Category: Vista

Microsoft Drops a 9 Security updates on Patch Tuesday

Paul

So I get home and here is what they updated for those who would like to keep track:

  • Vulnerabilities in Active Directory Could Allow Remote Code Execution (KB971055) — This update is only for Microsoft Windows 2000 Server, Windows Server 2003, Windows XP Professional and Windows Server 2003.  This one is Rated critical due to Remote Code Execution, which means a program can install malware or viruses on your system and you wouldn’t know it.

  • Cumulative Security Update for Internet Explorer (KB969897) —This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.

  • Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (KB970483) —This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication.

  • Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (KB969462) — This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object.

  • Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (KB961501) — This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request.

  • Vulnerability in Windows Search Could Allow Information Disclosure (KB963093) — This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results.

  • Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (Kb957632) — This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file.

  • Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (Kb968537) — This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege.

    • [ad]

  • Vulnerability in RPC Could Allow Elevation of Privilege (Kb970238) — This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately.

  • Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (Kb969514) — This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file.

As you can see these are rated from being Critical to Moderate.   Each and every one of these should be updated and can be easily done using [intlink id=”2883″ type=”post”]Autopatcher[/intlink].   Something you should consider before doing these updates is to make a Restore point before proceeding or a [intlink id=”682″ type=”post”]Complete backup[/intlink], just in case.  Also it is suggested to install these at your earliest convenience due to the fact that the malware authors will start using and is called Exploit Wednesday. Also it wouldn’t hurt to install some[intlink id=”2205″ type=”page”] free Anti-virus and Free Firewalls[/intlink] instead of using Windows Firewall. This will help protect your in the future also.

Microsoft makes Firefox more insecure with the .NET 3.5 Framework (KB951847)!

Paul

Photo by Daniel F. Pigatto

In February, Microsoft quietly installed .NET Framework Assistant (ClickOnce) Firefox Extension. This extension is a bad idea because of what this could do.

This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.

[Via Annoyances.org]

As you see, this is a way to make Firefox less secure and almost like Internet Explorer.   We’ve seen the problems with all the [intlink id=”2946″ type=”post”]Malware exploits[/intlink] that people have used in the past.   If you want to uninstall it, well you can’t.   Microsoft as went out if its way to prevent users from uninstalling.    Here is what Brad Abrams talked about on his blog:

[ad]We added this support at the machine level in order to enable the feature for all users on the machine.Seems reasonable right? Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.

If you went to your Addons Menu and then to your extensions tab you would see that the uninstall button is grey out. You can disable it but you can’t uninstall it. It looks like Microsoft has sent out a patch to let regular users uninstall this addon(KB963707).

I am really surprised that Microsoft did this little stunt. I would of expected more from Microsoft, but to their credit they did this for a reason to allow users who don’t use IE8 but Firefox , to be able to use the .net Framework but this plugin makes browsing just unsafe. Don’t forgot about the [intlink id=”1010″ type=”post”]MobileMe apple installed on Vista[/intlink] without your knowledge. Microsoft and Apple have both had problems but this is very disturbing.  This patch they are letting people download to fix the problem doesn’t mean much because it hasn’t been sent out to the Auto updates and requires people go download it manually.  So Microsoft believes if you don’t know, it won’t your.

Why Norton users do it wrong with Passwords

Paul

I just read this blog post Phishing attacks on Facebook users point to efforts to mine login data for profit. After reading one of the suggestions on how to create a good password and I’ll quote:
< [ad]blockquote>1. Use complex passwords and unique ones for each site. My method? Pick one string of letters and numbers and then add the first letter from the website’s name. For example: if my password “string” were “abc123$” then my Facebook password would be “Fabc123$”.
Now I can see where this can be used to figure the password?  If people use this method they would still be able to figure it out over time.   Let’s say you use the same sequence of numbers and letters after each site you go to.  This would make it much easier for a hacker to figure out the other passwords.

I will keep saying this time and time again, remembering passwords for me is the past.  I’ve been using [intlink id=”2646″ type=”post”]Roboform[/intlink] for the past few months and haven’t had any problems.  I’ve also have them backed up to Mozy to help protect my passwords.  As long as you back them up with Mozy and Keep save a copy of it off your hard drive you will be much safer than trying to remember a good password.

If you would like to find ways to help backup your passwords or your valuable information please [intlink id=”3171″ type=”post”]check this out[/intlink].

Remember your Roboform passwords are stored at :

C:\Users\(your username)\Documents\My RoboForm Data\Default Profile (Windows Vista and Windows 7).

C:\documents and settings\(your username)\My Documents\My RoboForm Data\Default Profile (Windows XP).

