Consumer software and hardware

A new zero-day exploit targeting Adobe Reader, as well as 9.1.3 and earlier versions of Adobe Systems' Acrobat, drops a backdoor onto computers using JavaScript, Trend Micro researchers warned on Friday.

Trend Micro identified the exploit as a Trojan horse dubbed "Troj_Pidief.Uo" in a blog post. It arrives as a PDF file containing JavaScript-based malware, "Js_Agent.Dt," and then drops a backdoor called "Bkdr_Protux.Bd."

The exploit affects Microsoft Windows 98, ME, NT, 2000, XP, and Server 2003, according to Trend Micro.

The blog post provides technical details on how the … Read more

The preorder has long been a staple of the video game retail industry, and with good reason. You get a customer to purchase a game ahead of its release in return for a small trinket. The hope is that buyer will keep coming back to the store, and in turn the store can provide more accurate supply numbers to the publisher and thus ensure an adequate stock. It's also been a great way for retailers to sit on that cash long before ever handing over the product.

What has made this more interesting over the years is how far some retailers and game publishers have gone to get people to come to them, and them only. This arms race has lead to some great, and some not-so-great, trends in preorder goodies. Here are five of the best and five of the worst in the last couple of years.

1. Getting the game before its release date

What is easily the holy grail of preorder goodies is getting the game ahead of its official street date. Very few games have ever done this intentionally, though. This usually happens only when a retailer mistakenly sells the title without knowing there's a specific release date, or when games are shipped by mail and the snafu is committed by the shipping company.

In the case of Call of Duty: World at War, which was released last November, GameStop sold the title a day ahead of its official release to those who had preordered it. According to Planet Xbox 360, the game retailer went directly to FedEx's shipping facilities to pick up the game ahead of its slated delivery time.

Also, customers who prebought Mythic Entertainment's Warhammer Online: Age of Reckoning got to build their characters and start playing on the game's servers four days before the game launched--if they bought the collector's edition, while preorderers of the standard edition got a two day head start. The same went for those who preordered Pirates of the Burning Sea, who got to start playing the MMO 15 days ahead of people who simply bought it on its release day.

2. Free games

Coming up just short of getting the new game early is publishers who offer a copy of one of their previous titles free of charge. That was the case for Rockstar games, which through Valve's Steam online game store gave PC gamers who preordered Grand Theft Auto 4 a free copy of GTA: Vice City, a title from earlier in the GTA series.

Preorderers of Banjo-Kazooie: Nuts & Bolts on Xbox 360 got a free code for the original Banjo-Kazooie game on XBOX Live Arcade a whole two weeks before it was officially released to other gamers.

Lionhead studios gave preorderers of the Xbox 360 version of Fable 2 a free (normally $10) Xbox Live Arcade title that let them play some of the title's in-game minigames ahead of the release, as well as put any gold they earned to use in the game once they got it.

Earlier notables include: Preorderers of Red Alert 3 getting a free Red Alert 2 download, and the Zelda: Ocarina of Time disc that came with the Zelda Wind Waker for Gamecube, which had been one of the top games of the year four years prior. Nintendo went through the effort of porting it from the previous generation's system to the GameCube, as well as throwing in a more difficult variation of the game that had previously been unreleased in the U.S. just for those buyers. Now that's cool.

3. Getting the "better" edition of the game, free of charge

The "limited" editions of games almost always cost more, and come with a few extra goodies like a download code from extra in-game content, or a spiffy case with things like concept art books and soundtrack CDs.

This time last year, Ubisoft surprised gamers who had preordered the latest Prince of Persia game with a free upgrade to the limited edition, which featured a making-of featurette, digital art book, and the soundtrack. It certainly wasn't as lavish as some other limited-edition packages, but it was free.

Developer Arksys did the same thing earlier this year with its 2D fighter BlazBlue: Calamity Trigger. Prebuyers who purchased the normal game ahead of time got upgraded to the limited-edition free of charge, which included a video strategy guide and two-disc soundtrack with close to 50 tracks. … Read more

Microsoft on Thursday said it will provide a fix next week for zero-day flaws in Microsoft Server Message Block (SMB) and Internet Information Services (IIS) that could allow an attacker to take control of a computer.

Those are just two of the 34 vulnerabilities addressed in 13 bulletins (eight of which are critical and five of which are rated important) that will be fixed during Patch Tuesday, according to a blog post on the announcement. The bulletins affect Windows, Internet Explorer, Office, Silverlight, Forefront, Developer Tools, and SQL Server, the advisory shows.

The SMB flaw was reported a month ago. … Read more

Comcast is launching a trial on Thursday of a new automated service that will warn broadband customers of possible virus infections, if the computers are behaving as if they have been compromised by malware.

