Today's malware news:

Microsoft warns of malware exploiting known vulnerability
Microsoft is warning users of a rise in attacks on a vulnerability in Windows that could trigger a worm infestation on networks, and the company is encouraging companies to apply an emergency patch released in October. Microsoft says it has reports from users on a worm called Win32/Conficker.A, which infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.exe). Network World, 11/26/2008.

Also: Hundreds of vulnerable servers infected by the Conficker.A worm

New OS X Malcode: Not Just a DNSChanger
Seems that Apple’s OS X has been taking a minor beating in the malcode front lately, as noted in the blog post New Trojans Strike OS X from CA. I got a copy of it last night and had a look, I wanted to see what the OS X malcode community was up to. The answer is both nothing much (it’s like we stepped back to 1999) and some new stuff (new approaches not yet seen in the OS X world, but old hat on Windows). Security to the Core, 11/24/2008.

More: OSX.Lamzev.A: The Mac OS X Trojan Kit

Estonian ISP cuts off control servers for Srizbi botnet
An Estonian ISP that temporarily hosted the command-and-control servers for the Srizbi botnet, responsible for a large portion of the world's spam, has cut off those servers, according to computer security analysts. IDG News Service, 11/27/2008.

Previously: Massive botnet returns from the dead, starts spamming

Capital One "Member Satisfaction Survey" Phish
They've not done a very good job with this Phish - they display an obviously fake URL, for one thing - but they do get some bonus points for attempting to lure the end-user in: "You've been selected to take part in our quick and easy 9 questions survey. In return we will credit $20 to your account - Just for your time!" The SpywareGuide Greynets Blog, 11/26/2008.

This BofA Demo Thing Got Big Fast
The Obama spam and malcode gang is back at it with a new fast flux phishing and malcode ruse. This time it’s a demo from the Bank of America that requires the classic "Flash Upgrade". Security to the Core, 11/27/2008.

Today's bug patches and security alerts:

Seven new patches from Ubuntu:

Samba (bounds checking, denial of service)

GnuTLS (man-in-the-middle attack, information disclosure)

OpenOffice.org (multiple flaws)

WebKit (code execution)

Pidgin (multiple flaws)

HPLIP (multiple flaws)

Thunderbird (multiple flaws)
**********

Five new fixes from Debian:

imlib2 (buffer overflow, code execution)

iceweasel (multiple flaws)

enscript (buffer overflow, code execution)

xulrunner (multiple flaws)

hf (local privilege escalation)
**********

From the interesting reading department:

The McColo takedown: Online neighborhood watch, or Internet frontier justice?
Security researchers are banding together to police the Net against allegedly nefarious hosting firms. That may not be the best approach, but it may be the only viable one for now. Computerworld, 12/01/2008.

Challenges await Obama in bid to build up federal IT security
As President-elect Barack Obama prepares to take office, the task of upgrading the security of federal computer systems continues to be a work in progress. Computerworld, 12/01/2008.

The Cost of Software Piracy
One topic of discussion in the recently released Symantec Report on the Underground Economy is software piracy. Software piracy occurs primarily in two basic forms: physical counterfeiting and file sharing. Counterfeiters create unauthorized physical copies of software intended for sale as legitimate products (though often the attempt to create a realistic valid copy is minimal). Symantec Security Response, 11/25/2008.

No one gets fired for banning IM
The company in questions (nameless of course) has chosen to ban all forms of instant messaging. This is a pet peeve of mine because our research shows that IM has a compelling ROI, both in hard dollars in areas such as sales, and even more so in soft productivity dollars. Network World, 11/25/2008.

Lenovo service disables laptops with text message
If a laptop is lost, now there is a new way to remotely shut it down -- just text it. Lenovo plans to announce on Tuesday the Constant Secure Remote Disable service, allowing users to remotely disable a PC by sending a text message. Users also receive a confirmation text message that validates the disabling of a PC. IDG News Service, 11/25/2008.

Casino Spam Rolling Higher
In recent weeks, Symantec has observed an increase in messages promoting online casinos, typically offering a cash bonus or VIP treatment. Leisure spam (defined as email attacks offering or advertising prizes, awards, or discounted leisure activities) has accounted for up to 10% of spam globally during early November. Symantec Security Response, 11/28/2008.

Jason Meserve is multimedia editor at Network World.