Microsoft’s “patch Tuesday” was pretty low-key this month (unless you are still running Windows 2000, but Adobe has release some critical patches. Keeping applications, especially those used for internet access, patched is now as important as keeping the operating system patched.

Clients often ask why their anti-virus program failed to catch a piece of malware that infected their computer. Here is one of the tools that malware-writers can use to test their wares to see which AV programs are able to detect them as malware. This company does not hide the fact that this service is for malware writers and the results are NOT reported to the AV vendors. This makes it much easier for the “bad guys” to test their code and stay ahead of the AV vendors.

Depending upon your point of view, these “security researchers” are forcing software vendors to address security flaws quickly, helping the “bad guys” wreak havoc on internet users, or are just plain acting irresponsibly. These folks are release one “zero-day exploit” per day for 30 days – without giving the vendors any advance warning. They say that vendors do not respond unless the exploits are release publicly. The next month could be a busy one.

Want to test a site before you visit it? Here are four sites where you can paste URLs before you visit them to get a report.

Dennis H in West Virginia, US

January 14, 2010