Skype, ZoneAlarm, Windows security risks scrutinized

[RedHot25]

Just more of a FYI as I know a lot of people here use some or all of these.

http://www.cbc.ca/technology/story/2...-20070416.html

A Skype worm is loose, computer security software ZoneAlarm could be used to hijack or crash a machine and Window's Server users should implement a vulnerability workaround, researchers say.

...

An instant-messaging worm that spreads through Skype and Skype-enabled programs is spreading links to malware through people's Skype contacts list on infected machines, Finnish computer security firm F-Secure Corp. said Monday.

Before sending the link, the worm also sets the infected Skype user's online status to "do not disturb," stopping notifications of incoming calls or messages, an F-Secure researcher wrote in a post to the company's security labs weblog.
Upon clicking the link in the message, malware is downloaded to the victim's machine, and once executed, displays a picture of a scantily clad woman, F-Secure said.
....

ZoneAlarm.
The software, which comes in free and paid-use versions, has a weakness that could allow an attacker to send unverified instructions or data to a component of the program, resulting in a crash or potentially giving full access to the system. The vulnerability's effect is to deny people access to their computers.
The problem affects ZoneAlarm Pro versions 6.1.744.001, 6.5.737.000 and possibly others.

....

Also on Sunday, Microsoft updated customers about a "highly critical" vulnerability in the Domain Name System (DNS) Server service for its Windows Server versions 2000 and 2003 and urged them to implement a workaround issued on Thursday.