It seems that the fight with the Stuxnet worm isn’t over as new variants of the worm were discovered and reported by the ESET blog.

The post by Pierre-Marc Bureau goes on to say:

“We have identified a new family that exploits this unpatched vulnerability in order to spread, which we have labelled Win32/TrojanDownloader.Chymine.A. At the time of analysis, this threat downloads and install a key stroke logger which we detect as Win32/Spy.Agent.NSO trojan. The server used to deliver the components used in this attack is presently located in the US, but the IP is assigned to a customer in China.

Minutes after identifying this new attack, we observed a known threat, Win32/Autorun.VB.RP, which has been updated to include the CVE-2010-2568 exploit as a new propagation vector. Win32/Autorun.VB.RP seems to download and install additional components on infected machines.”

While Microsoft has yet to release an official patch to address the problem, it has released a workaround solution on its support site. The workaround will disable .LNK and .PIF file functionality on most Windows machines. Microsoft also offers an undo option for the workaround should users change their minds after implementation.

If you want the old menu layout, just click on “alt” or click on the Firefox button -> Customize. Users of older versions of Windows will see the old menu layout by default.

Another thing testers will notice right away, is the placement of the tabs on top.

The tabs can be brought back to their old spot with ease if you decide you like the old placement better.

Talking about tabs, you can switch to your open tabs through the awesome bar as well.

Firefox 4 supports CSS3 and HTML5 in case you were wondering. The added crash protection prevents the whole browser from crashing when a problem is encountered with Flash, Silverlight, or Quicktime plugins. You’ll only need to reload the page.

Only a Windows version of the Firefox 4 beta is available for now but Mozilla has said that Mac and Linux versions are coming soon. For those interested in keeping up with the latest developments, head over to the dev blog.

Keep in mind that this is first beta and that a lot of features haven’t been added yet. This is the time when the developers want your feedback.

Internet Exporer 9 Fish Tank Demo Rendered By The Canvass Element

Internet Exporer 9 Asteroid Belt Tank Demo Rendered By The Canvass Element

According to the IE Blog:

“The third Platform Preview of Internet Explorer 9, available now, continues the deep work around hardware acceleration to enable the same standards-based markup to run faster. This is the latest installment of the rhythm we started in March, delivering platform preview releases approximately every eight weeks and listening to developers. You’ll see more performance, same markup, and hardware accelerated HTML5.”

Fair is fair. It does look good. The question is, will it be adopted by next versions of other browsers as well? We’ll see.

Image taken from Google Blog

Here’s an excerpt from Google Blog’s announcement:

“With Caffeine, we analyze the web in small portions and update our search index on a continuous basis, globally. As we find new pages, or new information on existing pages, we can add these straight to the index. That means you can find fresher information than ever before—no matter when or where it was published.”

This should be good news for publishers who’ve wanted their content indexed faster than the way the old system worked. Still, we’re waiting to see if the new index will give lesser sites a better chance of showing up on the first few pages of search results.

Here’s what AT&T told Gawker about the incident:

“AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.

This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.

The person or group who discovered this gap did not contact AT&T.

We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained.

We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.”

At least it was better than saying “oops” right?

[High Five to Ryan Tate]

Microsoft has sent out a warning of a vulnerability found in the 64-bit Windows 7. The vulnerability was found in cdd.dll or Windows Canonical Display Driver on 64-bit systems of Windows 7 and Windows Server 2008 R2 that have the Aero theme installed. Since this is the default on most Windows 7 systems, we’re talking of a lot of possible victims.

Microsoft’s security advisory stated:

“If exploited, it would likely cause the affected system to stop responding and restart. Code execution, while possible in theory, would be very difficult due to memory randomization both in kernel memory and via Address Space Layout Randomization (ASLR).”

The advisory suggests users disable the Aero theme to prevent possible exploits. The next scheduled security update is slated for early June so disabling the theme in question is the best option for now.

The software installs Arucer.dll which is a backdoor designed to accept connections via port 7777 and is capable of sending and receiving files, listing directories, and executing programs on the infected computer.

If your computer has been infected, uninstall the software and delete Arucer.dll located in the Windows system32 directory. Reboot your computer. If you can’t delete the file, try rebooting before attempting to delete the .dll. For added technical information, take a look at US-CERT’s advisory.

[Energizer Bunny Image Courtesy of DragoArt]

“Internet Explorer Six, resident of the interwebs for over 8 years, died the morning of March 1, 2010 in Mountain View, California, as a result of a workplace injury sustained at the headquarters of Google, Inc. Internet Explorer Six, known to friends and family as “IE6,” is survived by son Internet Explorer Seven, and grand-daughter Internet Explorer Eight.”

I wish we could put a few other apps to rest as well.

Why the name? Well, part of the malware’s commented code contains the phrase “in nome di Chuck Norris” or “in the name of Chuck Norris”, and we all know that Chuck can break anything right?

The botnet resides in the router’s RAM so a restart should get rid of it. To prevent infection, just make sure you have a good password preferably something different than the default one. Finally, what’s an article about Chuck without a picture right? Here you go.

[High Five to Robert McMillan]

Not really hard to find but not instantly viewable either. Users can click on the link to activate the feature, or they can log into their YouTube account before turning on Safety Mode so the feature becomes the default setting for their account. Any search done once the feature is activated will filter results with violent or adult content.

How effective this will be depends on the parents and the age of the children browsing YouTube. Still, it’s a step in the right direction and some praise should be given to the site although they could make the link more visible by putting it on the top of each page.

Here’s a video of how YouTube’s Safety Mode works: