XP – Page 3 – Paul's Tech Talk

Microsoft to Release One Crictical update for Tuesday

PaulMay 9, 2009

Microsoft has release the information for May’s Patch Tuesday and it looks like there is one major update for Power point:

The Affected software is MS Office 2000, MS office Xp, MS Office 2003, Ms Office 2007, Power point viewer, and MS compatibility pack for Word, Excel, and Power point 2007.

[ad]What will be coming out for Tuesday is as Followers for Non-security Releated:

Windows PowerShell 1.0 for Windows Vista (KB928439)

Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)

Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

Windows Malicious Software Removal Tool – May 2009 (KB890830)/Windows Malicious Software Removal Tool – May 2009 (KB890830) – Internet Explorer Version

Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)

Although some of this is usual like the Malicious software removal tool, and Windows Junke e-mail filter, we won’t know what else will be released until Tuesday. Some of the updates will be minor like the Powershell, I am guessing tis will help get ready for SP2, and the SP1 for the .NET framwork also looks to be getting ready for SP2. So I will keep you updated if i find out what else is released on Tuesday!

Twitter Spam attempt: “See the NSFW pics twitter deleted from my profile here”

PaulMay 1, 2009

Looks like this might have been a improper adult content or maybe a Malware attack:

[ad#cricket-right-ez]If people are wonder what NSFW means:

Not suitable/safe for work (NSFW), not work-suitable/safe (NWS), or not school-suitable (NSS) is Internet slang or shorthand. Typically, the NSFW tag is used in E-mail, movies (such as on Youtube) and on interactive discussion areas (such as internet forums, blogs and community websites) to mark URLs or hyperlinks which may be sexually explicit or include audio containing profanity, helping the reader avoid potentially objectionable content.
[via Wikipedia]

It looks like this was done with using Tinyurl and has been flagged for either Spam, Fraud, Malware, or Any other use that is illegal. I am glad Tinyurl did catch this and stop it. If you see something that say NSFW in your twitter account your best bet is to delete it and go on with your life. I am sure it is something your should not go to probably because it was a malicious way to get your to go to the link. If you want to preview the urls that are used by Tinyurl, just visit the preview feature. If anyone else hears of some kind of Twitter attempt let me know and I’ll blog about it. This would be the best time to install [intlink id=”2205″ type=”page”]Free Anti-virus and Free Firewalls[/intlink] to help prevent from getting Viruses or Malware.

Adobe PDF Zero Day Warnings : Experts agree

PaulApril 29, 2009

All the Security experts online are talking about The 2 Zero Day Adobe Vulnerabilities:

F-secure

Graham Cluely’s Blog

Sans Internet Storm

[ad#cricket-right-ez]As you can see this seems to be one of those Adobe problems we had in the past with [intlink id=”2963″ type=”post”]Javascript[/intlink]. They seem to be having a major problem with Javascript vulnerability and the old saying is to just to disable Javascript in PDF’S again. Adobe is calling this a Potential Adobe Reader issue and is suggesting that the users disable Javascript until this is fixed with a security update.

This is mostly affect the corporate world more than the private sector because of the fact corporate world will use PDF by sending them through emails. I suggest installing another reader and these are all free.

Be advised the vulnerabilities affects Linux, Windows, and Macintosh systems. This will most likely mean that even Macintoshes could be used to [intlink id=”2173″ type=”post”]create even more botnets[/intlink] and will need to disable there Javascript until this issue is fixed or maybe they would like to find another reader themselves. This also goes for Linux users but I have not heard of anything in the wild yet.

Don’t forget to install some [intlink id=”2205″ type=”page”]free Anti-virus and Free Firewalls[/intlink] to help protect your system from becoming a botnet.

Mebroot becomes More Stealthier!!

PaulApril 15, 2009

Well Here is something we should all be on the look out for:
[ad#cricket-right-ez]

Thousands of Web sites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.

Mebroot inserts program hooks into various functions of the kernel, or the operating system’s core code. Once Mebroot has taken hold, the malware then makes it appear that the MBR hasn’t been tampered with.

[Via Pcworld Magazine]

I will be updating my [intlink id=”2205″ type=”page”]Malware Resource[/intlink] for the Prevx Software, but this looks to be a very bad root kit. From my understanding most of the security related software. It seems this little program will become even harder to detect and remove. It also looks like this is ready to start infecting people with this root kit. You should update every part of your system from [intlink id=”3327″ type=”post”]Windows Patches[/intlink] to Browser. [intlink id=”2229″ type=”post”] Securnia once said[/intlink] that most people are not patched fully!! Just like the [intlink id=”3301″ type=”post”]Conficker Worm[/intlink], if your not fully patched and keeping anti-virus and Firewalls on your system then you might as well be walking on nails.

Dear Friend Spam Emails from Yahoo

PaulApril 15, 20094 Replies

The email from our[intlink id=”3233″ type=”post”] old friend has come back[/intlink] into now compromising Yahoo accounts by sending out this email:

Dear friend:
What are u doing these days?I am going to recommend a Eshop to you.Yesterday I found a web of a large trading company from China,which is an agent of all the well-known digital product factories,and facing to both wholesalers, retailsalers,and personal customer all over the world. They export all kinds of digital products and offer really competitive and reasonable price and high quality goods for their clients,so i think you will make a big profit if you did business with them.And they promise they will provide the best after-sales-service.If you are interested to do business with them,in my opinion, you can make a trial order to test that.
Their Web address: www.nekcn.com

In what seems to be the way of this advertisment company, it seems they have been doing what they did with Hotmail. Deleting your contact list and emailing your friends with this message. Now I am thinking it is being done by them [intlink id=”2660″ type=”post”]Phishing for the password and Account name[/intlink], they probably set up an web page to look like Hotmail or Yahoo. One thing to remember to do is check to see that you address bar looks like this:

You should make sure you see the “https”, meaning that is a encrypted login and also make sure you see either Mail.yahoo.com or Login.yahoo.com. If you see anything else included in your the screen like maybe a .ru or .pl then you aren’t logining into the true yahoo account. Obviously the website shouldn’t be trusted until they advertise the right way, and find ways to advertise online other than spam. If you get an email saying you need to do something with your Hotmail account or yahoo mail account you should not click any links and go to the site manually to investigate the problem. You should never click links in email that you don’t know where they are going. Thanks to Jazzcorner for Alerting me that they have started to do this with yahoo. I am betting the next one will be for Google Mail, or Gmail as some will call it. It wouldn’t hurt to have a [intlink id=”2205″ type=”page”]firewall and Anti-virus[/intlink] and also check your system out just to be sure.