Corporate Edition 10.2.

“Businesses deploying Windows Vista are offered new opportunities but are also faced with potential security, availability, performance, and compliance risks. Symantec uniquely provides businesses of all sizes best-of-breed, Windows Vista-compatible software that helps mitigate IT risk,” said Symantec’s Jeremy Burton.

Symantec’s Ghost Solution Suite 2.0, also now includes support for Windows Vista and Windows 64-bit.

Malware makers are starting to take advantage of the number of users searching for cracks for the pirated copies of Vista floating around.

A new download has started circulating around the crack boards called “Windows Vista All Versions Activation 21.11.06″. It purports to be an activation crack for any version of Vista.

However, the file is actually a trojan-carrier which will install Trojan-PSW.Win32.LdPinch.aze onto your PC.

BitTorrent users who posted reviews of the crack said that a number of antivirus programs detected the malware, though Norton AntiVirus and NOD32 did not.

Today BullGuard releases BullGuard Backup as a stand-alone retail productcombining local and online backup with a user-friendly design and includingfull access to BullGuard Support. BullGuard Backup ships with 3Gb ofredundant commercial-grade online backup storage as standard, in addition toa local backup management tool.

“There has been a dramatic increase in interest in our backup solutionover the past year. Widespread access to high-speed broadband has madestoring your important documents and files remotely on a secure online backupdrive one of the most user-friendly and safe options available,” said PaulLeaman, UK Country Manager for BullGuard. He continued: “BullGuard Backupcombines both online and local backup and makes it very simple for the userto schedule automatic backup of key documents, music and photos.”

Symantec Corp. has unveiled Symantec Mail Security 8300 series, its next-generation mail security solution that reduces risks to information flowing in and out of the enterprise via e-mail. New integrated email content filtering helps organisations control intellectual property, intelligently classify messages based on content, and enforce acceptable use policies.

The enhancements available in Symantec Mail Security 8300 series provide customers with significantly improved features and extra functionality that will enable them to better protect their information assets, while minimising the amount of spam and viruses that end-users must contend with, according to Advanced Internet Security, Inc.

The exciting enhancement is in the content filtering area, which Advanced Internet Security believes its customers will greatly appreciate. Symantec Mail Security 8300 Series is definitely a solution.

NEW YORK: A previously identified flaw in Symantec Corp.’s antivirus software and five patched vulnerabilities in Microsoft have facilitated the spread of a malicious bot program, Spybot.ACYR, especially among systems in educational institutions, according to virus experts.

Symantec had updated its virus signatures to identify the bot as it attempts to exploit the flaw some six months back but the bot would have got into systems that had failed to get the updates.

Symantec admitted it has been seeing an unusually high traffic on port 2967 with activity only in the .edu domain. It said the impact of the attack is minimal.

Symantec said the worm attempts to break into computers through a vulnerability in its client security and Symantec AntiVirus. It said a fix was available since 25 May and customers, who had applied the patch in their environment, are not affected by the worm.

Given my extensive technical background I rightly consider myself online-savvy. I did not used to keep an antivirus for I thought that I was smart enough not to get infected. And I almost never register at third party sites so my spam traffic is minimal.

But regardless of how savvy I am, I too fell prey to a couple dirty tricks that the online conmen play. Somebody went as far as to deliberately try to infect my PC by sending me (and responding!) personal emails with an attachment, which I nonetheless did not open. I communicate with a lot of people and the foe sounded like a customer, but the lack of detail and the insistence on opening the attachment with order information kept me safe and sound.

I usually do not download software either, unless it comes from a company or vendor I know. So chances for getting trojans are minimal. But then I got complacent and allowed Media Player to find and download a missing video codec and the ‘fun’ began.

Although Symantec Antivirus cleaned the system it did not eradicate (or event detect) the trojan hideout, which managed to survive even the OS reinstallation. I have installed a new copy of Windows XP on my other hard disk, but could not delete the old installation on the other drive because the flash.ocx file was in use, even when I booted in safe and recovery modes. So I was left no choice but to format the offending partition using low-level BIOS format procedure and fry the bugger. Ever since my system is back to normal and I am no longer downloading codecs no matter where they come from.

