Small red umbrella triggers Win 7 mystery loophole

According to foreign media reports, German anti-virus software developer Avira (Little Red Umbrella) recently said that they will fix a mysterious loophole when Windows 7 executes disk detection commands. In addition, hackers are spreading a computer virus through spam, which induces recipients to visit a fraudulent website that claims to provide a vaccination. Avast! This anti-virus software from the Czech Republic now has many users in China. Free and powerful is an important factor in its success. Avast! Another one is also impressive, that is, occasional false positives, today avast! After updating the virus database, there has been a wide range of false positives.

1, small red umbrella triggers Windows 7 mysterious vulnerability

According to foreign media reports, German anti-virus software developer Avira (Little Red Umbrella) recently said that they will repair Windows7 to perform disk detection commands A mysterious loophole.

As early as the testing phase, the test of the famous IT magazine "InfoWorld" showed that when running chkdsk.exe to scan from the hard disk, it will trigger a memory leak, causing the PC to stop running normally. "InfoWorld" pointed out that because the system administrator will run chkdsk.exe more often, the problem will have more impact on the IT system administrator than the average user.

It is reported that the only way to prevent chkdsk boot scan is to disable this feature.

Microsoft has not commented on this issue, but some netizens said in blogs and forum comments that the vulnerability is related to Avira anti-virus software.

At present, Avira has admitted that there may be problems with itself and other anti-virus software developers. Avira's technical editor Dirk Knop said in the AviraTechBlog blog: "According to our current investigation, this problem may occur under certain circumstances. It may cause problems when performing operations on a deleted file. "

This will cause the NTFS hard disk/Windows 7 kernel to assume that the file system is corrupted and set the corruption flag for the NTFS partition. This in turn causes the system to perform a chkdsk scan on the next boot. In earlier versions of the Windows kernel, the operating system only returned an error report.

Avira also added that many other anti-virus software products will trigger the same problem, and Avira will release a hot fix for this issue this week.

Knopp said that Microsoft itself may also release Windows updates for this issue.

2, vigilance: hackers use a stream of vaccine to spread computer viruses

According to foreign media reports, hackers are spreading a computer virus through spam, mail-induced recipient access A fraudulent website that claims to provide a stream of vaccinations.

Researchers at Symantec and AppRiver, a network security company, said the autologs from the US Centers for Disease Control and Prevention led people into a website that appeared to be the official website of the government, filling out a vaccination form.

Network security researchers say they found millions of such spam on Tuesday that could be poisoned by malware, allowing hackers to control those computers.

Then the hacker-controlled website will automatically download the malware to the victim's personal computer.

Once a computer is controlled by a hacker, the hacker can steal the user's identity, attack other computers or turn it into a spam server.

Hackers generally use the topic of current news hotspots to create scams. For example, hackers have recently used Tiger Woods' car accidents and the recently started shopping season to launch attacks.

3, avast! After the update today, there is a wide range of false positives

avast! This anti-virus software from the Czech Republic now has many users in China, free and powerful is its success Key factor. Another thing that avast! is also impressive is that there are occasional false positives.

Today, avast! After updating the virus database, there was a wide range of false positives. The main performance is that some commonly used programs are falsely reported as Trojans. According to the survey, the current 4.8 official version and 5.0 beta version have been affected by this false positive. The virus database version of this false positive is "2009-12-03-0", and the user whose virus database update is set to manual update is temporarily unaffected.

For users who have updated the virus database, you can temporarily disable avast!, then open the program to avoid false positives, or wait for the avast! official virus database to update to completely solve this problem.

Update: avast officially updated the virus database at noon, and the virus library version of "091203-1" has corrected the more serious false positives today.

4. Hacking phishing targets targeting Google and Yahoo users

Google and Yahoo have become an e-mail service provider network that has become a user password for betting on hackers’ accounts. One member.

The previous day, Microsoft prevented hackers from plundering password information into the Hotmail account and posting it online. The list of victims is expanding, including a range of users of email services.

We recently learned about a phishing scheme, a hacker who obtained user credentials for an email account through the site, including a handful of Gmail accounts.

We must learn the lessons of this kind of cyber attack. If we have become their target, we will have to reset the affected account password. In addition, we will continue to enforce additional account password reset. Google responded to AFP investigations. We know that Yahoo's limited number of IDs may have been made public. Yahoo mentioned it in a statement to AFP.

Online fraud and phishing attacks are a continuing and industry issue. In response to AFP’s inquiry, AOL Time Warner’s subsidiary said that they would closely monitor the situation.