"Many SMBs wrongly assume antivirus is all they need, when they actually face complex threats ranging from hackers trying to steal credit card data, employees who may accidentally lose intellectual property to a natural disaster that can take down servers that house their customer information," says Lyle Epstein, president and CEO of Kortek Solutions. "A multilayer approach to security is essential and Symantec Protection Suite Advanced Business Edition will help solutions providers and our SMB customers completely protect the information that drives their businesses."

Symantec has lowered the price of the Protection Suite Small Business Edition by 40 percent, effective immediately. The company will also offer hosted services for email and web security. The new Protection Suite is aimed at SMB that lack dedicated IT departments and simplifies administration and lower total cost of ownership by enabling users to manage backup, recovery and security for the entire organization in a single suite.

"We are sometimes surprised to find that many small and medium businesses don’t deploy antivirus, spyware and network protection software to prevent potential disruptions to their day-to-day business operations," says Evelyn Laeschke, a software engineer with Gemini, a Symantec partner. "If their networks are compromised by malware or a hacker and they don't have an up-to-date backup, they are really in trouble."

The Protection Suite Advanced Business Edition is expected to hit the market during summer 2010.

"Our investigation so far has shown that Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable", Microsoft says in a blog post. “The vulnerability exists due to an invalid pointer reference being used within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.”

Microsoft recommends running IE in Protected Mode, which is only available on systems running the Windows Vista or later operating systems and at least IE7. In Protected Mode, Internet Explorer 7 in Windows Vista cannot modify user or system files and settings without user consent.

Microsoft is considering an "out-of-band" update to mitigate the exploit before the company's next patch Tuesday, the company said on its blog.

"This is the biggest network of zombie computers ever discovered," said Juan Salon, the head of the cybercrime unit of Spain's Civil Guard Police. "Fortunately this botnet of 13 million computers was controlled by someone who hadn't realized how powerful it was. The Mariposa botnet would have had much more computing power than the one used in a notorious "cyber-attack" on Estonia."

The three Spaniards arrested did have no criminal record and only limited hacking skills. They did buy the virus used to infiltrate on the black market over the Internet and used loopholes in Microsoft’s Internets Explorer (IE) infiltrate PC’s and servers in 190 countries. The Georgia Tech Information Security Center and Panda Security were also part of the group.

Police said that the gang tried to "rent" part of the botnet to cyber criminals from around the globe. They also sold stolen credentials such as banking and credit card information. The Mariposa network was detected in May 2009 by Defense Intelligence. The Canadian information security firm alerted the FBI.

The Spanish police arrested the masterminds behind one of the world’s largest botnets. "It was so nasty; we thought we have to turn this off. We have to cut off the head," said Chris Davis, CEO of Defense Intelligence Inc, which discovered the virus last year.

Mariposa was programmed to secretly take control of infected machines. The virus would steal login credentials and record every keystroke on an infected computer. "Basically they were going after anything that would make them money," Davis said. Mariposa initially spread by exploiting vulnerability in Microsoft Corp's Internet Explorer Web browser. It also contaminated machines by infecting USB memory sticks and by sending out tainted links using Microsoft's MSN instant messaging software, he said.

The arrested men have not been named beyond their screen names of netkairo, jonyloleante, and ostiator. They are said to be Spanish citizens in the 20s or early 30s.

While the botnets command and control centers have been dismantled, millions of computers remain infected.

While Waledac was responsible for sending more than 650 million spam e-mails to hotmail accounts during an 18-day period in December of 2009, others say the botnet did not make a big contribution to global spam levels.

Jose Nazario, a security expert at Arbor Networks, told the Wall Street Journal that the internet addresses Microsoft has brought down could be a small percentage of those used by hackers to control the network.

"Waledac was not a high threat, it's less than 1 percent of the spam traffic," said Richard Cox, chief information officer at Spamhaus. "What we're worried about is Zeus, which is a far more damaging botnet, which is creating a substantial amount of spam."

The software giant claimed its approach had "quickly and effectively cut off traffic to Waledac and severed the connection to most of its thousands of zombie computers".