Week in Geek: Microsoft Security Essentials Loses its Certification after Failing AV Test

Note: This article is part of our archive and is likely out of date.
(Links may not work, downloads have not been recently tested for safety)

By Akemi Iwaya on December 2nd, 2012

Our first edition of WIG for December is filled with news link coverage on topics such as the Windows XP countdown clock has dropped to less than 500 days, software pirates have released a tool to crack Windows 8 apps, an online service is offering bank robbers for hire, and more.

Weekly News Links

Image courtesy of the I Love Ubuntu Blog.

Security News

  • Microsoft Security Essentials Fails AV-Test, Loses Certification
    Microsoft’s Security Essentials is the only free anti-virus software that failed to receive certification after a new round of anti-virus tests conducted by AV-Test on Windows 7 during September and October. MSE results are here and full list of AV Apps tested is here.
  • New Kernel Vulnerabilities Affect Four Ubuntu OSes
    Canonical announced on November 30 that a new Linux kernel update for its Ubuntu 12.10 (Quantal Quetzal), Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 11.10 (Oneiric Ocelot) and Ubuntu 10.04 LTS (Lucid Lynx) operating systems is now available, fixing two important security vulnerabilities discovered in the Linux kernel packages by various developers.
  • Hotel room burglars exploit critical flaw in electronic door lock
    Attacks affected some 4 million locks; company wants customers to cover repair costs.
  • Researcher reveals backdoor access in Samsung printers
    Samsung printers contain a hardcoded backdoor account that could allow remote network access exploitation and device control via SNMP. Details of the exploit have been published. Some Dell printers manufactured by Samsung also have the admin account backdoor access.
  • Email hacks router
    A whole range of Arcor, Asus and TP-Link routers are vulnerable to being reconfigured remotely without authorisation. On his blog, security researcher Bogdan Calin demonstrates that just displaying an email within the router’s own network can have far-reaching consequences: when opened, his specially crafted test email reconfigures the wireless router so that it redirects the user’s internet data traffic.
  • Malicious code added to open-source Piwik following website compromis
    Backdoor added after hacker exploited vulnerability in mystery WordPress plugin. – Hackers inserted malicious code into the open-source Piwik analytics software after compromising the Web server used for downloads.
  • Account theft still possible with latest WhatsApp
    Recent changes to WhatsApp, which appears to have captured a position as the popular app-based alternative to texting, have not actually secured the system, at least for Android users.
  • iOS dictionary app accuses customers of piracy via Twitter
    In a blog posting, author Jenn Frank reports that the Oxford Deluxe (ODE & OTE) – powered by UniDict iPhone/iPad app, which retails for £37.99 (or €49.99), accuses legitimate buyers of being software pirates. Apparently, the app’s flawed DRM feature automatically tweets “How about we all stop using pirated iOS apps? I promise to stop. I really will” to the dictionary user’s Twitter followers.
  • Fake Windows 8 Key Generators and Activators Found Online
    Security company Trend Micro reports that several fake Windows 8 key generators and activators are now available online, all with the purpose of tricking people into believing they could actually activate Microsoft’s new operating system without paying for a license.
  • Software Pirates Release Tool to Crack Windows 8 Apps
    It was only a matter of time, but the inevitable has finally happened: software pirates have just released a downloadable application that allows users to download and run full Windows Store apps. For free, that is.
  • Hack could let browsers use cloud to carry out big attacks on the chea
    Scientists have devised a browser-based exploit that allows them to carry out large-scale computations on cloud-based services for free, a hack they warn could be used to wage powerful online attacks cheaply and anonymously.
  • Online Service Offers Bank Robbers for Hire
    An online service boldly advertised in the cyber underground lets miscreants hire accomplices in several major U.S. cities to help empty bank accounts, steal tax refunds and intercept fraudulent purchases of high-dollar merchandise.
  • Java Zero-Day Exploit on Sale for ‘Five Digits’
    Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running the program.
  • Lost+Found: Anonymous surfing, dubious DRM and a stuck stock exchange
    Too short for news, too good to lose; Lost+Found is a roundup of useful and interesting security news. In this edition: the latest edition of Nmap arrives, a router to route everything over Tor, an Autorun pest, a PDF autopsy, Stockholm’s stuck stock exchange, and a rather breakable unbreakable DRM.
  • A patched browser – false feeling of security or a security utopia that actually exists?
    Kaspersky Lab’s recently released “Global Web Browser Usage and Security Trends” report sparks several important questions from a security perspective.
  • I Was Just Friended By Myself On Facebook (And It Only Gets Weirder From There)
    From the blog post: I got a friend request from Bianca Bosker on Wednesday night. I’m Bianca Bosker, one of just three on Facebook, so the notification took me by surprise. What followed spooked me: When I finally scoped out this new Bosker at 8:30 a.m. on Thursday, I found myself staring back at me.
  • EU plans to implement mandatory cyber incident reporting
    To improve cyber security, the EU is considering making it mandatory for businesses to report cyber attacks. Although a big supporter of self regulation, Neelie Kroes, the EU Commissioner for the Digital Agenda for Europe, told German Süddeutsche Zeitung newspaper that she did not think there would be much progress with it in this case.
  • ‘Six-strike’ anti-piracy campaign postponed until 2013
    The Center for Copyright Information — a venture between ISPs, music labels, and film studios to crackdown on illegal downloads — says Hurricane Sandy delayed the November kick off.
  • Clueless officials hamper cybersecurity law-making
    Governments need to know what problems the cybersecurity legislation is meant to address, or they will face public backlash over the possible intrusions to their personal rights.
  • Why whitehats don’t want to help businesses at risk
    Well intended hackers might discover plenty of security vulnerabilities during their travels across the internet, but when businesses sue them or make it hard to pass the information along, it’s no wonder that they don’t even bother.

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 12/2/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!