2009 – Page 51 – Paul's Tech Talk

Patch Release information Feb 10, 2009

PaulFebruary 10, 2009

I just got the patches that were sent down from Microsoft., Here’s what I do know:

Cumulative Update for Media Center for Windows Vista (KB960544)

Download size: 12.0 MB
You may need to restart your computer for this update to take effect.
Update type: Recommended

[ad#ad2-right]Install this update to resolve issues with Media Center for Windows Vista. For complete list of the issues that are included in this cumulative update, see Microsoft Knowledge Base article 960544. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=137169

Help and Support:
http://support.microsoft.com

Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB961260)

(CVE-2009-075, and CVE-2009-076)Download size: 7.9 MB

You may need to restart your computer for this update to take effect.

Update type: Important

[ad#ad2-right]Security issues have been identified that could allow an attacker to compromise a computer running Microsoft Internet Explorer and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=139814

Help and Support:
http://support.microsoft.com

Update Rollup for ActiveX Killbits for Windows Vista (KB960715)

Download size: 44 KB

You may need to restart your computer for this update to take effect.

Update type: Important

[ad#robo-right-120×90]Security issues have been identified in ActiveX controls that could allow an attacker to compromise a system running Microsoft Internet Explorer and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

More information:
http://go.microsoft.com/fwlink/?LinkId=139076

Help and Support:
http://support.microsoft.com
MS09-004: Vulnerabilities in Microsoft SQL Server could allow remote code execution
(KB959420) (MS09-004)
(CVE-2008-5416)(Exploit code publicly available since December 2008)

This security update resolves a privately reported vulnerability in Microsoft SQL Server. The vulnerability could allow remote code execution if untrusted users access an affected system or if a SQL injection attack occurs to an affected system. Systems with SQL Server 7.0 Service Pack 4, SQL Server 2005 Service Pack 3, and SQL Server 2008 are not affected by this issue.

MS09-003: Vulnerability in Microsoft Exchange could allow remote code execution
(KB959239)(MS09-003)

(CVE-2009-0098 CVE-2009-0099)

This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding.

Each One of these Updates is either important or recommended. As you can see on all of them it is time to load up Clone of Autopatcher and start downloading these patches. If you start now you should be able to keep the bad guys away this weekend. I just loaded it up and it downloaded all the new patches rather quickly.

Now on to the good stuff, As you can see each of these are important to patch your system and each of these patches need to be installed before someone makes a worm or virus to compromise systems. I can just see people sending out fake emails that would compromise the Media Center trying to install some Malware. I can also see people trying to use the IE Vulnerability also, and the Active X. These should be taken serious and installed before the week is over. Some other things to consider is having a good Anti-virus and Firewall setup to prevent infection in the first place. It’s up to us IT guys to keep the employees from doing something they shouldn’t. Only you can prevent a Virus infection. (I’ll update when more information is available for a week)

Internet Security Companies Warn about Patch Tuesday and Valentines Day.

PaulFebruary 9, 2009

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.
[ad#ad2-right]

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

So which ones will likely be the exploits they will use? I have a few theories on that and One of them is the INTERNET EXPLORER vulnerability that will be patched and will try to get you to launch the link and will most likely try to launch it in Internet explorer, That would be my guess. It seems to be Internet Explorer 7 and Below which will be patched so if you want to try out the IE 8 Beta, You should be safe on that. Although the best bet is to prevent users from clicking links in emails and also warning them not to open any attachments they are not expecting. I’d also have the AutoPatcher ready to install the lastest patches for this Tuesday and schedule a time this week to update all the possible systems involved with the Databases. Although this isn’t one that tries to steal your data it is however a chance the writers to look at what you have and you know how that can be call a data breach. So if your the IT for the department I’d suggest sending out warnings so they can keep from being caught with their pants down. I’d also suggest having Anti-Virus and free Firewall installed on all the major systems and it wouldn’t hurt to have the installed on minor systems if at all possible.

