Revision Note: Advisory updated to include additional mitigating factors. Msdds.dll file versions have also been revised: updated file version from 7.0.9446.0 to 7.0.9466.0 and added file version 7.0.9064.9143. Advisory Summary:Microsoft is investigating new public reports of a possible vulnerability in Internet Explorer. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time. Microsoft is aggressively investigating the public reports. The Microsoft DDS Library Shape Control (Msdds.dll) is a COM object that could, when called from a Web page displayed in Internet Explorer, cause Internet Explorer to unexpectedly exit. This condition could potentially allow remote code execution if a user visited a malicious Web site. This COM Object is not marked safe for scripting and is not intended for use in Internet explorer. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Hello All TGS Affiliates.

Affiliate commissions have been paid today.

Those affiliates with over USD 10 owing to them have been paid into their e-gold accounts.

Thank you all for your fine work promoting our services.

Start earning extra e-gold and join the TGS affiliate program today

Admin
TheGoldShop.biz
http://www.thegoldshop.biz/

Hello All.

Our sell rate has been reduced to 0% or dollar for dollar - or gold spot price

Please note the “bank fees” charges still apply.

Usual processing time frame for sell orders is by next business day. Customers can expect to receive a order complete email within 24 hours and their funds within 2 to 3 days from that (usually 1 day).

Place your sell order today!

Admin
TheGoldShop.biz
http://www.thegoldshop.biz/

Revision Note: Advisory Published Advisory Summary:Microsoft is investigating new public reports of a vulnerability in older versions of Microsoft Internet Explorer. Based on our investigation, this vulnerability could allow an attacker to execute arbitrary code on the user’s system in the security context of the logged-on user. The attacker could do this by one or more of the following actions: By hosting a specially crafted Windows Metafile (WMF) image on a malicious Web site; By convincing a user to open a specially crafted e-mail attachment; By convincing a user to click on a link in an e-mail message that takes the user to a malicious Web site; or By sending a specially crafted e-mail message to Outlook Express users, which they view in the preview pane. Note This is not the same issue as the one addressed by Microsoft Security Bulletin MS06-001 (912919). The vulnerability exists in: Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 and Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium. Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site, preview a malicious e-mail message, or open an attachment that exploited the vulnerability. In both Web-based and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Microsoft will continue to investigate these reports and provide additional guid

Hello All.

The problems with our Indian bank account have been resolved. We are gladly accepting deposits (cash deposits only, no transfers of any sort) into our usual Indian bank account.

We apologise for the inconvenience.

Admin
TheGoldShop.biz
http://www.thegoldshop.biz/

Hello All.

Unfortunately, our account with HSBC has now been suspended until further notice.

This is due to recent fraudulent attempts against our account.

We hope this issue will be resolved shortly and that we will be able to take deposits at any branch of HSBC again.

This post will be updated when we know more.

We apologise for the inconvenience.

Admin
TheGoldShop.biz
http://www.thegoldshop.biz/

Revision Note: Additional information about the blank password restriction functionality in Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003, and Windows Server 2003 Service Pack 1. Added link to Virus Information Alliance member Sophos. Advisory Summary:Microsoft wants to make customers aware of the Mywife mass mailing malware variant named Win32/Mywife.E@mm. The mass mailing malware tries to entice users through social engineering efforts into opening an attached file in an e-mail message. If the recipient opens the file, the malware sends itself to all the contacts that are contained in the system’s address book. The malware may also spread over writeable network shares on systems that have blank administrator passwords. Customers using Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003, or Windows Server 2003 Service Pack 1 may be at reduced risk from this malware; if the account password is blank, the account is not valid as a network credential. In an environment where you can guarantee physical security, you do not need to use the account across the network, and you are using Windows XP or Windows Server 2003, a blank password is better than a weak password. By default, blank passwords can only be used locally in Windows XP and Windows Server 2003. Customers who are using the most recent and updated antivirus software could be at a reduced risk of infection from the Win32/Mywife.E@mm malware. Customers should verify this with their antivirus vendor. Antivirus vendors have assigned different names to this malware but the Common Malware Enumeration (CME) group has assigned it ID CME-24. On systems that are infected by Win32/Mywife@E.mm, the malware is intended to permanently corrupt a number of common document format files on the third day of every month. February 3, 2006 is the first time this malware is expected to permanently corrupt the content of specific document format files. The malware also modifies or deletes files and registry keys associated with certain computer security-related applications. This prevents these applications from running when Windows starts. For more information, see the Microsoft Virus Encyclopedia.
As with all currently known variants of the Mywife malware,