In an attempt to deter computer hackers from selling information about newly discovered software vulnerabilities to other bad guys who may attempt to exploit the flaws, TippingPoint, a security services firm, recently announced the "Zero Day Initiative."

	WEEKLY REPORTS Solutions, Prevention & Remedies Top 10 Threats

The goal of the program is to reward those who responsibly report security flaws to the company.

Once TippingPoint verifies the problem, the company offers payment in exchange for the intellectual property rights. If the offer is accepted, the company will then pass the vulnerability information on to other security companies so that they can better protect their clients.

The various security companies would be unable to publicly release information about the flaws until the publisher of the software was notified and given the opportunity to patch the problem.

The reward amount will be based on how popular the program at risk is, ease at which it could be exploited and how much damage could be done if knowledge of the flaw fell into the wrong hands.

Other security and software companies like Microsoft, Mozilla, and iDefense have also put a price on similar information

---

Worry Watch Plus Online only:

Information, Protection and Prevention -- Security Flaw programs
• The Zero Day Initiative

• Tipping Point, a division of 3Com

• Mozilla?s Bug Bounty

---

Latest Security Updates:
Anti-Spyware Product	Latest update	Download Site
Spybot Search and Destroy	Version 1.4 (Definitions updated July 25, 2005)	Click to Download
Symantec Intelligent Updater and LiveUpdate	70727h (Definitions updated July 27, 2005)	Download
Ad-Aware SE	SE1R58 28.07.2005 (Definitions updated July 28, 2005)	Download

Go back

* Reading: Solutions, Prevention & Remedies
Additional summary information related to a specific type of solution or prevention that you should be considering. Depending upon the week, this section may have:
• Recent Windows security releases from Microsoft
• Recent updates to widely used anti-spyware programs
• Recent updates to widely used anti-virus programs
• Recent updates to other security programs & devices (ex: Firewalls, routers)
• Recent updates to various applications in wide use

---

Top 10 Threats:
Name	Type	Affects	Alert Level
Sdbot.ftp More	Worm	Windows 95, 98, 2000, ME, NT, XP	Medium
Netsky.P More	Worm	Windows 95, 98, 2000, ME, NT, XP*	Severe
Gaobot.gen More	Worm	Windows 2000, NT, XP*	High
Mhtredir.gen More	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Medium
Psyme.C More	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Low
Qhost.gen More	Trojan	Windows 2000, NT, XP*	Low
Lowzones.IK More	Trojan	Windows 95, 98, 2000, ME, NT, XP*	Medium
Qhost.BP More	Trojan	Windows 95, 98, 2000, ME, NT, XP	Low
Parite.B More	Virus	Windows 95, 98, 2000, ME, NT, XP*	Low
Smitfraud.D More	Virus	Windows 95, 98, 2000, ME, NT, XP*	Low

Go back

Read: Top Threats
These are viruses that are currently on the watch lists of major anti-virus software companies.

Name
What the threat is called. We use the name given each virus by Panda Software. Sometimes other anti-virus companies give the same threat a different name. Usually they use similar names.

Type
There are different characteristics associated with different types of threats.
• Virus - has the ability to replicate or infect computers or other programs
• Trojan Horse (or Trojan) - appear to be harmless programs when you get them. They unleash their payload when you double-click, open, or execute them.
• Phishing - a Web site or e-maill message posing as another company - usually one you know to fool you into giving the sender personal information.
• Worm - self replicates onto additional disks, computers or networks
• Spyware - installs on your system to collect information about your activity, preferences or interests
• Hoax - false messages sent by e-maill to mislead the recipient
• Backdoors - opens a security hole that allows outsiders to take control of your computer
• Dialer - uses your telephone to dial an outside number - sometimes a number that costs you money when dialed

Affects
Not all viruses affect all types of systems. Some, for example may affect only Windows 98 and 95, but not Windows XP or NT. Others affect all Windows systems, but not Macintosh. In this column, we show you the consumer systems that the threat is known to affect. We don't always include the servers that operate in your company's backroom.

Alert level
The level of awareness that anti-virus vendors suggest you need to have for each threat listed.
For each threat listed, we'll post a corresponding link here, so you can get more information to help you recognize, diagnose, prevent, and repair the problem.