Meanwhile, MyDoom is back with a new variation that downloads a particularly nasty Trojan called Backdoor.Ratos.A.
The SP2 update adds security features that home users should not be without. If you know a home user who doesnt understand security, make sure they update. Either click on Windows Update from the start menu, or visit the Microsoft home security site.
But since the Service Pack 2 update has the potential to break applications, especially ones in corporate use, many companies are opting not to update until theyve had time to test.
Microsoft, in response, offered a way to disable automatic updating for four months from the public release date. One caveat is that the update disabler needs to be applied to a system before it is updated.
Once youve installed Windows XP SP2 and the new Windows Firewall is enabled, you may find that some programs do not work correctly. This is usually just a simple tweak of the firewall to let the application work with the Web. See our Security Tip for a jumpstart on how to exempt ports and applications in the new Windows Firewall.
A few weeks ago, we told you about a Windows CE concept virus, which had been sent to anti-virus vendors to prove it could be done. But the first Windows CE Trojan, Backdoor.Brador.A, has now been seen in the wild.
According to reports, the Trojan affects Windows CE Version 4.2 (on Pocket PCs) and spreads through e-mail or downloaded programs. The virus requires user interaction to install, either opening the e-mail or downloading the file. Once infected, the virus opens a back door and sends your IP address to the attacker.
MyDoom is back with W32/MyDoom.S-mm. This variation, also known as MyDoom.Q@mm, Worm_Ratos.A, and I-worm.Win32.Ratos, was discovered Sunday and jumped to a medium-level threat very quickly.
While MyDoom.S doesnt really do much, it downloads a particularly nasty Trojan called Backdoor.Ratos.A. See our top threat for more information.
Meanwhile, Netcraft is reporting some encouraging information on phishing sites. According to a June report from the Anti-Phishing Working Group, here in PDF form, the average life of a phishing Web site is just 54 hours.