Microsoft, Kaspersky and Kyrus Inc. took a action against the Kelihos botnet last September, then in January, Microsoft amended its original complaint and named Andrey N. Sabelnikov, as a new defendant in the lawsuit — now, today, the company has reached an agreement with Sabelnikov, and have officially settled and closed the Kelihos botnet case, Microsoft announced stating:
“Microsoft and St. Petersburg software programmer Andrey Sabelnikov have entered into a Settlement Agreement in the matter of Microsoft v. Sabelnikov. During the negotiations, after reviewing the evidence provided by Microsoft and engaging in discussions, the parties have come to an understanding that Mr. Sabelnikov wrote code that was used in the Kelihos botnet code, but the programmer is not the operator of the botnet or involved in its activities. After a review and understanding of all of the details of the case, the parties were able to enter into a confidential settlement agreement in this matter, which resolves the dispute between the parties.”
Microsoft’s MPC has released a short paper that discusses rootkit fundamentals and looks at how they are used by attackers.
Importantly, “the paper also includes guidance on how to guard against the threat and steps you can take if you believe you have been compromised.
Know your enemy and protect yourself by learning about these threats.”
You can download the paper here (PDF).
In other Microsoft news, the IE team, “standardizing the High Resolution Time” specification has been published today as a Proposed Recommendation (PR) and is widely adopted in modern browsers.”
“High Resolution Time specification defines a new time base with at least microsecond resolution (one thousandth of a millisecond). To reduce the number of bits used to represent this number and to increase readability, instead of measuring time from 01 January, 1970 UTC, this new time base measures time from the beginning of navigation of the document, performance.timing.navigationStart. The specification defines performance.now() as the analogous method to Date.now() for determining the current time in high resolution. The DOMHighResTimeStamp is the analogous type to DOMTimeStamp that defines the high resolution time value,” explains IE team.
Additionally, this interface has been broadly adopted in browsers, including full support in Internet Explorer 10 and Firefox 15, and supported with a prefix in Chrome 22.
“This is a great example of what’s possible when the industry and community come together through the W3C,” the team stated.
Take a look at the What Time is it? test drive demo to see how this API works.
In this figure: “Date.now() is time measured since 01 January 1970, whereas performance.now() is time measured since the start of the document navigation”;