One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Users must upgrade to a newer edition of Skype before those editions are put to pasture.
“We are going to retire older versions of Skype for Windows desktop (6.13 and below) as well as Skype for Mac (6.14 and below) over the next few months,” Skype said in a post last Friday.
Skype is a division of Microsoft, which acquired the chat and over-IP phone software company in 2011 for $8.5 billion.
Skype for Windows 6.13 shipped in January 2014, while Skype for OS X 6.14 reached users in February. Those versions, and any earlier, are the ones marked for retirement.
The current versions of Skype are 6.16 for Windows and 6.18 for OS X.
Skype did not spell out what it meant by “retire” in the blog post — whether the older software will simply not be supported or that only the most recent versions will work with the network — but Microsoft clarified the situation. “Once a version is retired, users will no longer be able to sign into the retired version until they upgrade to the latest version of Skype,” a Microsoft spokesperson said in an email reply to questions.
While Skype did not elaborate on why it’s pushing the older editions into retirement, it was reminiscent of moves that Microsoft itself has taken. In April, for example, Microsoft required customers running Windows 8.1, the upgrade released last October, to migrate to Windows 8.1 Update by June 10 or lose patching privileges.
Microsoft did the same with Internet Explorer 11 (IE11) on Windows 7, giving consumers until June 10 to apply an April update.
In both those cases, Microsoft said it was setting a “new servicing baseline” with the mandated editions.
The newest versions of Skype for Windows desktop and OS X can be downloaded from the division’s website.
The Internet Explorer Developer Channel, which can be downloaded for Windows 8.1 and Windows 7 SP1, runs independently of the user’s copy of IE, allowing programmers to test the newest browser features without disrupting their current browser settings.
The Internet Explorer Developer Channel will offer an early version of IE while it is still being worked on by Microsoft programmers. Developers can preview features planned for the upcoming editions of the browser to help them better build Web applications and pages that use the new capabilities.
Microsoft also hopes that developers will offer feedback, so the company can better implement the pending features.
The developer version offers a sandbox-like testing environment so it does not interfere with the user’s IE browser profile. The browser does not run as quickly as the standard edition of IE and because it is a beta version, should not be used in production environments.
With the test version, Microsoft is replicating the fast development environments used by other browser makers.
Mozilla offers nightly builds of the next version of the Firefox browser under development. Google also offers developer versions of its Chrome browser.
Microsoft plans to issue frequent updates to the test version of IE, announcing them through the DevChannel.Modern.IE developer resource site.
Microsoft’s browser also comes with F12 Developer Tools, designed to help debug and optimize Web pages and Web applications.
Malwarebytes has launched anti-exploit services to protect Windows users from hacking attacks on vulnerabilities in popular targets including Microsoft Office, Adobe software products and Java, a service which even offers protection for Windows XP users.
Consumer, Premium and Corporate versions of the service are available, and are designed to pre-emptively stop hackers from infecting Windows machines with malware.
“An exploit will typically first corrupt the memory of an application process, take control, then execute code,” said Malwarebytes director of special projects Pedro Bustamante.
“From the shell code it executes a payload that tells the exploit what to do and that in turn usually downloads malware from the internet and executes it. The final stage is usually where antivirus kicks in, when it’s being downloaded from the internet, and starts doing things like behavioural analysis to see if it’s malicious.
“We don’t care about that, what we do comes before then. We just look for exploit-like behaviour and block anything that looks like it at the shellcode or payload stages. We come into play before the malware even appears on the scene.”
The Consumer version of the anti-exploit service is free and offers basic browser and Java protection.
The Premium version costs $37.00 per user and adds Office and Adobe protection services as well as the ability to add custom shields to other internet-facing applications, like Messenger or Netflix.
The Corporate version costs$40.00 person user and offers complete anti-exploit protection and comes with Malwarebytes’ Anti-malware service and a toolkit for IT managers.
Bustamante explained that the technology is designed to help businesses and general web users defend against the new wave of exploit-based cyber attacks.
“Traditional security can’t deal with exploits. Every day we see people getting infected, even if they have the latest up-to-date antivirus readers, because of exploits,” he said. “This is why we care about the applications you run – Firefox, Chrome, Internet Explorer, Java, Acrobat [and Microsoft] Word, Excel [and] Powerpoint.”
