A dodgy anti-virus update from AVG wrongly flagged up the popular ZoneAlarm firewall as a Trojan on Tuesday.

The mis-firing AVG definition file tagged components of ZoneAlarm as infected with the Agent_r.CX Trojan horse and quarantined important files. As a result users running the popular antivirus package alongside security suite software from Check Point were left with a malfunctioning firewall, mystery infection reports and an inability to re-install their ZoneAlarm software.

IT security and control firm Sophos is warning computer users to be vigilant following its discovery that legitimate webpages on the website of Adobe Systems were hosting malicious code that can infect visiting computers.

Sophos identified the threat, known as Mal/Badsrc-C, on the Fortune 1000 company's 'Vlog It support center section' - an area providing tips for video bloggers - on Friday 3 October.  Despite repeated attempts by Sophos to contact Adobe about the problem, the malicious code was still present until last night.

The desktop PC version of Asus' popular Eee PC has shipped with a virus in Japan, the company has warned.

The low-cost Eee Box, designed as a basic for managing photos, sending email, surfing the web, and other day-to-day tasks, launched in Japan last week, but Asus has warned owners that it contains a virus file named 'recycled.exe'.

Today is the day we can finally start talking about clickjacking. This is just meant to be a quick post that you can use as a reference sheet. It is not a thorough advisory of every site/vendor/plugin that is vulnerable - there are far too many to count. Jeremiah and I got the final word today that it was fine to start talking about this due to the click jacking PoC against Flash that was released today (watch the video for a good demonstration) that essentially spilled the beans regarding several of the findings that were most concerning. Thankfully, Adobe has been working on this since we let them know, so despite the careless disclosure, much of the work to mitigate this on their end is already complete.

NoScript, the security add-on for Firefox, has been upgraded to protect against clickjacking.

NoScript blocks scripts in programming languages such as JavaScript and Java from executing on untrusted web pages. The scripts could be used to launch an attack on a PC

The new improvement to NoScript, called ClearClick, can detect if there is a hidden, embedded element within the web page. It then displays a warning message asking the user if they still want to click on it.