April Email Security News: McAfee update error impacts many systems

McAfee wreaks havoc on corporate systems with bad update. Got a cold sweat when I found out about this one. We are a McAfee partner and many of our customers protect their email with McAfee anti-virus. To McAfee’s credit, we were notified very early about the issue, and we were satisfied with their response. We were informed that a bad update that would detect a virus in svchost.exe did not affect the Windows server versions that our customers use, only a version of XP. So far we have had no reports about customer issues, but remain on alert. Check the McAfee KB for details on the issue. Since the announcement, McAfee have been accused of not responding fast enough or with enough transparency. Our company’s experience was quite the contrary.

Microsoft releases ineffective patch for Windows.I always get nervous when something like this happens, but clearly it can happen to the best of us. My first concern tends to be to our customers, so I quickly check which OS versions are affected. In this case, Win 2000, which we no longer officially support, although we do have a number of customers still using it so we have been monitoring and helping out with issues. I find the statistics published mis-leading: only 0.6% of deployed Windows OSs use Windows 2000. For the percentage to be more meaningful, it should be a percentage of deployed server versions of Windows, because the data includes all the noise from the desktop OSs. Those running server versions of Windows are likely running more critical apps on those systems. By the way, Microsoft just re-issued the security bulletin, now fixed.

Symantec report warns that social nets are goldmines for enterprise cybercriminals. As discussed here in “Anti-social networking, cybercriminals are rushing to the gold in the social networking hills. This is definitely the next front in the security war.

Retailers Testing CAN-SPAM By Making Unsubscriptions More Difficult. Disappointing but inevitable. Those that ignore opt-outs altogether simply make my blood boil but gives me some feature ideas that I will be bouncing off the product team.

ARIN makes a sane decision about IP WHOIS. A proposal to allow for continued cloaking of whois records by commercial IP holders was voted down. I could not agree more. Much was heard at the MIT Spam Conference about how fixing WHOIS should be a priority in the battle against rogue servers and ISPs that are responsible for the vast majority of spam/malware proliferation.

Twitter Spammers get creative with rearranged spelling. Ok, I thought this was joke when I first read it. Are Twitter spammers still living in 2004, or is comment and tweet filtering software so bad that it can’t get by basic spamming techniques that have been effectively nullified for years? What’s next, the inclusion of special characters in the place of letters (V1AGRA)?

Gmail Spam Uses Fake Addresses to Spread Malware. We are seeing the same on our honeypots, as well as other honeypots from which we gather information. Next thing you know, email administrators will be blocking the gmail.com domain, but that might be a little drastic. There are still a lot of techniques up our sleeves for handling this type of spam.

Security too driven by compliance, rather than protection. Fresh perspective on policy management and compliance. Certainly for larger corporations, compliance to specific standards is a major concern. However, for smaller companies the issue should be more about protecting valuable information from getting out the door. The damage resulting from such information leakage more than justifies the cost of the protection.

And finally, what’s a monthly industry news update without the usual point about the increase in spam and malware on the net? There is evidence that a new variant of the Storm worm is back. Recall that this worm was responsible for one of the most infamous spamming botnets. The usual spam uptick during the summer months (due to students looking for extra money among other things) will be that much larger this year. Filtering engines are revving up for the battle as we speak.