Bustamante added that the service is doubly important for Windows XP users since Microsoft officially ceased support for the OS in April.
“We’re still seeing over 25 percent of our users running XP. For them this product is even more important,” he said.
“We see new zero-days if not every week, every month, and for XP users who are not getting any more patches from Microsoft this product will be essential.
“Every month Microsoft will be releasing security patches for newer versions of Windows. Every time Microsoft does this it’ll be a treasure map for hackers to find exploits on Windows XP.
“It’ll show them exactly where the vulnerabilities are, so every month will see an influx of new exploits targeting Windows XP.”
As Windows XP continued its descent into obsolescence, users who deserted the obsolete operating system shifted to Windows 7, not the newer Windows 8, more circumstantial evidence that commercial customers, not consumers, now drive PC sales.
Data from analytics vendor Net Applications showed Windows XP dropped one percentage point in user share last month, ending May with 25.3% of all desktop and notebook systems. It was the third consecutive month that XP shed one or more points of user share.
Most of May’s lost XP share showed up on Windows 7, which gained eight-tenths of a point to reach 50.1%, the first time the 2009 OS has reached that milestone. Meanwhile, Windows 8 grew four-tenths of a percentage point, ending with a user share of 12.6%.
For the first time, Windows 8.1 accounted for more than half of the combined user share of it and the original Windows 8.
The rise of Windows 7 had been predicted by researchers who have noted a temporary boom in personal computer shipments to businesses as they rushed to throw XP on the ash heap. IDC, for example, has said commercial sales of PCs have climbed by double digits this year compared to last, but that consumers sales have sunk by similar rates.
Net Applications’ statistics can be interpreted as proof of those trends, with Windows 7 — the standard corporate OS now that XP has waned — on the upswing at double the rate of Windows 8/8.1 because of the continued slump in consumer PC purchases. Most consumer-grade personal computers are now equipped with Windows 8.1.
In two of the last three months, Windows 7′s gains have outpaced those of Windows 8.
The latter also continued to flirt with comparisons to Windows Vista, the 2007 Microsoft failure: At the 19-month mark, Windows 8 was barely ahead of Vista’s share of all PCs running Windows.
Unless consumer PC sales pick up in a big way later this year, as some forecast or at least hope, or Windows 8 becomes acceptable to businesses, which virtually no one believes is in the short-term cards, Windows 7 will continue to gain ground as all traces of XP are slowly scrubbed from enterprises, a process that will take much of 2014 in the U.S. and longer elsewhere.
The Central Government Procurement Center issued the ban on installing Windows 8 on government computers as part of a notice on the use of energy-saving products, posted on its website last week.
The official Xinhua news agency said the ban was to ensure computer security after Microsoft ended support for its Windows XP operating system, which was widely used in China.
Neither the government nor Xinhua elaborated on how the ban supported the use of energy-saving products, or how it ensured security.
China has long been a troublesome market for Microsoft. Former CEO Steve Ballmer reportedly told employees in 2011 that, because of piracy, Microsoft earned less revenue in China than in the Netherlands even though computer sales matched those of the U.S.
Microsoft declined to comment.
Last month, Microsoft ended support for the 13-year-old XP to encourage the adoption of newer, more secure versions of Windows. This has potentially left XP users vulnerable to viruses and hacking.
“China’s decision to ban Windows 8 from public procurement hampers Microsoft’s push of the OS to replace XP, which makes up 50 percent of China’s desktop market,” said data firm Canalys.
Microsoft terminated Windows XP support on Tuesday when it shipped the final public patches for the nearly-13-year-old operating system. Without patches for vulnerabilities discovered in the future, XP systems will be at risk from cyber criminals who hijack the machines and plant malware on them.
During an IRS budget hearing Monday before the House Financial Services and General Government subcommittee, the chairman, Rep. Ander Crenshaw (R-Fla.) wondered why the agency had not wrapped up its Windows XP-to-Windows 7 move.
“Now we find out that you’ve been struggling to come up with $30 million to finish migrating to Windows 7, even though Microsoft announced in 2008 that it would stop supporting Windows XP past 2014,” Crenshaw said at the hearing. “I know you probably wish you’d already done that.”