ThePirateBay might be blocked in the US

PaulFebruary 8, 2009

I was looking around on Google and thought I just for giggles check out the Piratebay complaints. I tried going to the site and here’s what Popups:

[ad#ad2-right]I tried on OpenVPN and my Local ISP, It keeps saying that. I then tried on my Cricket Modem and it tells me the connection has been interrupted, like something stops the connection in the first place. I can ping it and I can Tracert the Site but I can’t even view it. I would like to know if Anyone else is having this problem also. Although I’ve not checked Thepiratebay.org complaints for quite some time because I’ve been so busy with my website. If you want to watch your favorite shows check out these sites like Hulu, CBS, NBC, ABC, ABC FAMILY and TNT.TV for free. I am just curious as to what happened and does this have anything to do with Net Neutrality? Anyway I wanted to talk about this and see what people are saying. Anyone know what is going on? Let’s talk about this and help everyone by saying what you know. I don’t know if Thepiratebay.org is down but I do wonder if someone is preventing people from getting to the website. I’ll update when I have more information.

Twitter Spammers are getting more smarter

PaulFebruary 8, 2009

I got an interesting email about someone following me. I went to go check out there profile and Guess what I see:

As you cann se this account only had one post but people seem to be following back due to the picture and the bio. I checked the account about 30 mins later and here I will show you:

[ad#ad2-right]It seems that if people see it has a picture and a bio that doesn’t sound like it is is advertising anything, they will simply follow them back. That really isn’t a good idea. Sooner or later they will start sending out spam to people who are following just because they haven’t been caught. I also checked out the Web site they have new there bio and it leads to http://www.squidoo.com/twittertipstricks. I hope the website knows their link is being used by a spammer. Although this could be a 2 for one deal for having there link also being used for spammer so they can get traffic to there site. I would be worried my ISP doesn’t cut my website due to THE TOS. Although I serious doubt it would happen I do know it could happen. So users are being fooled by spammers, and people aren’t looking hard enough into the account. Users should be warned they shouldn’t just follow back if it looks like it is a person. I know this is a robot and expect it soon to start sending out spam to all those people who are following. I just thought I’d share what I found out. If you clicked on the tinyurl.com it sends you to Partnerwithpaul.com website which talks about making money like all other spam. Just be careful you don’t end up having regrets on following people who are bots.

Understanding Adsense for the Beginner

PaulFebruary 7, 2009

So you have a website and you’d like the site to pay for itself. That can be arranged it however depends on your website performance. You see you won’t make a lot of money if you don’t have several things going for you. I thought I share with you my experience with making money through Adsense. As you saw, I made enough money to pay for the website for 5 years. It isn’t hard to make money it is however very difficult to keep getting the money. Most people don’t know the tricks to making money with Google’s Adsense.

I’m here to help you out a little with understanding it and getting even more money from your adsense. So here we are 3 months into to putting Adsense seriously on my site and let’s take a look shall we:

As you can see I started off quite slowly as I figured out how to best do it but gained momentum after that. First Month I made $17.19 and the Second Month I made $45.57, the last month I made $64.99 totaling $127.75 leaving me with 16.75$ from the few previous months that I tinkered with Adsense. So where do you start? I found that to be the hardest part, because of the complexity of where I could put the ads. I tried having strips breaking up the text in my blog post that really didn’t get me hardly any clicks. Then I started to incorporate the Adsense into the posts. I learned how to do it through a great blog post and I’ll talk about that later. Here’s what you need to know right now though:

Create good content — This goes without saying that if you don’t have good content people will never find your site. There are a multitude of ways to create content. Some of the most useful for me is How-to, finding a Niche, and Also just blogging about what you passionate about. These will often draw people to your website.

Gjaylaramieet people to link to your post — This will help with search engines because they do some math to figure out if your a real site and how trustworthy your site is on the internet.

Use Microblogging — It is well known people use Twitter, Friendfeed, and others a like to tell people what they post about. It can be great place to help promote your blog and get people to come more and more to your site.

Try not to annoy the users with Ads — This is the most important if you want people to come back to your site you should make sure you don’t send people away from your site. People will not want to come back if you annoy them to much. So it is essential that you keep them happy.

Find a good blog theme — A good theme helps bring people to your site by making it easier to read and find what they are looking for. You might also consider making a sneeze page to keep people coming back to your site. This will help your readers and make it more of your own. You might also want to buy a theme for your blog sooner or later.

With These tips and tricks you too could be on your way to having a great blog. I would be willing to bet that soon I will be triple that amount if I keep up with what I am doing. I hope you tell people about this blog and let people know how good this blog is for you. Remember only you can prevent virus infections.