once you get past the colourful language from the analyst, it is a very good read & shows what we are up against. Please forgive any errors in language as he doesn’t have English as a first language

This particular one has the ability to replace your existing antivirus with itself & make you think that you are still protected when you aren’t and it installs Zero access rootkit

This is definitely something to watch out for

Once again we need to warn you about a scam involving Microsoft Security Essentials
Security Essentials is a free Antivirus program from Microsoft available to any windows user with a validated copy of a supported desktop version of windows ( XP SP3, Vista SP2 Windows 7 ) You should only download it from the Microsoft Security Essentials website
The scammers have created a look a like site with links to download Security Essentials BUT following the links you have to create a membership with them & pay for the privilege of downloading free software. It is the same scam that I told you about in this post about Adobe Reader
This one appears to be a different bunch of scammers but with the same result. They will clear your credit card & sell all your details to anyone they can.
One malware researcher used their links to download Security Essentials & got a nasty trojan instead of the genuine program

Fake Microsoft Security Essentials site

If you read carefully, you see they do say in the tiny small print that MSE is a free program and you are paying for the benefit and convenience of downloading it from them instead of the approved free Microsoft site

We stress again that http://securityessentials-2011.com is a scam site that is trying to steal your money and is not to be trusted . Only download Microsoft Security Essentials direct from Microsoft

The installer for this piece of malware is detected by several Antiviruses currently as shown on this Virus Total report page

If you are unfortunate to be infected by this piece of scamware, it can be difficult to remove. Don’t fall for all the other scams on the net saying you need to buy other software to remove it. Ask for help on our malware cleaning forum http://thespykiller.co.uk

If it wasn’t so serious for the poor infected victim who falls for the scam from a lot of website owners who push certain anti-malware programs ( for high commissions)  that tend not to fix what they say they do , this would be very funny

Read the full story of how S!ri got his own back on them and exposed them for the fraudsters they are

 S!Ri.URZ: Secure Shield fake rogue.

The Windows 7 numbers are spectacular for an operating system that
hasn’t yet released for global availability. Even better, about 1/3rd
of Windows 7 Microsoft Security Essentials machines are 64-bit, which is
even more resistant to malware than 32-bit due to PatchGuard.

By looking at detections divided by active Microsoft Security Essentials
machines over the whole population, we see far more detections per XP
machine, with the fewest from Win7. This follows our usual observed
trend of seeing less malware on newer OSes and service packs.

The especially dangerous thing about these messages is that they are very deceiving.

 The messages and attack pages are personalized for the To: email address to imply the message is being sent from tech support of the domain.

The URL in the email looks like it leads to the company’s own OWA system.

 We have seen upwards of 30,000 of these messages per hour and they have low AV detection.

via Outlook Web Access Social Engineering Malware Scam – Security Labs Alert.

BBC News has seen a list of more than 10,000 e-mail accounts, predominantly originating from Europe, and passwords which were posted online.

Microsoft said it had launched an investigation.

Phishing involves using fake websites to lure people into revealing details such as bank accounts or login names.

“We are aware that some Windows Live Hotmail customers’ credentials were acquired illegally and exposed on a website,” said a Microsoft spokesperson.

“Upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers.”

Graham Cluley, consultant at security firm Sophos, told BBC News the published list may just be a subset of a longer list of compromised accounts.

“We still don’t know the scale of the problem,” he told BBC News.

Technology blog neowin.net was the first to publish details of the attack. It said the accounts were posted on 1 October to pastebin.com, a website commonly used by developers to share code.

Although the details have since been removed, BBC News and Neowin has seen a list of 10,028 names beginning with the letters A and B.

BBC News has confirmed that the accounts are genuine and predominantly originate in Europe.

The list included details of Microsoft’s Windows Live Hotmail accounts with email addresses ending hotmail.com, msn.com and live.com.

Mr Cluley advised Hotmail users to change their password as soon as possible.

“I’d also recommend that people change the password on any other site where they use it,” he said.

Around 40% of people use the same password for every website they use, he added.

Hotmail is currently the largest web-based e-mail service.

via BBC NEWS | Technology | Phishing attack targets Hotmail.

Microsoft’s new free Security Essentials pack for Windows—it works with XP, Vista and the upcoming Windows 7—is being put through its paces by several security experts. And although they’re quick to point out that a free solution like Security Essentials isn’t ideal, it’s actually doing a fine job of stopping malicious programs from wreaking havoc on Windows installations.

But there’s still some doubt in the marketplace over the value of Security Essentials. In many cases, consumers and small companies are wondering if they need to install it on their computers or go with another alternative that doesn’t have Microsoft’s logo affixed to it. Although Microsoft has had a spotty record in the past dealing with security problems, its Security Essentials pack seems ideal for those users.

Here’s why:

1. Microsoft cares about security

An argument could have been made a few years ago that Microsoft didn’t spend nearly as much time as it should have focusing on security, but that’s not true today. Microsoft is firmly focused on improving security in all its platforms. Microsoft Security Essentials is simply the first step toward that goal of securing the Windows operating system.

2. Microsoft can be trusted

Although many people have become disenchanted with Microsoft after its Vista blunder, the company can be trusted. I think it learned its lesson. Microsoft Security Essentials is a reflection on that. The software is capable, it keeps users safe and, most importantly, it’s free. Microsoft isn’t trying to make a buck on security. It’s trying to make its software more secure.

3. There’s nothing to lose

It might seem that Security Essentials is just another attempt to keep corporate computers safe, but what does it hurt to deploy it

via Microsoft Security Essentials for Windows: 10 Benefits for Businesses.

Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.

Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.

Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

Early testing shows it to be a good basic antivirus without any frills