According to the IRS, it has approximately 110,000 Windows-powered desktops and notebooks. Of those, 52,000, or about 47%, have been upgraded to Windows 7. The remainder continue to run the aged, now retired, XP.
John Koskinen, the commissioner of the IRS, defended the unfinished migration, saying that his agency had $300 million worth of IT improvements on hold because of budget issues. One of those was the XP-to-7 migration.
“You’re exactly right,” Koskinen said of Crenshaw’s point that everyone had fair warning of XP’s retirement. “It’s been some time where people knew Windows XP was going to disappear.”
But he stressed that the migration had to continue. “Windows XP will no longer be serviced, so we are very concerned if we don’t complete that work we’re going to have an unstable environment in terms of security,” Koskinen said.
According to Crenshaw, the IRS had previously said it would take $30 million out of its enforcement budget to finish the migration.
Part of that $30 million will be payment to Microsoft for what the Redmond, Wash. developer calls “Custom Support,” the label for a program that provides patches for critical vulnerabilities in a retired operating system.
Analysts noted earlier this year that Microsoft had dramatically raised prices for Custom Support, which previously had been capped at $200,000 per customer for the first year. Instead, Microsoft negotiates each contract separately, asking for an average of $200 per PC for the first year of Custom Support.
Using that average — and the number of PCs the IRS admitted were still running XP — the IRS would pay Microsoft $11.6 million for one year of Custom Support.
The remaining $18.4 million would presumably be used to purchase new PCs to replace the oldest ones running XP. If all 58,000 remaining PCs were swapped for newer devices, the IRS would be spending an average of $317 per system.
At first, the Latitude 12 looks like a laptop. But within the display panel, the screen rotates 180 degrees and the laptop turns into a tablet once placed on the keyboard.
The new Latitude 12 laptop is part of a new Rugged Extreme line of laptops, which also includes the Rugged Extreme 14. The new laptops are robust and can withstand six-foot drops and remain protected from extreme weather conditions.
The laptops have hard covers that add a layer of protection, but also make the products heavy. The Latitude 12 Rugged Extreme weighs 2.72 kilograms with a four-cell battery, while the 14-in. counterpart weighs 3.54 kilograms with a six-cell battery and no optical drive.
The laptops can also withstand solar radiation, “explosive atmosphere” and weather ranging from -20 degrees to 145 degrees Fahrenheit (-29 degrees to 63 degrees Celsius), according to specifications provided by Dell. The products are targeted at field workers like emergency responders and the military, and will compete against Toughbook rugged laptops from Panasonic.
The Latitude 12 rugged laptop has a starting price of $3,649, while the Latitude 14 begins at $3,499. The laptops will ship next month.
The hybrid design in Latitude 12 has been borrowed from the company’s XPS 12 Ultrabook Touch, which has a 12.5-inch screen that can similarly flip to turn the laptop into a tablet. The resistive touch screens on both laptops can show images at a resolution of 1366 x 768 pixels.
The laptops will have storage options of up to 512GB solid-state drives. Users can configure the laptop with Intel’s latest fourth-generation Core processorscode-named Haswell. The laptops will come with either Windows 8.1 or 7, or Ubuntu Linux operating systems.
Other features include support for up to 16GB of DRAM, Wi-Fi and Gigabit Ethernet through a connector. The laptop also has USB 3.0, USB 2.0, VGA and HDMI ports. Mobile broadband and docking are available as options.
Volta was previously supposed to follow in the footsteps of Maxwell, which is rolling out this year, at least this was the case last time we saw Nvidia’s roadmap.
Things changed today at the Nvidia’s GPU technology conference, Jen Hsun Huang, the CEO of Nvidia just showed an updated roadmap with Pascal replacing the Maxwell architecture at some point in 2016.
Volta is currently scheduled to come after Pascal, so definitely from late 2016 onwards. Nvidia told us that the Pascal got pulled in and the module that was shown at the keynote is meant for the increasingly popular HTPC form factor.
To clear any possible confusion, Pascal will make it to mobile, desktop, graphics card factors, so there is nothing to worry about. Just like Maxwell it will show up in all segments where Nvidia needs an up to date GPU.
