There are a number of Security Issues that arise from time to time that can be exploited by hackers, virus writers or spyware/malware developers. This page is designed to keep a note of these issues and provide information on the problems until the issue is resolved by the operating system provider. In most cases these issues will be waiting for Microsoft to issue a patch. The contents of this page should change on a regular basis as patches are issued and new exploits are uncovered.
There are plenty of sites that follow this subject very closely. We are only interested in exploits that are either being exploited or are a current threat to computer users. Rare and unusual potential exploits will not be included.
This update was installed by many users who believed it was a genuine security update. In fact it is not. It is a utility to check whether your installation of windows is genuine. As a side effect, it collects a great deal of information from your computer and sends it back to base. It collects more information than Microsoft have published. It phones home as soon as a connection to the internet is established. It is integrated into the operating system, such that even some firewalls are unable block, because it is loaded before the firewall.
If you are getting non genuine windows notices and you know your installation is reaally genuine, or even if it's not. The tool can be removed.
http://www.softpedia.com/get/Tweak/Uninstallers/RemoveWGA.shtml
Download and run the tool.
Or alternatively, the manual instructions are Here - Way down the page
1st December 2006
An unpatched Internet Explorer vulnerability has been published in the last couple of weeks. It affects both IE6 and IE7. The Delf-DH trojan is exploiting this vulnerability to install malware from malicious websites.
Until Microsoft issue a patch for the exploit you are advised to use an alternative browser such as Firefox or Opera that does not use IE code.
Mozilla, Firefox and Thunderbird downloads http://www.mozilla.org/products/firefox/ Opera - http://www.opera.com
If you continue to use Internet Explorer, apply the safe settings here. Your browsing may be a little restricted after applying these settings.
Nullsoft, the maker of the popular WinAmp media player has released a patch for a serious flaw in versions 5.11 and 5.12 of the player that could allow an attacker to take control of your PC by simply playing specially crafted songs on a WinAmp playlist. There are a number of malicious websites already exploiting this flaw. Anyone running an affected version of WinAmp could have their PC compromised simply by visiting one of these sites. All users of WinAmp should upgrade to the most recent version immediately.
http://secunia.com/advisories/18649/
http://www.winamp.com/player/
This vulnerability has been officially patched by Microsoft and should be installed on your machine.
Several SonyBMG CDs have been issued in the last 12 months in the USA, Europe and Australia that silently install a rootkit on users' hard drives as part of a DRM (Digital Rights Management) system. The idea was to prevent users copying and burning CDs. But it was poorly developed and left many systems open to exploits. SonyBMG handled the situation badly and left many users with exploitable computers for several weeks.
Microsoft Antispyware, ewido and most Antivirus programs can now “uncloak” the rootkit but the rest of the installation is impossible to remove unless you have considerable technical expertise.