Posted 03/27/09 at 05:53:07 PM by Mark Edward Soper

Microsoft's latest browser, Internet Explorer 8, has gotten mixed reviews from MaximumPC.com readers (see comments here and here), but one question that's hard for any individual user to answer about any browser is "how secure is it?"

To find out, Microsoft asked NSS Labs to pit IE8 RC1 against its predecessor, IE7, as well as the following third-party browsers: Firefox 3.0.7, Safari 3.2, Chrome 1.0.154, and Opera 9.64. The objective: find out which browser did the best job at handling so-called social-engineering malware sites - the ones that try to con you into downloading malware disguised as something else ("Adobe Flash update," anyone?).

ComputerWorld reports that IE8 did the best job of fending off attacks from 492 malware-distributing websites, blocking 69% of attacks (details here [PDF link]). If you're not using IE8, join us after the jump to learn how your favorite browser fared.

Read More

Posted 10/16/08 at 04:07:25 PM by Mark Edward Soper

I know it, you know it, almost everybody that reads Maximum PC knows it - but that doesn't mean that your family, your co-workers, or your bosses know it. What's it? Simply this: Microsoft never - repeat never - sends out security updates via email.

Cnet reports that yet another fake security email purporting to be from Microsoft is busy delivering a nasty Trojan called Haxdoor to unwary emailboxes near you.

The email, ironically enough, claims that "Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users." And, it's signed "Steve Lipner, Directory of Security Assurance, Microsoft Corp."

Well, at least the bad guys got Steve's name right. However, he's actually senior director of security engineering strategy in Microsoft’s Trustworthy Computing Group, according to a recent interview.

The message (minus the Trojan, of course), is available at the Microsoft Malware Protection Center blog, where you can see for yourself the classic hallmarks of a fake message: a shaky command of the English language, sentence construction that's so stiff it belongs on a Victorian-era calling card, and off-the-wall sentiments that show it was adapted from a different con job document: "We apologize for any inconvenience this back order may be causing you." Back order? Whaat? I didn't order any malware!

Already getting calls from frantic family, friends, or co-workers wondering why their PCs have slowed to a crawl or become infested by popups? Join us after the jump for solutions. 

Read More

Posted 09/20/08 at 04:32:15 AM by Pulkit Chandna

Republican vice-presidential candidate Sarah Palin found that she is just as vulnerable in cyber realms as any of us, when hackers wrested control of her Yahoo e-mail id. The hackers released five screenshots of her personal e-mails and photographs.

Both her campaign manager and the FBI confirmed the news of her account being hacked, which began circulating after the appearance of the leaked screenshots on WikiLeaks. You will not be able to have a look at the screenshots yourself, in case your peeping faculties have been roused by the news, as they have been taken down.

The hackers are said to have only counted on their social engineering skills – by collecting or guessing personal information required for password recovery – and Yahoo’s flimsy, lax password-recovery process for breaking into her account. All said, the hack has exposed Palin’s inexpedient habit of conducting state business using a personal e-mail account.

According to Knoxnews, State Rep. Mike Kernell admitted that investigators had quizzed his 20-year old son David Kernell about the hack. Kernell is a Democrat!

Read More

Posted 11/19/07 at 09:37:25 PM by Mark 'Marcus Soperus' Soper

MSN Messenger users, it's time to batten down the hatches as a new IRC Trojan attacks both PCs and virtual network connections. Learn how it works so you can stop it.

Read More