Microsoft's Excel spreadsheet program has a zero-day vulnerability that attackers are exploiting on the Internet.

A zero-day vulnerability is one that does not have a patch and is actively being used to attack computers when it is publicly revealed. Microsoft said Tuesday that it plans to patch the issue, but did not say when. The company's next set of security patches are set to be released March 9.

"At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability," wrote Microsoft Spokesman Bill Sisk in a blog posting. "We are developing a security update for Microsoft Office that addresses this vulnerability."

Virus authors have released a new variant of the infamous Conficker (Downadup) worm with enhanced auto-update features.

The changes in the new strain of the malware, dubbed Conficker B++, make it possible for malware authors to push out new code without publishing it on pre-programmed sites, as with earlier variants. The earlier approach has been frustrated by the recent formation of an alliance led by Microsoft geared up to block and take down sites associated with the worm.

Security researchers have developed an unofficial patch for a zero-day Adobe Acrobat and Reader vulnerability that's become the subject of hacker attacks.

Adobe acknowledged the vulnerability last week but said an official patch wouldn't be available until 11 March.

This three week window of vulnerability before an update becomes available is all the more serious because hackers have created a exploit, Shadowserver reports. Malicious PDF's in circulation exploit a vulnerability in a function call not related to JavaScript. JavaScript is used in the malicious PDF but only to "fill the heap with shellcode" (ie to crank up the attack), Shadowserver explains.

Australia's controversial plan to implement a mandatory ISP filtering system may crash into a big brick wall after a backer effectively changed teams. Senator Nick Xenophon was previously in favor of a system that would run all citizens' Internet connections through a filter for "illegal" content because it might have also blocked access to online gambling sites. As more and more concerns about the workability of the ambitious plan have been raised, however, he has decided that there are too many unanswered questions and now says he will move to block any legislation that comes through.

The Australian government first revealed its filtering initiative in 2007, which was met with widespread public outcry. Despite this, Australia moved forward with its plans and began testing the system in Tasmania in February of 2008. At the time, the Australian Communications and Media Authority (ACMA) said that the filters would be enabled by default and that consumers would have to request unfiltered connectivity if they wished to opt-out of the program.

You know that $185,000 you've been saving up to register .zomgilovearstechnica as your very own generic Top Level Domain (gTLD)? It looks like you'll have to wait a bit longer. On Thursday, the Internet Corporation for Assigned Names and Numbers released a revised version of its draft guide to expanded gTLD applications, along with a lengthy analysis of the voluminous comments and critiques they received in response to the first draft. To give themselves time to process a second round of comments, ICANN will push off implementation of the plan from September to December of this year.

Last year, ICANN's directors voted unanimously to move forward with an ambitious plan to massively expand the Net's system of generic Top Level Domains (gTLDs). The proposal would allow anyone able to fork over a princely application fee, along with annual maintenance charges of $75,000, to add their very own gTLD—such as .arstechnica or .blog or .riverrunpasteveandadams—to the familiar roster of 21 existing domain extensions, such as .com and .org. But ICANN's first-draft guidelines for new domains generated an avalanche of critical comments—not least from the US government. It has released a second draft that seeks to address some of those criticisms, as well as a 154-page analysis of the comments they've received—but some critics say the central problems with the proposal remain.

As high-tech tools expand the ability of intelligence and law enforcement agencies to sweep up and sort vast quantities of communications traffic, European Union officials worry that encrypted Voice over IP technologies like Skype are leaving criminals with a digital hole in the telecom dragnet. In a statement released this weekend, the Italian arm of the European Union's judicial cooperation agency, Eurojust, announced it would lead an international effort to "overcome the technical and judicial obstacles to the interception of internet telephony systems."

The statement singled out Luxembourg-based Skype as presenting particular problems, because "Skype's encryption system is a secret which the company refuses to share with the authorities." Eurojust officials told reporters that the new initiative comes at the request of Italian authorities concerned that organized crime was resorting to encrypted Skype communications to evade eavesdropping.

As an Internet blackout hit blogs across New Zealand today, the government announced that it would postpone the implementation of its hugely controversial "graduated response" law for dealing with (and eventually disconnecting) repeat P2P copyright infringers.

New Zealand's 1984 Copyright Act was last year amended in numerous ways, but the most controversial has certainly been new section 92A. "An Internet service provider must adopt and reasonably implement a policy that provides for termination, in appropriate circumstances, of the account with that Internet service provider of a repeat infringer," it says.

Microsoft has filed a patent infringement lawsuit against navigation device maker TomTom. The suit alleges that several of TomTom's products, including some that are Linux-based, infringe on a handful of Microsoft's patents. Several of the patents in question relate to car computing systems and navigation, but there are also two that cover Microsoft's FAT32 filesystem. If Microsoft begins to systematically enforce its FAT32 patents, it could have broad ramifications for the Linux platform and for mobile device makers.

The lawsuit, which was reported today at Todd Bishop's Microsoft blog, is thought to be the first time that Microsoft has directly targeted Linux with patent litigation. In an interview with Bishop, Microsoft deputy general counsel for intellectual property Horacio Gutierrez claims that this is not the beginning of a broader intellectual property campaign against Linux. Gutierrez characterizes the lawsuit as a last resort option that Microsoft is pursuing after attempting to negotiate a private settlement with TomTom for over a year.

The Supreme Court has unanimously rejected a lawsuit against AT&T charging that the telco engaged in "price squeezing" against smaller Internet providers. A group of carriers led by Linkline Communications complained that the DSL giant charges high rates for wholesale access and low rates to consumers, effectively pushing competitors out of the market.

But the Supremes ruled on Wednesday that AT&T had "no duty to deal" with these carriers, at least as far as the Sherman Anti-Trust Act is concerned. The key to this logic is that while the Sherman Act forbids a company from monopolizing trade or commerce, it doesn't force the business to sell its services to other firms.

Ms Vessey approached Weta with the ambition of making a tail that was both practical and beautiful, a task that proved to be a pleasing challenge for our team.

The unique articulated construction of the tail will allow Vessey to propel herself through the water with an undulating movement as if she was a mermaid.