Downloaders hoping to get a free version of Microsoft’s Windows Vista OS (operating system) are getting more than they bargained for: a password-stealing Trojan.

Security researchers Sunbelt Software have confirmed that the Trojan is contained in a program called ‘windows vista all versions activation 21.11.06.exe’, which has been circulating on message boards, according to a report.

The program claims to be a ‘crack’ designed to unlock pirated copies of Vista, which was made available to Microsoft’s volume licensing customers last week.

In fact it installs malware known as Trojan-PSW.Win32.LdPinch.aze, which attempts to steal passwords and send them back to an attacker, according to security researchers Kaspersky, which first noticed the Trojan in early October.

tilizing a new and highly effective scanning engine, the upgraded PC Tools Antivirus 3.0 improves program performance, and responsiveness — it hunts and kills viruses quickly.

“This upgraded security tool reflects our focus on quality and provides users with robust protection that is both effective and compatible with our award-winning products,” said Michael Greene, Vice President of Product Strategy.

“We know threats to consumers will increase this holiday season, so we want to provide them with the most effective products possible,” Greene added. “We own this product, rather than partnering with another vendor, which means we are able to control quality and implement best practices that have helped us consistently win ‘Best Anti-spyware’ from trusted sources.

“There are many benefits to our approach. We have a tightly integrated product. This software has minimal impact on the user’s system,” Greene said.

This new software provides scanning and real-time OnGuard performance improvements. Along with enhanced heuristics to help detect a greater number of new variants and their related malware components on infected PCs.

Current awards include: PC Magazine Best Anti-Spyware 2005, Editor’s Choice 2006; Windows XP Magazine, Editor’s Choice; PC Pro Recommended 2006, A List product; PC Answers Editor’s Choice 2006; PC Advisor Gold award 2006; PC User ‘Top Buy’ 2006; Computer Shopper Best Anti-Spyware of 2006.

John Viega, Vice President and Chief Security Architect for McAfee told SC that McAfee is currently working with Microsoft to develop a suitable software platform, but he remains cautious.

“Microsoft has said they’re going to cooperate with security vendors and open up their API’s so we can implement best to breed technologies on their platform.

“We’re cautiously optimistic, but at this point we have to wait and see that our points are being addressed,” said Viega.

Viega played down the degree of difference between the two companies caused by Microsoft’s decision to lock-out vendors from crucial Vista coding.

“Honestly this was a blip on the radar screen, a really tiny blip in a very long history of a very close relationship between the companies,” he said.

Microsoft didn’t get the word to their phone support people that Microsoft’s antivirus had a false positive for gmail. According to the article,

The experience of a user called Jim was typical, with several hours of telephone calls and Remote Desktop tech support. “He gave up after an hour and told me it was in my Gmail so I had to delete everything, trash, sent, archived, etc. and then use Stinger. I mistakenly followed his advice. Two years of carefully saved stuff is gone,” the user wrote.

. Microsoft says they’re sorry and will work on ways to keep it from happening again.

Kaspersky Lab has signed a new partnership agreement with Clearswift, a long-standing partner of the company. According to the agreement, Kaspersky Lab will become Clearswift’s preferred antivirus technology partner and Clearswift will recommend the company’s
security
software directly to its worldwide customers.

An important milestone in Kaspersky Lab’s partnership with Clearswift was the release of Kaspersky® Anti-Virus 5.0 for MIMEsweeper, which integrates tightly with Clearswift MIMEsweeper to scan SMTP traffic in real time. The Kaspersky product is compatible with Clearswift’s MIMEsweeper for SMTP, MIMEsweeper for Domino, MIMEsweeper for Exchange and MIMEsweeper for Web. In addition, Kaspersky® Anti-Virus, which includes protection against malware, spyware and phishing, is delivered pre-loaded on Clearswift’s MIMEsweeper SMTP Appliance.

Kaspersky® Anti-Virus 5.0 for MIMEsweeper for SMTP provides real-time, high-speed antivirus scanning for all incoming SMTP traffic on servers that use Clearswift’s MIMEsweeper software, removing any malicious programs that it detects. It provides a built-in update mechanism to download signature updates from Kaspersky Lab servers on the Internet, either on demand or on schedule (every 30 minutes, hourly or every three hours depending on the settings).