net – Paul's Tech Talk

Microsoft makes Firefox more insecure with the .NET 3.5 Framework (KB951847)!

PaulJune 3, 2009

Photo by Daniel F. Pigatto

In February, Microsoft quietly installed .NET Framework Assistant (ClickOnce) Firefox Extension. This extension is a bad idea because of what this could do.

This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.

[Via Annoyances.org]

As you see, this is a way to make Firefox less secure and almost like Internet Explorer. We’ve seen the problems with all the [intlink id=”2946″ type=”post”]Malware exploits[/intlink] that people have used in the past. If you want to uninstall it, well you can’t. Microsoft as went out if its way to prevent users from uninstalling. Here is what Brad Abrams talked about on his blog:

[ad]We added this support at the machine level in order to enable the feature for all users on the machine.Seems reasonable right? Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.

If you went to your Addons Menu and then to your extensions tab you would see that the uninstall button is grey out. You can disable it but you can’t uninstall it. It looks like Microsoft has sent out a patch to let regular users uninstall this addon(KB963707).

I am really surprised that Microsoft did this little stunt. I would of expected more from Microsoft, but to their credit they did this for a reason to allow users who don’t use IE8 but Firefox , to be able to use the .net Framework but this plugin makes browsing just unsafe. Don’t forgot about the [intlink id=”1010″ type=”post”]MobileMe apple installed on Vista[/intlink] without your knowledge. Microsoft and Apple have both had problems but this is very disturbing. This patch they are letting people download to fix the problem doesn’t mean much because it hasn’t been sent out to the Auto updates and requires people go download it manually. So Microsoft believes if you don’t know, it won’t your.

People coming from Sites that don’t exist

PaulJanuary 28, 2009

So I woke up today checking out my sites, and looking outside. So As I was checking my Stats for my blog. I cam across a referring site that brought Supposedly Two people to my site. I looked at the URL for the site:

http://trojan.fiftystatesclassifiedads.com/index.php

[ad#ad2-right]So after seeing the “trojan” Prefix and I am wondering if this was an attempt by Malware to infect my domain. So I go check this domain out. I got to it and I get a 404. I then do a Cache Check with OPENDNS. I also Then decided to see if it was even Registered domain by the doing a Whois. So I am opening this up to people who might know. I did do some research and here’s wha I’ve found out so far.

According to How2hack, they talk about how people want privacy and that it might be someone who does not want to be found. I tend to agree with them, Privacy for Privacy sake is good but if you want to be private you would you even be checking out websites knowing people will want to find out who really is coming to your site. The How2Hack site also talks about how this might happen and I see where they are coming from.

This was the only site I could find that even looked like it was relevant to what I was searching for. I don’t see how someone can come to my site saying they were referred by another site and that site does not exist? Anyone want to try to answer this question and give insight as to why this would happen?

trojan.zlob removal tricks!!

PaulDecember 6, 2008

[ad#ad2-right]

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

[ad#ad2-left]This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.” So to remove this little Trojan you would want to download one an Anti-virus and firewall. Once you install the software the program should fix the problem for you. This one seems to be really easy to fix. So Please read my post on how to better protect your self if you want to prevent this in the future.

sinowal.trojan Problems.

PaulDecember 4, 2008

Trojan-PSW:W32/Sinowal.CP drops and loads a password stealing component on the infected system and tries to steal account information from it. It also tries to steal information that is required to access certain online banks’ and online payment systems’ websites.

[via F-secure]

[ad#ad2-right]It seems to be a very hard virus to remove but there are ways to get rid of this virus. Some tips and tricks to get rid are:

Check out my Anti-Virus Page

Computing.net

The Geek Police

How to Detect Sinowal

This are the beginning steps to get rid of a Virus but it will be a really hard virus because it wants to stay in your system. You should also Restart in Safe mode and Try to remove that virus that one. You will also want to disable your system restore due to the fact that it will be in there and might come back if you restore your system. Just some simple tips to help keep you safe on the net.

You asked for it, Now it’s real — Vista SP2 Dec 4,2008

PaulDecember 3, 2008

Beginning Thursday Dec. 4^th, we will be making the Windows Vista and Windows Server 2008 Service Pack 2 Beta available to everyone through a Customer Preview Program (CPP). The CPP will launch on TechNet and be available to anyone interested in trying out this service pack. The CPP is intended for technology enthusiasts, developers, and IT Pros who would like to test Service Pack 2 in their environments and with their applications prior to final release. For most customers, our best advice would be to wait until the final release prior to installing this service pack.

[Via Technet]

[ad#ad2-right]Yes you heard right, you can get into the Beta of Vista SP2 and not have to wait till April. Some things to remember:

It is a Beta

It will Have Bugs

It is for people who want to test it out

It should only be installed for people who need to test it out

Some of the changes that they are going to incorporate into Sp2 are support for new types of hardware and emerging standards that will grow in importance in the coming months. The complete list of changes can be found here. I will be testing this out sometime this weekend to give it a full thorough check out. I will give a report later on this month possibly first part on January I would like to give it a complete test. To test it out yourself, check out this link for directions on how to download it.