Consumer software and hardware

An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs.

"Today one of our colleagues received a brand new Vodafone HTC Magic with Google's Android OS," researcher Pedro Bustamante wrote on the Panda Research Blog on Monday.

"The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious," he wrote. "A quick look into the phone quickly revealed it … Read more

Microsoft warned of a new vulnerability in Internet Explorer 6 and IE 7 that has been targeted in attacks, and released fixes for eight holes in Windows and Office as part of Patch Tuesday.

The company issued Security Advisory 981374, which addresses a privately disclosed vulnerability. The hole could allow an attacker to take control of a machine if a user visited a malicious Web site, Microsoft said.

There are some features that could mitigate the effects of an attack. For instance, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e-mail messages in the … Read more

For the second time in less than six months, visitors to the Drudge Report say they got malware in addition to the Web site's usual sensational headlines.

Matt Drudge denied that his site was infecting visitors, however it's likely that the malware is coming from ads delivered by a third-party ad network and not the site itself.

"I can personally vouch for disinfecting my mom's desktop yesterday after visiting this Web page, even taking a screenshot after beginning remedial steps to address the attempted infection," a CNET reader wrote in an e-mail early on Tuesday. &… Read more

Software that can be downloaded for use with the Energizer Duo USB battery charger contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer and US-CERT is warning.

"The installer for the Energizer Duo software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory," the U.S. Computer Emergency Readiness Team said in an advisory on Friday. "Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp. Its capabilities include the ability to list … Read more

More details of Microsoft's rumored dual-screen "Courier" tablet emerged on Friday, including a rumored ship date of later this year, according to a post on Engadget.

According to the Web site, the product will ship later this year, is roughly 5 inches by 7 inches when closed, runs a version of the Windows CE operating system, and uses an Nvidia Tegra 2 processor.

A Microsoft representative declined to comment on Friday.

In a January interview, Microsoft Entertainment and Devices unit President Robbie Bach confirmed that an earlier video was indeed from Microsoft, but refused to say where … Read more

Unhappy with their lot, six of seven second-tier browsers have petitioned regulators for increased prominence on the screen that gives Windows users in the European Union a choice of browsers besides Microsoft's Internet Explorer.

The browser makers on Thursday sent a petition to Neelie Kroes, a European Commission vice president, and other regulators who have been dealing with the browser-choice technology that Microsoft has begun distributing to millions in Europe as part of an antitrust case against the software company. The top five browsers dominate the market, but more obscure browser makers hope the EU antitrust action will grant … Read more

Microsoft will issue two bulletins fixing eight vulnerabilities rated "important" in Windows and Microsoft Office products on Tuesday, the company announced on Thursday.

This represents a light Patch Tuesday, a contrast to last month when the company patched 26 holes with 13 bulletins, including critical vulnerabilities for Windows.

Meanwhile, Microsoft is continuing to monitor the situation with a VBScript vulnerability that was disclosed on Monday, Jerry Bryant, senior security communications manager lead at the company, wrote in a blog post.

Proof-of-concept code has been published on the Internet that exploits that vulnerability, which affects older Windows systems running … Read more

Although I am missing getting to see TechFest first hand this year (it's not open to the press), it has been interesting to look at some of the projects that Microsoft is detailing publicly.

In addition to the digital air guitar, mobile Surface and Project Gustav efforts that I wrote about on Tuesday, there are some other interesting ones, including a phone that can help bridge a language divide.

Essentially the "translating telephone" works by converting speech to text, machine translating that text, and then converting the text back to speech. When all works well, it is … Read more

When your wallet is lost or stolen, the first thing you probably do is call your credit card companies. You should also notify your medical insurance provider judging from the conclusions of a report to be released on Wednesday that finds that medical identity fraud can be very costly.

With identity fraud, most people think of criminals stealing Social Security numbers and credit card data to take out loans or make purchases that the victim is responsible for. But there is a growing amount of medical-related identity theft in which someone uses another person's identity or insurance information to … Read more