Although Norton’s suggestions does help keep your a little more safer this can be easily used to brute force attacks because they probably have tried letters from the website just because they do think about these things. You should always have a really good password and [intlink id=”2646″ type=”post”]Roboform[/intlink] can do that for you and keep it safe.

Deciding the need for a Full backup or backing up your important files

Paul

This weekend I talked about Backups on the [intlink id=”3455″ type=”post”]Mike Tech Show listener Round table[/intlink], and I heard from one or two people saying you can’t do a full backup with Allwaysync, and to a point that is true but I really don’t need a full back and some have said the program is only good for Synchronization and not backup.

I could debate that last point because what is a backup?  Wikipedia defines it as “backup refers to making copies of data so that these additional copies may be used to restore the original after a data loss event”.   So backing up and Synchronizing are essentially the same thing.  Some users will argue that it is getting every file on your hard drive but I don’t think so.   I however will tell you that Most files on your hard drive don’t need to be copied.   Due to the fact that if you get a complete backup of your windows directory you will most ly end up where you left off, Viruses or some file that corrupt.   I don’t make copies of the windows for that one reason, I have all OEM systems and don’t need to worry about the Windows because when I do a system restore, I get my system back to the Factory default.

With Vista you have some data that is never put in Windows system, like your email settings and other such important date.  This is usually put in the Application Data directory, which is usally “[DRIVE]\USERS\[USERNAME]\AppData” . To get to the directory in Vista just type “%APPDATA%” in the Vista search bar and hit enter.  So I tell Allwaysync to copy everything in that directory including subdirectories.  This is where my configuration files are put for each and every program I install or run!!

People will also argue that you need to compress the data or use a Proprietary software to backup your hard drive, although this can be useful.  The more complicated the process the more chance there is for failure.  My dad always told me to keep it simple.  The simplest is usually the best in my opinion.  If I were to need to backup data, I do not need any program to get to it.   This is how I like it, plus if the drive starts to go bad you have more time to move the data off the backup drive because of moving parts and the magnetic properties could change the compress file just one bit and you would not be able to access the programs inside of it.

I also have a 500 gig external backup drive for use with keeping my data backed up, which my two laptops only use 380 if I back up all of my hard drive space but in my case my data drive is usually just used a safegaurd if I did need to do a restore on the road.  I’d still have my important programs ready to re-install and restoring my configuration files.  I wouldn’t be in the dark if I had to restore on the road.  This is how I keep my important safe.  I use:

  • [intlink id=”3059″ type=”post”]My A600 Broad Band Sd Card[/intlink] — Passwords and such on it

  • My External hard drive —  Important Software and important files

  • Mozy Free 2 Gig – I use this also to put my Passwords and my configuration files here.  It’s free but you can pay 4.95 a month for unlimited.  I like it and it works really well.

  • My spouses computer – We keep our important passwords on each other computer just in case we are on the road with one laptop we can always have access to the passwords for each of our accounts.

This has worked for me for quite some time but this isn’t for everyone, some require the compression on the hard drive and that is fine but I don’t.  I hope this clears it up on what I said on the Mike Tech show.  I did however make a mistake.  This software is not bit by bit coping it is however a file by file copy.   That was my fault and no others.  I’m only human.  Hope you understand.

Cellular Modem common problem — DNS LOOKUP

Paul2 Replies

With Cellular Modems being used more and more, the common problem is:

Address not Found Address not Found

This is something that comes with any ISP the DNS lookup problem. In which your connection acts like a VPN connection, it connects to a cell tower and then gets transported to the nears server and then goes on the internet. The Server does the DNS lookup for you and send you to the right page. There seems to be a problem with my Cellular DNS server because it doesn’t have a complete list and if it doesn’t know where you to go you get that screen.

[ad#cricket-right-ez]So I found an easy way to fix this problem. I have been using my Host file to tell my computer the IP of the server that I am having the problem. So how do I find out the Ip of the server? This can be a problem to an extent.

I found that visiting the OpenDns.com Cache check will tell me the internet protocol of the server for the time but it could change. I just edit the host file manually and insert the need information by hand. Like I said the IP may change from time to time depending on where you are going or if it is a big server. The servers ip will rotate to help the bandwidth and keep it even on all servers, so this only works with servers that have a Static IP.

There is a program that will help you manage your host file it’s called Hostman and this does makes editing your Host file a little more easily. I have used this and I haven’t found anything that does do anywhere better than this. If you have a suggestion on a good Host Manager, please tell people in the Forums or leave a comment. I’d love to hear some good programs to help update the Host file more easily.