Volta is now coming after Maxwell, that is the official line. Pascal comes in a unique form factor that opens up a lot of opportunities, but again this very unique chip with stacked memory and NVlink communication is happening in late 2016, quite some time from now.
It looks like the security industry has seen money in propping up the elderly Window XP software. Malwarebytes has released Anti-Malware Premium, a new tool designed to protect home PCs against what it calls advanced criminal software which traditional anti-virus cannot detect.
However, what is interesting is that the outfit is claiming that it will support XP users for life. Apparently, they make up 20 per cent of Malwarebytes’ user-base and could be at greater risk when updates stop on April 8. So it could be marketing, but it could indicate that Redmond might have difficulty killing off the OS if it is being propped up by the security industry.
Malwarebytes Anti-Malware Premium apparently uses Anti-Rootkit technology, which rips out and fixes the damage done by malicious software hiding at an extremely deep-level in the operating system. Premium has added updated malicious URL blocking and enhanced protection from unwanted programs such as aggressive adware and toolbars. A new user interface and ultra-quick threat scan, ensure the product is easy to use.
Malwarebytes Anti-Malware Premium is available from the online store for an annual subscription of $24.95, and provides coverage for up to three PCs. Users with existing lifetime licenses for Malwarebytes Anti-Malware PRO will receive a free upgrade to the new product.
On its online Microsoft Store, the Redmond, Wash. company is giving a $50 gift card to customers who buy one of 16 Windows 8.1 notebooks, desktops, tablets or 2-in-1 hybrids. The card is good for future purchases at the e-store.
Microsoft kicked off the deal on March 4; it ends April 30.
The move was the latest in a series to convince customers to ditch the 13-year-old XP, which was sold on new PCs as recently as October 2010. Microsoft will issue the final public patches for XP security vulnerabilities on April 8.
The 16 devices that come with the $50 incentive include four notebooks, four all-in-one desktops, four tablets and four hybrids, all which run Windows 8.1. Prices range from a low of $229 (for a Dell Venue 8 Pro tablet) to $1,299 (for an HP Envy Recline 27-in. all-in-one). Prices of the four notebooks run from $279 (Asus VivoBook) to $699 (Dell Inspiron). All are touch-enabled.
Customers who buy one of the 16 devices will also receive 90 days of free telephone and live-chat support, and can download Laplink Express, thefree file- and settings-transfer tool Microsoft announced last week that is available to anyone, not just those who purchased a new system.
Although Microsoft has beaten the dump-XP drum for almost three years, in the last few months it has gotten more specific, telling customers that they should upgrade their existing PCs to Windows 8.1 or buy a new computer running that operating system. Both those solutions have been met withincredulity and derision by users stuck on XP, who have suggested Microsoft try other strategies to reduce the old OS’s footprint, including reviving Windows 7 at retail — most XP PC owners are suspicious of Windows 8.1′s sweeping changes — and offering deep discounts on new devices.
But the company’s use of the $50 gift card shows that, even at this late date, Microsoft is not interested in a radical solution to XP’s refusal to die. According to metrics firm Net Applications, XP currently powers 29.5% of all the world’s personal computers, and 32.2% of those running Windows.
ATMs running XP Embedded are not affected because Microsoft is not cutting off its support until 2016.
The process of upgrading to an alternative such as Windows 7 is both complicated and expensive for ATM operators – with many older machines needing to be altered one by one. Most are not expected to have made the switch within the next month.
JPMorgan has bought a custom one-year tech support agreement from Microsoft and will not begin migrating its 19000 machines to Windows 7 until July, the bank has told Bloomberg. Wells Fargo and Citi say that they are working on upgrading their networks.
It’s not just ATMs that are at risk – Microsoft recently warned that the Indian banking industry’s reliance on XP could put more than 34,000 branches at risk.
In a notice on its site, the PCI SSC is urging firms to take the plunge: “Don’t make yourself an easy target, talk to your technology provider today and make sure your PC and systems are not putting your customers’ confidential payment card data and your business at risk.”
Intel has released details about its new Xeon E7 v2 chipset. The Xeon processor E7 8800/4800/2800 v2 product family is designed to support up to 32-socket servers with configurations of up to 15 processing cores and up to 1.5 terabytes of memory per socket.
