MS Out of Sequence Patch

Today, March 30th, a vulnerability effecting IE 6, IE 6 SP1, and IE 7, that could allow hackers to remotely execute arbitrary code, will be fixed via an out-of-sequence Windows Update. Microsoft says that the new patch will be released around 10 AM PDT. This vulnerability has been seen, in the wild, during the month of March 2010 and Microsoft deems this a “High Priority” update.

Even if you have upgraded from IE 6, and 7 to Internet Explorer 8, you should still get this update. The update will also address several other privately reported issues, some of which do effect IE 8.

So make sure that you have Automatic Updates turned on, or get the update manually by going to www.update.microsoft.com ,using Internet Explorer, and manually get the new patches.

For More Information:

Common Vulnerabilities and Exposures CVE-2010-0806

Microsoft Security Advisory 981374

We All Love Facebook…..but?

The big three…..Facebook, Twitter, and Friend Feed, places where we all go to network socially. But lately it seems that all of these venues for communicating with our friends and family, have come under scrutiny relating to security problems. All of the social networking sites have come under fire regarding privacy issues. Remember when Facebook changed it’s policy overnight and all of your photos and information were changed to a ‘Public’ status, which had to be reset. Bad move, hell, even Mark Zuckerberg had his photos become public, which were quickly changed, but what was going through their minds to change their terms, and not even have the CEO of the company aware of these changes. All this aside, as disturbing as it is, it is not the biggest threat that is being aimed at us through these social networking venues.

Account hacking is fast becoming a serious problem on the sites. Once only limited to email accounts, Spear Phishing is fast growing in popularity among the bad guys and is something that everyone should be aware of. Weak sign on credentials, from users, are making it even easier for these crooks to hack accounts and eventually gain access to places in which no one, in their right mind, would allow them. Check out my post HERE on setting up a more secure password.

Bad Guys are targeting individual accounts by hacking into their friend’s accounts. What happens, is that a bad guy gains control of someone’s Facebook account, and now has access to all of that person’s friends. They will then send a targeted message which states something to the effect of, “You Should See The Photo I Got Of You Last Night”. Of course, you think you know this person so you click on the link which will take you to a fake website, one that looks exactly like one that is very familiar to you, such as Fickr.com. Now keep in mind that this web page will look very much like a real Flickr page, and will ask you to click on a link to view this photo. When you click on this link, a message will display telling you that a new version of Adobe’s Flash Player, or a different Codec is needed in order to view this photo. Conveniently, a link is supplied so that you can get these new versions in order to make it easier for you to view this much anticipated photo. But what we don’t do, is look at the URL, to see where we really are. You are not at Fickr.com but are at a bad guy’s page. When you click on that link to get that new version of Flash or that new Codec, your computer is immediately infected with what will most likely be, a Trojan Horse. This Trojan will now open up your computer to all sorts of new infections, like Keyloggers, and Worms. This could open you up to identity theft, stolen personal data, such as credit card info, banking credentials, and possibly even Social Security Numbers, which could allow the bad guys to open up new credit card accounts in your name.

The point is that as long as you are aware of these issues, you can safely post and communicate with friends via these venues. However, it is critical, that whenever you click on a link, that you keep an eye on the URL (Uniform Resource Locator). For more information on URL’s you can check out my two part posts by clicking on Part 1 HERE, and Part 2 HERE.

Now I use Facebook, Twitter, and Friend Feed, however I like to keep my accounts buttoned down, and only communicate with friends, family, and some friends-of-friends, but that is it. I have seen accounts that are completely public, meaning anything that is posted is visible to everyone. More and more employers are turning to these venues to check on your back round. Imagine a potential employer seeing the photo of you at that party 2 years ago, lying on the floor drunk. That would definitely make me think twice about hiring you. Keep your most personal information PRIVATE.

Now even more devious than the above mentioned hacking of an account starts in exactly the same way. You get your account hacked. Well now you take your computer to work and connect to the network there. Well now the bad guys can see the same things that you can see on your work’s network. Keep in mind, that there is no way that you will know that this is happening.  So you say, well I don’t have any high clearance access to any critical information. No, you may or may not, but someone that you network with at work may, and your computer being infected may allow this worm to spread higher and higher up the chain. This has just happened recently. An occurrence, such as this, could cost you your job.

This is all the more reason to make sure that you keep information on all of your Social Networking accounts private. At the very least, you want to make sure that any that could cause embarrassment (or worse) is, without a doubt, kept private.

Enjoy this new technology, but keep yourself safe. Social Networking is enjoyable and is very useful, however always remember, that what you do and post today, may come back and haunt you years from now. Once it is public, it just never goes away.

It’s That Time……Again!!!

Tomorrow is the 2nd Tuesday of the month again, the day in which Microsoft releases it’s monthly updates to Windows and other Microsoft products. However, according to the Microsoft Security Advanced Notification Bulletin, in comparison to last month’s update, this month’s release will be quite small. In all, a total of two bulletins with patches for 8 vulnerabilities afflicting Windows and the Office Suite of products is what will be patched. The updates are regarded, by Microsoft, to be ‘Important” and everyone is urged to employ the updates as soon as possible.

However, the vulnerability that effects Microsofts VBScript will not be fixed with this update. The vulnerability is explained in Microsoft’s Security Advisory (981169). The vulnerability effects the way that Microsoft’s VBScript (Microsoft’s version of JavaScript), in Internet Explorer,  interacts with Help. This vulnerability can cause the execution of arbitrary code on a logged in users computer, simply by coaxing the user to press the F1 key. Microsoft says that when they fully investigate this vulnerability, they can then determine the proper course of action, which may include a monthly update or a possible out-of-sequence update. Currently there are no known exploits in the wild. This vulnerability does not effect computers running Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008.

