New Sober variant surfaces

Another version of the mass-mailed Sober worm has surfaced, reports InformationWeek.

The mail arrives with the message "I`ve_got your EMail on my_account!" and spread fairly quickly in the UK early yesterday morning. One security firm reported that nearly 88 000 copies had hit UK businesses by 11am local time.

Like earlier variants, Sober.m appears in English or German and spreads by hijacking addresses from infected PCs, and bundles its payload in a compressed .zip file.

The message reads: "Someone is sending your private e-mails on my address, It`s probably an e-mail provider error! I`ve got over 10 mails on my account, but the recipient are you. I have copied all the mail text in the windows text-editor for you & zipped then."

The variant also tries to disable Microsoft`s AntiSpyware application and Malicious Software Removal Tool, which is an important part of each month`s security update from the software giant, and targets Sober among the malware it seeks out and destroys.

People who secretly videotape movies shown in cinemas could go to prison for up to three years under a bill that cleared the US Congress yesterday.

According to MSNBC, the bill also toughens penalties for hackers and industry insiders who distribute music, movies or other copyrighted works before their official release date.

Pirates sneak camcorders into movie cinemas to tape films directly off the screen, while some industry insiders leak copies to tech-savvy hackers before they`re officially released.

The US Customs Department estimates that these distribution groups are responsible for 95% of all pirated movies available online.

The House of Representatives passed the bill unanimously by voice vote, the bill has already passed the Senate, and President George Bush is expected to sign it into law.

Apple has released its Security Update 2005-004, an update intended to correct a security problem in its iSync 1.5 software.

According to MacCentral, the software is available for download from Apple`s Web site and from the Software Update system preference pane. The update patches iSync 1.5 on Mac OS X v10.2.8 and Mac OS X v10.3.x.

According to Apple, the update patches mRouter, an iSync helper tool. Under certain circumstances, explained Apple, a buffer overflow vulnerability in mRouter could result in the execution of an arbitrary command by local system users.