Microsoft has confirmed a vulnerability in the Windows kernel that was being used in the Duqu exploit. If used, an attacker could install apps, change data, or create new accounts with full user rights. Microsoft is working on a full fix, and in the meantime, is offering a workaround for download (free, Fix it tool).
Sophos today released a free piece of Mac security software, Anti-Virus Home Edition. The utility is based on the company's business software, and said to be full-featured with the same threat detection, cleaning and quarantining. It addresses both Mac and Windows threats, to prevent Macs from spreading Windows malware, and can detect new viruses. Once files are quarantined, they can be examined/or deleted.
Researchers at Matousec have found malware that could potentially compromise nearly every Windows XP system using current antivirus software. KHOBE (Kernel Hook Bypassing Engine) takes advantage of the vulnerable System Service Descriptor Table to trick Microsoft's OS into accepting rogue code. It allows a safe code thread to be scanned by antivirus apps but immediately swaps in a thread containing a virus or other attack, giving the malware free rein.
A new worm has begun targeting iPhones and iPod touches, however it only appears to attack jailbroken devices, according to the security company Sophos. The worm, which works in a similar way to the recent 5 Euro scam, was reportedly discovered after a Dutch ISP noticed unusually high volumes of data traffic.