For instance, a significant overnight spike in traffic being sent from a particular Internet Protocol address could signal that a computer is infected with a virus taking control of the system and using it to send spam as part of a botnet.

The alerts are triggered "when we see computers on our network that are doing things that are known bot activities--say, a computer is … Read more

Update at 9:20 a.m. PDT: Comments from Lili Cheng added.

Ray Ozzie is getting more social.

No, the infrequent blogger and Microsoft's chief software architect has not decided to Twitter his every move. Rather, Ozzie has set up a new social computing lab at Microsoft, to be headed by Microsoft Research veteran Lili Cheng.

The Future Social Experiences (FUSE) group brings together three existing efforts: Cheng's creative systems group from Microsoft Research and two units that were already part of Ozzie's world--the Media Labs and Startup Labs group.

Ozzie sent an e-mail Thursday to Microsofties … Read more

Microsoft 's new Security Essentials software has passed at least one exam so far--a review by security testing firm AV-Test.org.

Using the latest version and definition updates of Microsoft Security Essentials (MSSE) downloaded from the Web, AV-Test ran the product through a series of tests on Sept. 29 and 30 to judge its effectiveness at fighting malware.

To check static known malware, AV-Test pitted Security Essentials against the most recent WildList, a sampling of 3,732 viruses and other threats compiled by the WildList Organization. Microsoft's product successfully detected and blocked all of the samples in both manual … Read more

For the past week I've been inseparable from a small bit of black plastic hooked onto my left pocket. It's not a cell phone, or a security card for work. Instead, it's the Fitbit, a high-tech pedometer with a neat trick--it tracks your daily and nightly activities, then sends that information to the cloud wirelessly.

The $99 device was first unveiled at last year's TechCrunch50 show in San Francisco, but the company only began shipping out its first pre-orders last week. I've spent the past seven days using it to track my daily activity levels, as well as my sleeping and eating habits.

Unsurprisingly, it hasn't moved me to make a dramatic shift in the way I live my life, but it has given me a benchmark of how active or inactive I am on a daily, weekly, and monthly basis. In other words, you can be a non-gym rat and still get a multitude of uses out of this, but it will always be more beneficial for highly active people.

The Fitbit itself is a clip, and almost symmetrical except for a button on one of the sides. This is the only button on the entire device that controls what you see on its small, but very readable OLED display. Each time you click it, it cycles through how many steps you've taken, how far you've gone in miles, how many calories you've burned, as well as your current activity level which is displayed as a flower; the taller it is, the more active you've been.

Compared with some other pedometers from companies like Omron, Sportline, and Apex Fitness, many of which feature onboard clocks, stopwatches, and "trip" meters, this may seem a bit anemic. But there's more than meets the eye. The device tracks things like duration of activity, and what time of day you're doing it--two things that can be seen back on Fitbit's site once it syncs up.

The Fitbit can be stashed in your pocket, on your belt, or anything else you can clip it on. (Fitbit's product manual mentions something about bras--I didn't get to try that out.) It then uses a three-dimensional motion sensor--like what's inside of Nintendo's Wii remote--to track your movements.

Besides tracking steps, caloric burn, and distance, the Fitbit can be used to monitor sleep duration and habits. This requires users sliding the Fitbit into the included cloth wrist wrap, then holding the Fibit's one button for a few seconds before going to bed, and then again when they wake up.

I found this an easy habit to pick up and build into my normal routine, though worth noting is that the included strap's velcro is basically glued on, and can be accidentally removed quite easily. I also had one night of sleep where the device came out of the strap, forcing me to fish it out of the bed the next morning.

Once you've held the button for a few seconds to start the sleep cycle, the device then waits for you to stop moving to begin its count. It also keeps track of any movements during the night, like if you sleepwalk, start waving your arms around, or get up to go to the bathroom. This information is tracked on Fitbit's site, including how "efficient" your sleep was, which is a percentage of how much time you spent sleeping versus how long it took you to go to bed and how many times you became "active."

While the Fitbit can be used as a pedometer in the traditional sense, installing software on your computer lets you sync it up with Fitbit's site. To do this you have to make use of a special base station which comes with the Fitbit, and is the only way to both charge it, and check its battery level (which is rated at 10 days between charges).… Read more

Facebook on Thursday fended off an attack in which multiple identical profiles were created to spread malware.

Antivirus provider AVG Technologies said users of its LinkScanner service detected numerous profiles that were identical except with different names and each included a link to what was represented as a home video but which instead displayed a fake antivirus alert when clicked. The scams are designed to trick people into paying for software they don't need, to get credit card information from victims for identity fraud purposes, and often to install spyware on the computer.

"Clearly, the Data Snatchers have … Read more