LimeWire's peer-to-peer file-sharing network is notorious as a malware ghetto, where distributed files that have legitimate-sounding names turn out to be Trojan horses hiding pernicious threats. In an effort to attract more users to the LimeWire premium upgrade and to protect those users better, the company signed a deal with AVG on Tuesday to extend download file scanning and blocking to LimeWire Pro users.

By integrating AVG's antivirus SDK engine, all files that LimeWire Pro users download will now be scanned before they run. A pop-up will appear letting users know when a file has been scanned or blocked.

This is a smart move to make, as users become more aware of the risky nature of running audio, video, and program executables from unverifiable sources without scanning them first. However, many security suite options already offer download scanning. Most of the premium ones, such as Norton, McAfee, Kaspersky, and ESET, and some of the free ones, such as AVG, Avast, and Avira, will block a malicious download before anything gets saved to your hard drive. Nearly all will prevent an already-downloaded file from running.

LimeWire pointed out in a press release that it has 50 million users worldwide but didn't specify how many of those were premium-version users who would receive the AVG protection.

Remember Scrabulous, the Facebook-powered Scrabble knockoff that was all the rage a couple years back? I was a serious addict, but lost interest after all the name changes, lawsuits, redesigns, etc.

Thanks to my evil friend Denny, my addiction is reborn--and mobile. Words With Friends is a two-player crossword challenge that offers turn-based, Scrabulous-like competition. It's not perfect, but I'm loving it.

The game lets you complete online against random players and/or friends. (Built-in Facebook/Twitter links let you post an invitation as a status update.) You can have up to 20 matches going at once, with push notifications letting you know when it's your turn.

There's also an in-game chat option. You can tell when an opponent is online when you see a pair of eyeballs next to the Chat button.

The game itself plays much like Scrabble, though with a slightly different distribution of the bonus squares (double word score, triple letter score, etc.). A double-tap is all it takes to zoom into the board for easier tile placement or back again for a full-board view.

It would be nice if WWF had a few more amenities, like a button for clearing your tiles or a list of legal two-letter words. But my big complaint is that the game doesn't keep a tally of your potential word score as you place your tiles. It's only after you make your play that you find out your total for the turn. (What, I'm supposed to do math in my head?)

WWF also suffers from some performance issues, like seemingly endless lag when attempting to submit your turn. Most of the time, the game worked fine, but it's frustrating when it doesn't.

Developer Newtoy offers a free, ad-supported version of Words With Friends and a $2.99 ad-free version.

The ads get pretty annoying pretty quickly, so I may just bite the bullet and pay my 3 bucks. On the other hand, Words With Friends is such a distraction (albeit an incredibly enjoyable one), the smarter move would be to delete it altogether.

Eh, I'm probably not that smart. In fact, my username is justrick if you want to challenge me to a game. In the meantime, check out "Five perfect puzzle games for the iPhone."

Originally posted at iPhone Atlas

An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs.

"Today one of our colleagues received a brand new Vodafone HTC Magic with Google's Android OS," researcher Pedro Bustamante wrote on the Panda Research Blog on Monday.

"The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious," he wrote. "A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into."

The malware began "phoning home" for instructions, Bustamante wrote. It's likely the user's credentials would have been stolen, he speculated.

The malware turned out to be related to the Mariposa botnet, but there was other malware on the device too--Conficker and a Lineage password-stealing Trojan, he said.

A Vodafone spokesperson did not return an e-mail from CNET seeking comment, but The Register published a statement from Vodafone that said it is investigating the matter.

"Following extensive quality assurance testing on HTC Magic handsets in several of our operating companies, early indications are that this was an isolated local incident," the statement said.

Last week, three people were arrested in Spain on charges of operating a massive botnet composed of 12.7 million PCs that stole credit card and bank log-in data and infected computers in half of the Fortune 1,000 companies and more than 40 banks. The botnet was dubbed "Mariposa," which means butterfly in Spanish.

Updated at 1:07 p.m. PST with background on Mariposa-related arrests.

Originally posted at InSecurity Complex

Microsoft warned of a new vulnerability in Internet Explorer 6 and IE 7 that has been targeted in attacks, and released fixes for eight holes in Windows and Office as part of Patch Tuesday.

The company issued Security Advisory 981374, which addresses a privately disclosed vulnerability. The hole could allow an attacker to take control of a machine if a user visited a malicious Web site, Microsoft said.

There are some features that could mitigate the effects of an attack. For instance, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML e-mail messages in the Restricted sites zone by default, the company said.

"Protected Mode in Internet Explorer on Windows Vista and later Windows operating systems helps to limit the impact of the vulnerability as an attacker who successfully exploited this vulnerability would have very limited rights on the system," the advisory said. "By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone."

The advisory also provides information on workarounds. Microsoft suggests that IE 6 and IE 7 users upgrade to IE 8 immediately.

"For the second time in three months, Microsoft has also issued a warning about a new IE zero-day bug," said Andrew Storms, director of security operations for nCircle, referring to the IE hole that was exploited in the attacks on Google and other companies late last year and disclosed by Microsoft in January. "There's no doubt that this new bug will be fodder for the ongoing security discussion that is a key part of the browser wars."

In its Patch Tuesday preview on Thursday, Microsoft said it would issue two bulletins rated "important" on Tuesday to fix eight vulnerabilities in Windows and Microsoft Office products. Details are in the company's Security Bulletin for March.

The first bulletin for March, MS10-016, addresses a vulnerability in Windows Movie Maker that could be exploited by getting a user to open a maliciously crafted Movie Maker project file.

"Both Windows XP and Windows Vista ship with affected versions (2.1 and 6.0 respectively). Version 2.6 is also vulnerable and can be freely downloaded and installed from the Web," Jerry Bryant, senior security communications manager lead at Microsoft, wrote in a blog post on the Microsoft Security Response Center. "Customers who install 2.6 on any supported platform, including Windows 7, will be offered the update."

The vulnerability also affects Microsoft Producer 2003, a free download with limited distribution. "At this time, we are not offering an update for Producer 2003," the blog post said. "While we continue to investigate Producer 2003, we recommend that customers either uninstall the application or apply an available Microsoft Fix It to disassociate the project file type from the application to add an extra layer of security."

The second bulletin, MS10-017, affects all currently supported versions of Microsoft Office Excel, as well as Office 2004 and Office 2008 for Mac, the Open XML File Format Converter for Mac, supported versions of Excel viewer and SharePoint 2007. A successful attack exploiting the hole would require a user to open a maliciously crafted file.

Meanwhile, the Malicious Software Removal Tool was updated to include Win32/Helpud, a Trojan that steals log-in information for popular online games.

Microsoft also re-released MS09-033, a bulletin for a hole in Microsoft Virtual PC and Microsoft Virtual Server, to add Microsoft Virtual Server 2005 to the list of affected software.

The software giant said it is continuing to monitor threats in connection with Security Advisory 981169 related to a hole in VBScript affecting older Windows systems that Microsoft disclosed publicly on March 1.

Although proof-of-concept code exploiting the hole has been released publicly, Microsoft said it was not aware of any active attacks. Customers using Windows 2000-, XP- and Server 2003-based systems are advised to apply the workarounds. Customers running Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista are not affected.

Updated at 1:04 p.m. PST with nCircle comment.

Originally posted at InSecurity Complex