This Issue Sponsored By

AutoProf

http://www.AutoProf.com/ads/UPDATE_WinInfo_2004_06_07.html

Sponsor: AutoProf

Make every Security Patch, Printer, and Drive Map a policy setting!
Use Group Policy to manage the desktop environment including patches, and use per-policy filtering to prevent unnecessary proliferation of GPOs. Learn why Fortune 500 companies are eliminating the proprietary architectures found in every other desktop management platform. Eliminate unmanageable and costly script-based solutions that don't scale. Apply settings and patches when you want to, not while waiting for an arbitrary event, such as logon/logoff or startup/shutdown. Avoid deployment of point solutions and unify your desktop management under one system. Download a free evaluation of Policy Maker Professional or Policy Maker Software Update. Be the "Policy Maker!" First 250 downloads will get a free "Policy Maker" hat.
http://www.AutoProf.com/ads/UPDATE_WinInfo_2004_06_07.html

===============

In the News

- Spam Volume Reaches Record Levels
- New Adware Scheme Takes Advantage of IE Vulnerabilities

==== In the News ====

by Paul Thurrott, thurrott@winnetmag.com

Spam Volume Reaches Record Levels

Email security firm MessageLabs reported this week that spam volumes recently reached a record 76 percent of all email traffic worldwide. The company based that figure on the more than 1 billion email messages it scanned for customers in May 2004. More than 700 million of those messages were spam, MessageLabs said. Furthermore, almost 10 percent of all email messages carry a malicious virus of some type.
"Email-borne viruses have plagued businesses for years, whereas spam has become the primary pain point only recently and now far surpasses the number of virus-infected emails," MessageLabs Chief Technology Officer (CTO) Mark Sunner said. "In spite of a convergence of attack techniques, the growth patterns remain different. Spam levels follow a constant upward curve while the viral threats remain steady. The only exception is when volumes spike during major outbreaks such as MyDoom or when virus wars break out between the authors." The news casts doubts on legislative-based antispam efforts and suggests that spam-filtering technology is having trouble keeping up with the influx. Indeed, after switching to an excellent server-based spam filter last year, I recently had to augment the filter with client-based tools because the amount of spam in my inbox has grown, once again, to the same levels that existed before I put the server-side spam filter in place. This week alone, I've deleted more than 400 spam messages, all of which made their way, undetected, past the server-side filter.

New Adware Scheme Takes Advantage of IE Vulnerabilities

A malicious adware creator is taking advantage of two vulnerabilities in Microsoft Internet Explorer (IE) to surreptitiously install adware products and pop-up ad generators on users' computers as they browse the Web. The flaws, which let attackers run code on victims' machines and let malicious code bypass IE's security zones, were only recently discovered.
"We consider that any use of an exploit to run a program is a criminal use," Microsoft Security Program Manager Stephen Toulouse said. "We are going to work aggressively with law enforcement to prosecute individuals or companies that do so." Toulouse said that the company is now working with the Federal Bureau of Investigation (FBI) to track down the culprits and that Microsoft will likely issue an IE patch to fix the problem soon instead of waiting for next month's regularly scheduled batch of security fixes.
Although reports vary, the malicious code apparently installs an ILookup search toolbar that changes IE's home page and connects to adware-related sites, generating pop-up windows and, occasionally, even desktop shortcuts. The effects are similar but not identical to the behavior I saw during a recent Trojan attack, which I've documented in three parts in Windows & .NET Magazine UPDATE (see the URLs below). In my case, my machine was infected after I inadvertently turned off Windows Firewall in Windows XP Service Pack 2 (SP2) and used Google to search for video game hints. One of the pages that came up in the Google search results loaded the offending code.

Still Waiting for a Truly Secure System

http://www.winnetmag.com/Article/ArticleID/42787/42787.html

Details About the Trojan Attack

http://www.winnetmag.com/Article/ArticleID/42845/42845.html

My Trojan War Becomes a Quagmire

http://www.winnetmag.com/Article/ArticleID/42944/42944.html

==== Announcement ====

(from Windows & .NET Magazine and its partners)

Does Your Company Currently Use Microsoft Windows NT Server?

If your answer is "yes," Windows & .NET Magazine wants your opinion! Take a short survey, and register to win an Xbox. Click the link below to help us understand why more than 3 million servers currently run NT Server. Give us your opinion about consolidating file print servers and upgrading to Windows Server 2003.
http://websurveyor.net/wsb.dll/12237/ntserver.htm

==== Events Central ====

(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

The Exchange Server Seminar Series Coming to Your City in June

Join industry experts Kieran McCorry, Donald Livengood, and Kevin Laahs for this free event! Learn the benefits of migrating to an integrated communications environment, consolidating and simplifying implementation of technology, and accelerating worker productivity. Register now and enter to win an HP iPAQ and $500 cash!
http://www.winnetmag.com/roadshows/exchange2003

==== Sponsored Links ====

Argent

Comparison Paper: The Argent Guardian Easily Beats Out MOM
http://ad.doubleclick.net/clk;6480843;8214395;q?http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNTTextLink

Microsoft(R) TechNet

Microsoft(R) TechNet Webcasts: essential guidance, industry experts
http://ad.doubleclick.net/clk;7759917;8214395;c?http://www.microsoft.com/technet/community/webcasts/default.mspx

=========

==== CONTACT US ====

About the newsletter -- letters@winnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products@winnetmag.com
About your subscription -- winnetmagupdate@winnetmag.com
About sponsoring UPDATE -- emedia_opps@winnetmag.com

==============
This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z

Manage Your Account

You are subscribed as #EmailAddr#.
You received this email message because you requested to receive additional information about products and services from the Windows & .NET Magazine Network. To unsubscribe, send an email message to mailto:WinInfo-UPDATE_Unsub@list.winnetmag.com. Thank you!

View the Windows & .NET Magazine Privacy policy at

http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All Rights Reserved.