So make sure that your Automatic Updates are turned on or plan on running your manual updates tomorrow. Sometime after 11:00 AM EST tomorrow, you should be seeing the updates on your computer.

Some Interesting & Informative Data from Microsoft

Microsoft bi-annually posts on it’s website what they refer to as the Microsoft Security Intelligence Report. The current report encompasses a time frame spanning from January to June 2009, and it offers a slew of interesting and very valuable information. It is very interesting to see what types of vulnerabilities and malware are thriving and in what areas of the world. It also shows what Microsoft and outside software companies are contributing to these threats. All of this is done utilizing color coded and easy to read charts and graphs with dialog explaining the meanings of all this data.

A couple of things that stood out to me is the problems that have arisen due to the Adobe suite of software, actually maybe it is not that surprising being that we are being inundated with security updates, from Adobe, on what seems a weekly basis. The disparaging differences between the exploits and infestations occurring in XP and Vista also made me wince. It will be interesting to see what the differences are once Windows 7 is part of the report.

You can download this report by going to Microsoft’s site, by clicking HERE. There are two different versions of the report in two different formats. I would recommend downloading the 19 page summary version (1.7 mb) as a PDF. It also comes in XPS format. The full comprehensive report is 232 pages (10.3 mb) and contains the exact same charts and graphs.

After reviewing this, kindly leave a comment and let me know what you see as surprising and interesting. I would like to see different views.

Here is the link to Microsoft…..

http://www.microsoft.com/downloads/details.aspx?FamilyID=037f3771-330e-4457-a52c-5b085dc0a4cd&displaylang=en

Q&A #2

Question… is it better to power the computer down completely or just close the cover and sign in when I open it next time.  I’ve seen people do it and I tried it once and it is a lot quicker.

Thanks! John in NY

John – I get this question a lot and I wish I had a straight forward answer for you but the jury is still out as to which is better for your computer.  Some people say that you should “shut down” every time so that you get a fresh boot to start with, while others say that by putting the computer to sleep (shutting the lid) is better as it saves on hard drive wear and tear. Both views have their merits but this is what I think.

If you are going to be using the computer more than once in a day, then I would just shut the lid, and put the computer to Sleep, when you finish your first session and then just re-awaken the computer when you want to use it later. However, if you are not going to be using the computer for a day or two, then I would shut it down or put the computer into hibernation (more on that later). The reason for this is that when a program opens, it uses a certain amount of RAM (operating memory) which it returns to the computer when it shuts down. Unfortunately, some programs do not return this memory or Windows refuses to take it back. This is called “Memory Leakage”.  By closing the lid and reopening it again, you may notice that the computer will slow down over time. This is because the RAM has not been returned or Windows refused to take it. For this very reason, you should shut down and restart the computer at least once a week.

Now when you put the computer to sleep. What is happening is the computer is simply powering down all the devices (ie. hard drive, monitor, etc) but everything that you are doing with the computer is being held in RAM, which is known as “Volatile Memory”. Volatile Memory is memory that is erased every time you turn off the computer. However, when you put the computer to sleep, everything is put into the RAM and minimal power is used to keep that RAM alive. When you awaken the computer, everything powers back on and it looks the same as before you closed the lid.

Hibernation, on the other hand, even though appears to be the same as Sleep, is very different. What happens when you put a computer into hibernation is that all of the RAM is written to the hard drive, and the RAM will shut down and get erased. The computer will then turn off and use no power at all.  But, when you return the computer from hibernation the memory is then rewritten from the hard drive back into RAM, thus your computer screen and everything running will look the same as before you put it into hibernation.

The difference being that the computer is completely powered down during Hibernation, but is not during Sleep. Both have there up and downsides. Sleep is prone to the aforementioned memory leakage and the computer is still using power, but is faster to return.  Hibernation is using virtually no power, but is slower to return, and more prone to a failure when the memory is written back to RAM, in which a reboot will be required anyway.

To put your computer into hibernation, simply act like you are a going to shut down, but choose Hibernate instead of Shut Down. This choice may not be available on some computers, as it may be disabled, it is easy to turn on. This is how you do it.

In XP, click on Start>Turn off Computer and when the option box opens, asking you whether you want to Standby, Shut Down, or Restart, simply hover your mouse over the Standby button and press the Shift key, the Standby will change to Hibernate. Click on that button without letting go of the Shift Key.

In Vista and Windows 7, it is a little bit more involved, but is not too difficult. Click on Start and in the Search Dialog Box type in ‘cmd’ (no quotes). You will then see a search results list, right click on the Command Prompt option and select Run as Administrator. You will then be prompted by the User Account Controls, just click Continue. You will now be at a command prompt. Type in “powercfg.exe /hibernate on” (again, no quotes) and hit enter.

It should look like this:

You will now have the option to Hibernate when you turn off your computer.

Which is better? I prefer sleep to hibernation for short term rests, and hibernation for longer term rests. In either case, the computer should be completely ‘Shut Down’ and re-booted at least once a week. Always make sure you save any documents or work that you are doing before you put the computer either to sleep or into hibernation, just to be on the safe side.

Thanks for the Great Question!!

Have a Question? Email me at theedibleearth@gmail.com ….

What are your thoughts regarding this…..Leave a Comment!!!