Category: Vista

Stop botnets in its tracks With a Firewall!

Paul3 Replies

According to PC World and I’ll quote:

According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.

[via PC World]

[ad#ad2-left]Now let’s talk about this, having been seeing recent surges of people getting infected.  I’ve come to the conclusion that companies like AVG and other Anti-Virus companies are keeping up.   Now true if all you have is an Anti-virus and nothing else that greatly increases your likely hood of getting a virus.

In a recent virus storm, We have people finding my site because of a Good Firewall.   No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it.  So let’s talk about how to prevent botnet attacks.   This is relatively easy and if you follow some common rules.   You to could be less likely to be infected.  I will say this most people don’t do these common tips and they should do them.

[ad#digg-right]So what should you do to help prevent from getting a Virus or Malware.  This is really simple, you want to find an Anti-virus Software that you like, and Firewall that you like also.  You’ll also want to download the tools to better help you in case you do get infected.  Some of these tools I recommend are Hijackthis, Spybot Search and Destroy, Hitman Pro, and Ad-aware 2007 Edition (FREE).  Then Go buy a Sandisk USB memory Stick and put those on there for later use!!  You will always want to keep a backup of those just in case you get infected.

[ad#ad2-right]Make sure you update Windows regularly.  Having seen this time and time again, if you don’t keep windows updated then you lose the battle.  If you have a system that needs updating, I suggest downloading the Clone to Autopatcher.  This little program will download the files needed to update your system without having to be online.  Although, you can have windows update automatically every month but that might not update the recommended updates only the ones that are hot.  It doesn’t matter which way you prefer to update, as long as you do to update regularly, Like every 2nd Tuesday of the Month.

One last tip you should also keep your Firewall and Anti-virus updated.  There is a little program that will do that, it’s call AppSnap.  If you follow all these recommendations you will greatly reduce your chances of getting a virus on your system.

Microsoft issues Vista patches out of Monthly Patch Cycle!

Paul3 Replies

KB957321,KB959108,KB959130


Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:
[ad#ad2-right-1]

Kb957321

An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

KB959108

The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

KB959130

On a Windows Vista-based computer or on a Windows Server 2008-based computer, you install a third-party Web browser. You set the third-party Web browser as the default Web browser. Then, you run the Connect to the Internet Wizard. However, if you select the Browse the Internet now option, Windows Internet Explorer starts instead of the third-party Web browser that you set as the default Web browser.


[ad#ad2-right]This seems to be not so important.  All of these are not really security related but it does surprise me that Microsoft wanted to release these out of Cycle.   If your planning on using your Vista laptop during the holidays you might want to update your vista machine before you go.  I don’t think there is going to be any major issues with this but if there is, you can always remove these updates later.

Microsoft kills a fake antivirus tool from 994,061 computers!

Paul

According to Arstechnica and I’ll quote:

[ad#ad2-left]Win32/FakeSecSen has gone by various names, including Micro Antivirus 2009, MS Antivirus, Spyware Preventer, Vista Antivirus 2008, Advanced Antivirus, System Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus, XPert Antivirus, Power Antivirus, and Ultra Antivirus 2009. Furthermore, it is skinnable, so each of these variants has a different GUI, although the basic functionality is the same: bother users with warnings of malware until they pay up.

The Microsoft Malware Protection Center recently released some data on how the removal tool performed this month: FakeSecSen was removed from 994,061 machines. That number isn’t the highest Microsoft has recorded before, and the number of removals depends on which malware Microsoft adds each month and how widespread it is.

[via Arstechnica]

This seemed to of happened this month with the usual Windows update.  If you haven’t updated your system just yet you should.   This troublesome fake virus seems to have been killed  from several systems.  This could effectively make it harder for these guys who ever designed this program to make money.  I hope microsoft does even more virus removals in next month.  If you still want to try to get rid of these viruses don’t forget to check out my tips on Virus removal.

How to disable autorun the easy way!!!

Paul

I read a report from Cnet about USB devices spreading Virus and I will quote:

The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices,” said Gunter Ollmann, chief security strategist for IBM’s ISS security division. “They are today’s floppy drives.”

[ad#ad2-right]An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. The Mac has an equivalent function, according to Ollmann.

[Via Cnet]

In order to disable “autorun“, which in Vista is called Autoplay. In order to disable Autoplay from starting when you insert media into your computer here is how you do it:

You will need to be Logged in as Administrator before this can be done:

Next click start and type “Autoplay” without quotes. It will bring up a screen but all you have to worry about is this:

Vista autorun

You will need to make sure there  is no check mark for “Use AutoPlay for all media and Devices”.   Click save and close.

[ad#ad2-left]Once that is done, you will have no more Autoruns from USB devices.  If you want to disable Autorun in XP, I’d suggest reading some of these articles for XP.

These are just a few and are really nice to articles but there are others out there that might be more to your liking.  I suggest searching Google for them.   I hope this helps you out!!!

Vista has a new Vulnebility!

Paul

According to Techworld.com,  Vista has a new Vulnerability that could let a hacker infect a Vista machine with a rootkit.  The talk from them is quite intriguing.   I will quote it to better let you know what the Vulnerability is:

The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

[ad#ad2-left]Phion notified Microsoft about the problem on 22 October. Microsoft indicated to Phion that it would issue a patch with Vista’s next service pack. Microsoft released a beta version of Vista’s second service pack to testers last month. Vista’s Service Pack 2 is due for release by June 2009.
[via Techworld.com]

The way they could do this is through the Device IO Control which in turn could corrupt the Kernel of Windows Vista.  Now we all know that Microsoft will release a patch quicker than 6 months away.  According to this article, people are already looking for the exploit and want to know more about it.  I would be willing to bet they will have a patch out sooner than later.  Probably January or Febuary, which will be a big deal because no one will expect it.  I would also imagine hackers will start trying to figure out how they could install software as quick as possible before Microsoft pushes out the patch.   So what can you do to protect yourself, Get a firewall, a Antivirus and learn how to protect yourself to prevent yourself from getting a computer virus.