Proposed changes to the Unified Extensible Firmware Interface (UEFI) firmware specifications would mean PCs would only boot from a digitally signed image derived from a keychain rooted in keys built into the PC. Microsoft is pushing hard to make this mandatory, so that users cannot override it. This feature would have the handy benefit of excluding alternative operating systems such as Linux and FreeBSD. This is according to Professor Ross Anderson of Cambridge University and other industry insiders. Also, it's not at all clear that it actually secures against viruses and other malware and appears to be solely designed to appease corporate self interests for unbreakable Digital Restrictions Management (DRM).

UEFI supercedes the 30 year old veteran BIOS found in most PCs today, which is very inefficient and slow for modern PCs, carrying a lot of old, legacy compatibility baggage that's just not needed in today's PC. UEFI, a key component of Windows 8, is designed to work on several CPU architectures, such as ARM and is streamlined and efficient. It also includes a much improved graphical interface that replaces the keyboard-driven menu system of the BIOS.

Some of the most severe worm attacks in memory include the infamous w32.nimda, w32.sasser and w32.blaster: all pieces of software affecting Windows PCs, and their ever-fragile defenses against new-forms of malware. Enter Downadup aka Conficker worm. This worm targets Windows PCs and servers. Mikko Hypponen, chief research officer at anti-virus firm F-Secure points out to the possibility of this new worm originating from Ukraine, after the security software firm reverse-engineered the virus. It is said to have a unique "phone back home" property that makes it potentially dangerous to let stay on an infected machine, as it could steal and send back vital/confidential data. The worm transmits itself across local networks and the wide-area networks over internet, scanning for and infecting as many machines as it finds. Microsoft on its part had dispatched a security update for all its current Windows operating systems (MS08-067) that fixes the vulnerability the worm takes advantage of, available via Microsoft Update.

The infection rate of this worm is severe to very-severe. Corporate networks are the worst hit despite them - usually - having the best security measures in place. "On Tuesday there were 2.5 million, on Wednesday 3.5 million and today [Friday], eight million, It's getting worse, not better." said F-Secure's Hypponen. The makers of the worm have put in a great deal of work to ensure it is difficult to detect and remove. Not much more is known about the purpose of this worm, except that it steals data and replicates itself at phenomenal rates. While the worm doesn't send itself stray over the internet or by e-mail, for home and corporate networks, it immediately scans and discovers new machines to infect. The worm also has the intelligence to guess passwords for password-locked shares. The best way to counter this worm is by securing your networks, downloading and applying Microsoft's patch to all machines of the network, and setting tough, long alphanumeric passwords for your network resources such as routers and shares. Individual machines are easy to disinfect, but not large corporate networks with layers of security. The problem is for companies with thousands of infected machines, which can become re-infected from just one computer even as they are being cleared.

Software giant Microsoft might offer a free anti-virus software next year, the company said on Tuesday. Code-named "Morro," this streamlined solution will be available in the second half of 2009 and will provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs.
"Customers around the world have told us that they need comprehensive, ongoing protection from new and existing threats, and we take that concern seriously," said Amy Barzdukas, senior director of product management for the Online Services and Windows Division at Microsoft. "This new, no-cost offering will give us the ability to protect an even greater number of consumers, especially in markets where the growth of new PC purchases is outpaced only by the growth of malware."
When released, "Morro" will be available as a stand-alone download and offer malware protection for the Windows XP, Windows Vista and Windows 7 operating systems.
With the arrival of "Morro", Microsoft will also discontinue retail sales of its Windows Live OneCare subscription service.

Rudimentary software-level protection for IPv6 (Internet Protocol Version 6), a network protocol which comes pre-installed with several operating systems (OS) but poorly implemented in the real-world makes it a protocol ignored by security providers, and effectively a soft-target for hackers to compromise a system.

Several OSes including Linux 2.6 upwards, Windows Vista, Solaris, Mac OS X and mobile OSes such as Windows Mobile 5 and 6 come with IPv6 enabled by default, though the user would probably not use the protocol in a year 2008 setting where the networks haven't embraced the protocol to level that makes it an explicit requirement for all internet-enabled computers the way IPv4 is. Keeping this in mind, software level protection for IPv6 is close to non-existent, having strong intrusion detection-enabled protection might keep you safe at an IPv4 level that's still standard, but with IPv6 enabled and with protection that doesn't cover IPv6, the PC is as vulnerable as one without any firewall at all. With IPv6 'listeners' (programs that open ports and allow incoming connections) in place the PC becomes vulnerable to intrusions. All it takes is for a hacker to create an IPv6 listener program (malware) and plant it on a PC.

Nowadays everyone will tell you that most virus, spyware, malware and other malicious definitions are written solely for Windows, but it appears that times have changed a bit. Security experts are warning now about a new Trojan horse released in the wild, targeting Apple operating systems or more specifically Mac OS X Tiger and Leopard (version 10.4 and 10.5). In addition to the usual stuff a trojan can do (run in background, open ports, steal your passwords, replicate etc.) this one can also log what you type in every moment, take screenshots of your active desktop and even take a picture of you using Mac's built-in iSight camera. Here's how it works: AppleScript.THT comes either as a 3.1MB application dubbed AStht_v06 or as a 60KB compiled AppleScript script called ASthtv05. Once started on a Mac OS system it adds itself to the System Login Items and thus runs with root privileges every time the OS is started. Once the system is infected AppleScript.THT also moves itself into the /Library/Caches/ folder. To protect your system against this threat, security experts advice to run SecureMac MacScan 2.5.2 anti-virus software with the latest Spyware Definitions update (2008011). More details on the malicious code and additional removal instructions are posted here.

No these don't come with a picture of me. Hewlett-Packard has released a batch of USB keys for numerous Proliant server models which contain malware that could allow an attacker to take over an infected system. The worms contained on the 256KB and 1GB USB drives have been identified as W32.Fakerecy and W32.SillyFDC. The worms spread by copying themselves to removable or mapped drives and affect systems running Windows 98, Windows 95, Windows XP, Windows Me, Windows NT and Windows 2000, according to AusCERT. To find out whether a drive is infected, HP recommends inserting it into a system with up-to-date antivirus software. Systems with up-to-date antivirus should be protected from the threat, according to HP. However, the threat risk from the worms is considered to be low.