The last week has been quite busy even though it was Easter holiday season. Microsoft released 8 security bulletins with Updates for the affected software last Tuesday. 5 of them are rated critical and concern Wordpad and the Office Text converters, Windows HTTP services, DirectShow, Internet Explorer and Excel. The security hole in PowerPoint is still unpatched though. Apply those patches immediately if you haven’t done so yet as exploit code for those vulnerabilities is publicly available.
The conficker worm started downloading updates. Interestingly it doesn’t use some of those 50.000 domains it generates on daily basis, but a Peer-to-Peer-network which it has functionality built-in for. Users of Avira security solutions are safe from the threat as the new variants spread this way got generically detected as TR/Crypt.XPACK.gen. Additionally, our Virus Lab added the detection Worm/Conficker.D so the malware can be better identified.
The media got hit by reports about a juvenile bored programmer who wrote and released 5 Twitter worms in short time. As excuse he told the media, he got no answer or reaction from Twitter when contacting them. After that, some web design company found his skills to be impressing and hired him. I wouldn’t want my web page be programmed by someone writing malware though.