An unpatched critical flaw in 64-bit Windows 7 leaves computers vulnerable to a full 'blue screen of death' system crash.
0-day leaves kernel in the wrong iframe of mind

The memory corruption bug in x64 Win 7 could also allow malicious kernel-level code to be injected into machines, security alert biz Secunia warns. http://secunia.com/advisories/47237

Fortunately the 32-bit version of Windows 7 is immune to the flaw, which has been pinned down to the win32k.sys operating system file - which contains the kernel portion of the Windows user interface and related infrastructure.

Proof-of-concept code showing how to crash vulnerable Win 7 boxes has been leaked:
the simple HTML script, when opened in Apple's Safari web browser, quickly leads to the kernel triggering a page fault in an unmapped area of memory, which halts the machine at a blue screen of death.
 
The offending script is just an IFRAME tag with an overly large height attribute. Although Safari is required to spark the system crash via HTML, modern operating systems should not allow usermode applications to bring down the machine. Microsoft is now investigating the vulnerability, which was first reported by Twitter user w3bd3vil.
Microsoft is racing against hackers tracing the code execution path to discover the underlying vulnerability in Windows 7.

A video of the Safari-triggered crash along with the HTML Proof ofConcept can be seen on YouTube. Other exploit scenarios might also be possible.  http://www.youtube.com/watch?v=u-62ZqrhD2k

I think the solution is to have the web browsing software load in Virtual Memory.  A few years ago there was a program called SafeSpace that loaded all internet-facing applications in a virtual memory area, thus protecting the 'real' system from infections.  If the browser crashed, it crashed the virtual system - not the real system.
SafeSpace was taken off the market, and a few months later Avast Pro anti-virus (www.avast.com) began implementing virtualization in their anti-virus software.
For those interested in testing, I still have a copy of the older SafeSpace software, but I'm not sure if it runs on 64-bit systems as it too was a 32-bit application.

BarryZ

Google published an update to its Chrome browser that addresses 15 security flaws, including six high-risk vulnerabilities, on Tuesday. More details of what's fixed inside Chrome 16.0.912.63, the latest cross-platform version of the browser (yes Mac and Linux fans you ought to update too), can be found here.

After all these years, Adobe says it is working on a fix for another vulnerability in Acrobat and Reader that is being actively exploited in targeted attacks. The flaw is being exploited to crash the applications and take control of vulnerable computers. Adobe is working on a patch for versions 9.X for Windows-based systems only because that is the platform targeted in the attacks. Adobe expects to release the out-of-cycle patch early next week. Fixes for other versions of the programs will be released on schedule in January 2012. The flaw itself exists in versions 10.1.1 and earlier. The flaw is a memory corruption vulnerability. The flaw is being exploited through malicious PDF files that have been sent to several different organizations, including some US defense contractors.
Lockheed Martin has acknowledged that it was targeted in an attack but the attackers were not successful in accessing the company's computer network.

Bottom Line: Remove Adobe and Switch to Fox-It .pdf viewer

BarryZ
 

InfoWorld: "More malware is using Windows Task Scheduler to do its dirty work. Here's how to mitigate this surprising attack vector.
Malware authors have been using the Windows Task Scheduler (or AT.exe jobs) to victimize hosts for at least a decade, but the Stuxnet worm seems to have ushered in a renaissance. Recent Zlob variants have made frequent use of Task Scheduler; the widespread click-fraud Trojan Bamital drew on Task Scheduler as well.

Stuxnet exploited Task Scheduler in a way that was previously unknown -- it was a true zero-day attack. But malware doesn't have to get too fancy to put Task Scheduler to ill use. For example, malware will often create a task that looks for certain preconditions to launch, downloads new malicious code on a schedule, or uses scheduled tasks as a way to always remain in memory. I've seen malware hunters struggle to find out how the malicious code "keeps re-infecting their clean system." Answer: Check the Task Scheduler.

Roger explains the details:
http://www.infoworld.com/t/malware/malware-loves-windows-task-scheduler-177047

!  When you take your computer to a Computer Repair Shop, make sure they turn off the ability for remote computers to add tasks.
BarryZ, 1USA
 

Conficker, also known as Downup, Downandup, Conflicker, and Kido, is a computer worm that surfaced November 21st, 2008 with Conficker.A
It targets the Microsoft Windows operating system. The worm exploits a known vulnerability (MS08-067) in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows 7 Beta.

When executed on a computer, Conficker disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting.

It receives further instructions by connecting to a server or peer and receiving a binary update. The instructions it receives may include to propagate, gather personal information and to download and install additional malware onto the victim's computer. The worm also attaches itself to certain Windows processes such as svchost.exe, explorer.exe and services.exe.

I don't know of ANY 1USA customer getting infected. 
Advice and removal instructions for people who use AOL, MSN, Verizon, Comcast and other ISP services are here.

Keep up on the latest hoaxes that are really dangerous - because they carry along file attachments that try to hack into your computer.

List of current Hoaxes is on TrendMicro.Com

Rogue security programs are on the rise and you really need to be cautious about whose software scans your computer.
There is rogue software out there that lures users everyday.  People who say "I don't know anything about computers" are usually the ones who are most likely to fall prey.

Unbeknownst to them, the "supposed" solution is actually malware itself -- offering little or no real protection, and is often designed to steal personal information.

"PersonalAntivirus" - "Windows Antivirus 2009" and similar names is a rogue anti-spyware application that claims to scan for and remove spyware from users' computers.  It may be downloaded or installed through exploits or under dubious circumstances without user consent. It hijacks the user's desktop and typically displays exaggerated or false claims of spyware found to frighten the user into paying for the program. If a window pops up saying you have a virus or software and it is not your own anti-malware  -- do not run it!!!

1. Trojan-Spy.Win32.Zbot.gen - Trojan

2. Trojan-Downloader.Zlob.Media-Codec - Trojan Downloader

3. Exploit.PDF-JS.Gen (v) - Exploit

4. Trojan.1 - Trojan

5. Trojan.DNSChanger.Gen - Trojan

6. Favorit Network - Adware (General)

7. PersonalAntivirus - Rogue Security Program

8. INF.Autorun (v) - Trojan

9. Trojan.StartPage.HMH - Trojan

10. Virtumonde - Adware (General)

Stay on top of all the real-time threats at Malware Research Labs:

Please take the time to update as soon as possible.
http://www.adobe.com/go/getflash

Details and how to remove the Conflicker worm.  Story at NetworkWorld.Com

Some people have not installed WindowsUpdates yet from October 2008
Remember that inserting a floppy drive, USB memory stick etc into a computer in an office could potentially infect the whole office network if there is a hidden virus on the removable media.

Full story:  http://www.eweek.com/index2.php?option=content&do_pdf=1&id=51251

It's OK to be inquisitive - if you stay on the main websites.  Even visiting 'unknown' websites can infect your computer.
Full story:  http://www.eweek.com/index2.php?option=content&do_pdf=1&id=51272