In the past days, a class of exploits that fall under the category of DLL hijacking (or "binary planting") have gotten a lot of attention. Apple's iTunes had problems, and a lot of other applications seem to be falling for the same thing.

"Computer viruses may have contributed to the Spanair passenger plane crash which killed 154 people in Madrid two years ago", reports the Spanish newspaper El Pais.

Today we’re sharing an exciting update to the recently introduced, free Norton DNS (BETA) for PC and Mac users. A new, easy-to-use wizard takes the guess work out of DNS set-up.

Microsoft has updated Security Advisory 2286198 and it now clarifies that:

"The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed."

Displayed is the important keyword. This is good and addresses our earlier concerns.

However, the advisory still reads that:

So Mozilla recently upped their bug bounty money from $500 to $3000 (USD).

Here's a few thoughts on the topic:

There's a possible new zero day in the wild which is being used in targeted espionage attacks. Belorussian antivirus company, VirusBlokAda, recently published news about two new rootkit samples, and quite interestingly, the infection vector is a USB storage device and Windows shortcut [.LNK] files.

The rootkit uses a LNK file that infects the operating system when viewed by an icon rendering file explorer such as Windows Explorer or Total Commander.

Today's the day — July 13th — Windows XP Service Pack 2 has reached its end of support. After today, Microsoft will no longer publish updates for SP2 and that also includes Microsoft software such as Internet Explorer, Media Player and Outlook Express.

Our telemetry indicates that about 10% to 11.5% of our customer base runs XP Service Pack 2. The numbers drop off during the weekend, due to corporate machines running idle. Windows XP SP3 numbers range from 50% to 54%.

Not bad, just about 10% of our customers are facing end of support issues.

Adobe released a critical Flash update on June 10th. If you haven't seen it yet, this is the update notification:

Do you know what Flash version you have installed? No? Then use Adobe's version test page.

There's going to be numerous updates published tomorrow by Microsoft.

But you'll more likely want to keep an eye on Adobe. Current versions of Flash are vulnerable.

On Tuesday, Mac security firm Intego blogged about their discovery of Mac based Spyware which they dubbed OSX/OpinionSpy.