system – Page 6 – Paul's Tech Talk

The Important Windows patches Released Today

PaulDecember 9, 2008

As many of you know we talked about the Non-critical patches that Microsoft will release today. IF you want to read those please go and check it out. I’ll be talking about the REALLY important ones that Microsoft has kept tight until now. These are the more important ones but I will list the ones that I previous talked about to better help people recognize the non-important ones:

[ad#ad2-right]

KB955839

KB957388

KB890830

KB905866

These are just the tip of the iceberg. although this list are not A lot. I’d wanted to let people know about what people coin “Exploit Wednesday“. I really don’t know if this is a Myth or actually does exist but I’d figure we discuss the problems associated with installing the critical updates and try to tell you which ones should be installed As soon as possible. Though people have in the past used a Virtual Machine to see if there is any problem, that should be your first step if you don’t want to have any problems with these updates. I don’t suggest testing it more than a couple days. Here are some good Virtual Machine software to try out yourself:

Hyper-V (Microsoft Product)

VMware Virtual Machine

Virtual PC 2007 (Microsoft product)

Virtual Box – Sun Microsystems (FREE)

Kaffe Virtual Machine (Haven’t Tried this one)

Here is the list of updates that are critical that Microsoft released today. Each one of these are quite important and should be considered installed when you get a chance.

[ad#ad2-left]Microsoft Security Bulletin MS08-073 – Critical
Cumulative Security Update for Internet Explorer (KB958215)

This security update resolves four privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Security Bulletin MS08-071 – Critical
Vulnerabilities in GDI Could Allow Remote Code Execution (KB956802)

This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

[ad#ad2-right]Microsoft Security Bulletin MS08-075 – Critical
Vulnerabilities in Windows Search Could Allow Remote Code Execution (KB959349)

This security update resolves two privately reported vulnerabilities in Windows Search. These vulnerabilities could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

KB952069
(not quite sure what this one is, when I go do a Google search this is what pops up. It was in German but Google translated it for me)

In the Windows Media Runtime to the default in Windows XP SP3 contains Windows Media Player (WMP) 9 were discovered vulnerabilities that could allow an attacker to compromise your Windows-based system and gain control over it. See Security Bulletin MS08-076 ( englisch bzw. deutsch ) See Security Bulletin MS08-076 (English or German)

These are just ones that I found and wanted to let you know, the others have been explained on the other article. So check them all out and I suggest installing them quickly as possible.

Facebook: Virus Variant comes back from the dead!

PaulDecember 8, 2008

In my recent post, I talked about a Virus that is circulating around on Facebook. It is know as the Koobface virus and has been changed a little by the programers. So I what is Techworld saying, just this:

[ad#ad2-right]

In fact, Koobface is now using one of Facebook’s own features against it, Lovet said. The latest variant uses Facebook’s ability to redirect web links to drive users to malicious websites, often hosted on Geocities.com, Lovet said.

[Via Techworld]

If you have been victim to this little virus, you should check out my Virus removal page and download the programs that should fix this little virus for good on your system. You should also check out my Previous post I also have some good tips and tricks to prevent the user(YOU) from getting hit by this virus in the first place. This virus is a Good social engineered virus, so please be careful.

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

PaulDecember 5, 2008

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

[ad#ad2-right]So having seen this I thought I’d come up with ways around this to better protect yourself. One way to prevent this from getting your sensitive data is to get a program like Sandboxie. You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer. I’d also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening. It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free to download and try. It will encrypt your passwords so if they don’t know the master password then they are out of luck. Roboform is also good for coming up with some strong passwords. Just some suggestions to prevent from people seeing your sensitive data, you don’t want anyone to get that data.

Are you patched, Secunia Says NO

PaulDecember 5, 2008

Think you’ve got nothing to worry about, according to Secunia 98% of computers are not fully patched and are vulnerable to some kinda of attack. [ad#digg-right]So I wanted to talk about this a little and give you a few good ways to make sure you are patched. There are several ways to get your system up to almost 100%.

[ad#ad2-left]Some things to do is make sure you have your Windows systems updated. This is easy to make sure, if you have an internet connection you can just check for updates. If you don’t know how to do it, it is quite simple, Just go here. If you have Windows Vista all you have to do is hit Start and type in the search box “Windows Update” and hit Enter and you will be taken to the update page.

If you have a system that is off of the Net you could use the Clone of Autopatcher Program to do it for you. You also need to update all your secondary programs such as Audacity, Open Office, and other programs that you use weekly.

[ad#ad2-right]If you don’t know what you need to update sometimes just having a program check for you can make a really good difference. The one that I like to use is Appsnap and it actually searches you computer to see what might need to be updated. I also suggest for the final suggestion is check out my Anti-Virus and Anit-Spyware Resources and make sure you have a firewall and anti-virus software. This will greatly reduce your chances of getting a virus but that isn’t all you have to be careful on what you click on read this article on Some Important programs to prevent yourself from having viruses and Malware!! Read that carefully to better understand how you can protect yourself in the future.

Facebook Virus strikes again

PaulDecember 4, 2008

“Look you were filmed all naked!” read the subject header on one iteration of the virus-spreading message, which is being sent automatically from infected accounts to the “friend” list for that account. Clicking the link usually takes users to a page that looks like YouTube, and a pop-up message advises the user to download a Flash plug-in. The download contains the virus, which replicates by contacting everyone on the victim’s Facebook friend list and advancing the hoax.

[Via Boston Media]

[ad#ad2-right]This is a good social engineered attack, they seem to have you download a virus into your system. I Keep talking about how you need to be careful with emails. I also suggest that you do a complete Virus scan if you think you’ve been hit with this. There is only one way to prevent yourself from getting this little facebook virus and that is not to click it. Some other things to consider if you found out this was a virus is to contact the person who sent this to them so they to could do a virus scan on their system.

It is always going to be something to be hard, because these people are using social engineering. It seems they are trying to prove a point, even Macintoshes can be vulneble to this attack. If you get anything through you email from people saying they seen you naked or got pictures of your butt, I’d suggest, not clicking those links.