The chip is designed for the big data end of the Internet of Things movement, which the processor maker projected will grow to consist of at least 30 billion devices by 2020. Beyond two times better performance power, Intel is promising a few other upgrades with the next generation of this data-focused chipset, including triple the memory capacity, four times the I/O bandwidth and the potential to reduce total cost of ownership by up to 80 percent.
The 15-core variants with the largest thermal envelope (155W) run at 2.8GHz with 37.5MB of cache and 8 GT/s QuickPath connectivity. The lowest-power models in the list have 105W TDPs and run at 2.3GHz with 24MB of cache and 7.2 GT/s of QuickPath bandwidth. There was also talk of 40W, 1.4GHz models at ISSCC but they have not been announced yet.
Intel has signed on nearly two dozen hardware partners to support the platform, including Asus, Cisco, Dell, EMC, and Lenovo. On the software end, Microsoft, SAP, Teradata, Splunk, and Pivotal also already support the new Xeon family. IBM and Oracle are among the few that support Xeon E7 v2 on both sides of the spectrum.
This should not come as much of a surprise to most people in the loop, but Nvidia’s next generation GPU architecture codenamed Maxwell does not support DirectX Next aka DirectX 12. The reason is rather simple as the new DirectX next is still under development and Microsoft still hasn’t locked down the final specification.
From what we heard, DirectX Next actually fixes a lot of latency related issues that are present in DirectX 11 and earlier versions. The new DirectX should have lower driver latency something that developers have complained for quite some time but we are not aware of any major feature set that will come with the DirectX Next.
Since the Maxwell core launches in Q1 2014, probably March, support was not possible and most likely you will have to wait for Volta graphics to support it in a year or two. In case AMD’s Mantle delivers as much as 45 percent performance boost as AMD claims in Battlefield 4, this might put a lot of pressure on Microsoft to speed up development. This might force Microsoft to solve long standing issues including driver latency. On a side note, we don’t have any info on AMD’s DirectX plans, either.
Maxwell is expected to deliver huge gains in performance per watt and will put another flavour on the graphics market. It will also be used in next generation Tegra products and Nvidia is also planning to license Maxwell IP to other ARM players, taking on the likes of Imagination, Vivante and ARM’s Mali business.
Windows 8 surged in December to end the year with almost 12% of the user share of all Windows desktops, while the slated-for-retirement Windows XP restarted its decline after a two-month pause, a Web analytics company said on Thursday.
Both were good signs for Microsoft, which has bet its future on Windows 8 and implored customers to abandon the aged Windows XP.
According to Net Applications, Windows XP fell 2.2 percentage points in December to 29% of all desktop and notebook computers worldwide, the first time it breached that 30-percent barrier. But the 12-year-old operating system still accounted for nearly a third — 32% — of Windows-powered PCs.
Meanwhile, Windows 8′s and 8.1′s combined user share of all computers reached 10.5%. Of the systems running Microsoft’s OS, Windows 8/8.1 owned a user share of 11.6%.
Both operating systems had taken a break in October and November from earlier trends: Windows XP’s gradual decline and Windows 8′s deliberate growth.
Their December changes were the largest since September, Net Applications data showed.
The gain by Windows 8 and 8.1 was likely due to new PC purchases in the last month of 2013: Most consumer systems come equipped with the newest version, Windows 8.1, which accounted for 34% of the combined total, up from November’s 28%.
Windows 8′s increase put some more distance between it and Windows Vista, the 2007 OS bust: The gap between it and Windows 8 increased by seven-tenths of a percentage point in December.
But Windows 8 remained far behind Windows 7′s adoption. Fourteen months after its debut, Windows 7 powered 23.1% of all Windows systems, nearly twice that of Windows 8. In fact, Windows 7 grew its user share last month, adding nine-tenths of a percentage point to end December at 47.5% of all computer operating systems, and at 52.4% of those running a flavor of Windows. Both were records for the 2009 operating system, hinting that it will remain a standard for years to come.
The decline in Windows XP may have contributed to the increase of Windows 7 as well as Windows 8 and 8.1, as some users migrated from the 2001 OS to Windows 7 as a way to forestall trying the radically-redesigned Windows 8. Most businesses, analysts have said, will stick with Windows 7 as long as possible rather than incur the costs of another migration.