Google's Webmaster blog has published a detailed post on the security issues of open redirect URLs and how websites can identify if their site is being attacked by spammers using this method, and how to prevent it happening.

Some websites use open redirect URLs in situations where it's helpful to redirect users to another page. Unfortunately, such redirects that are left open to any arbitrary destination can be abused and it's becoming a more common method since spammers can take advantage of a website's functionality rather than exploiting a simple bug or security flaw. These spammers hope to use the targeted domain as a temporary "landing page" to trick email users, searchers and search engines into following links which appear to be pointing to the site, but actually redirect to their spam site.

The BBC website covers the latest 'worm' attack which is threatening PCs around the world. Dubbed the Conficker virus, this worm is spreading rapidly through low security networks, memory sticks, and PCs without current security updates. The malicious program was first reported in October last year although there has been no direct impact yet - security experts say that the spread of the worm appears to be levelling off, although there are fears someone could easily take control of any and all of the 9.5m infected PCs.

PC users should continue to remain vigilant about these type of attacks and have up-to-date anti-virus software, as well as install Microsoft's MS08-067 patch. Some experts are saying that this outbreak is at a scale they had not seen for some time.

The BBC report says that Microsoft have described the worm as one that works by searching for a Windows executable file called "services.exe" and then becomes part of that code. It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site. Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down. But Conficker does things differently by using a complicated algorithm to generate hundreds of different domain names every day but only one of these will actually be the site used to download the hackers' files. This could make tracing this one site is almost impossible.

Microsoft has said that the malware has infected computers in many different parts of the world, with machines in China, Brazil, Russia, and India having the highest number of victims.

The BBC website is among many to report the serious security flaw discovered in Microsoft's web browser, Internet Explorer v7. This flaw could allow criminals to take control of people's computers and steal passwords - it has come to light with gaming passwords being stolen, but the vulnerability could present other security issues for web users.

Microsoft has moved quickly to issue a security patch to fix the flaw, which has reportedly already affected as many as 10,000 websites. Since Internet Explorer is used by a majority of computer users the flaw could affect many webs users and some security experts have suggested that users changes their browsers to Firefox, Opera, Chrome or Apple's Safari system which are not vulnerable to this current flaw.

However, Microsoft have also provided this patch through their automated download system to user's PCs and they recommend that users do have this option selected to happen automatically in the case of these short-term issues.