Admins are shaking in there boots due to the Ms 09-001 Patch

Paul

I have to talk about this because this is a big deal.   According to Techworld and I’ll quote:

“This one scares me – a lot,” says Eric Schultze, CTO of Shavlik Technologies. “It is a lot like Blaster and Sasser. It is the same exploit vector. If I am an attacker and I can touch NetBios then I can execute code with no credentials.”

[via Techworld]

[ad]Now This is due to the fact of what is happening with an update that came a few months ago the MS 08 – 067 that still people haven’t patched their systems.  According to F-secure the Downadup/Conflicker has grown overnight by a million computers being infected.

Now why are they scared of the recent patch (MS 09-001), because of so many vectors of infection, you don’t need any credentials.  The virus  does not  need to know any passwords or user names to gain access.  Just like the Downadup variant that is hitting the internet right now, this virus tries to access accounts by guessing weak passwords or even putting itself on flash drives or other mobile media to get other systems infected.

So why are admins scared over this new patch?

Most  companies don’t patch there system as quickly as Microsoft would like them to.   You see most companies have quite a few computers depending on the size of the company it could be quite a lot.  So many in fact that it would have several IT personal just to keep the system going.
[ad]

So why don’t they just put the new patches on the systems?

Depending on the size of the company and what they do has a lot to do with them updating there systems.  Some use really special programs or have a network going that is vital.  Even the smallest update to the system could bring the network or the program down.  Most companies liketo test it out on test machine for a while to make sure that the patch doesn’t  prevent the business from doing business.   Here are a few articles that prove why companies do not want to just install patches automatically:

Some companies are using older systems like Windows ME or some older Windows Operating systesm.   Although there isn’t anything we can do about those because Microsoft has stopped supporting them with updates and all.  I know we are all thinking thesame question?

Is there a way to fix the problem with Windows Updates?

I personally don’t have an answer but I am sure hackers will find ways to exploit codes so they can get on your system so way.  I’ve recently read a story about Adware Author and now I understand even more about why people do all of this.

This is one of the questions every admin has to ask themselves?  How do we update all of the systems we are responsible for?  There are no easy answers to this.

Microsoft issues 1 Major update 1-13-09

Paul

Well it has been release Microsoft issued an update to the system:

[ad#ad2-right]

Vulnerabilities in SMB Could Allow Remote Code Execution

Microsoft Security Bulletin MS09-001 – Critical (KB958687)

This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install programs; view, change, or delete data; or create new accounts with full user rights. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

This is one of those updates you really need to install as soon as you can.   You should also get a free firewall or buy one.  I looks to be a vulnerability in the ports and if you’d have a firewall besides windows you should be safe but that is besides the point.   If you are security congenious then you should install this update ASAP.  If your worried this will effect you system then you will need to backup your system before you do this update.  If you feel you’ve might of been infected with this Vulnerability you could always go get a free antivirus program and scan your system.  This is the sure way of fighting a Virus and making sure your safe, although people argue that Paid virus programs are quicker to be updated with virus databases, it’s all in the matter of preferences.

Blasting the Downadup.b/Conflicker back to the Stone-age!

Paul

It has been talked about the last few days where there is a worm hitting the computers who haven’t done the Microsoft Update MS08-067 which was release out of cycle and still have some systems has not been patched.  It has also been reported that it is spreading around the internet really quickly.   According to Computer World:

[ad#ad2-right]The worm, which was first reported by Panda and other security companies on Dec. 31, 2008, exploits a vulnerability in the Windows Server service that’s part of all currently supported versions of Microsoft’s operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008.


[via Computer World]

It seems Microsoft has scolded people who haven’t patched for the October emergency update. Accusing users of playing “Russian Roulette”  and scolding them for not promptly updating their system to remove the vulnerability.

Symantec Blogged about this security of this program and how it was a variant of Downadup.b.  It also talks about how they are seeing an even more increase on this worm that was supposed to be patched by people who use Windows 2000 Server.

[ad#ad2-left]F-secure did a post about Downadup/Conflicker and how they took an Preemptive domain block list for this worm.   They have also seen an increase in this worm and they are trying to prevent this worm from gaining ground.   Talking about this being a network worm, in more ways then one.  Some have even seen it being sent through USB drives.   If you have a system you want to protect you should stop autorun.

Here are some links to better help you get this worm off your system:

In order to remove this worm, you must do a complete system scan with any of the free virus scanning programs.  You’ll need to update your virus database before you do the scan.  You may even want to try the free virus scanners tha are online to get rid of this worm.   These should help you get rid of this worm, but you must remember to install the update or you will get the worm again.  The MS08-067 Patch should be installed as soon as possible you can find the patch here.

Windows 7 Beta — Unexpected results

Paul

Now know people’s thoughts on the EULA of Windows 7 Beta. Now let’s talk about this according to a blog post From Windows Vista Places :

No benchmarks allowed. As in previous beta releases of Microsoft operating systems, the license agreement includes a prohibition on speed tests:

You may not disclose the results of any benchmark tests of the software to any third party without Microsoft’s prior written approval.

[Windows Vista Place]

[ad#ad2-right]Now We know people have put this through there test and I am sure any technology magazine has done the same. If I know people they will be doing this no matter what the EULA (End User License Agreement) has to say. Although if Microsoft was worried about Third Party’s from finding out this software it wouldn’t be to hard for them to get there hands on a key and the ISO after all it was released to the public and that means anyone could get a copy.

I wouldn’t be surprised if Apple or even some Linux Enthusiast did there own test on this OS. I serious doubt that Microsoft will come after people over this because they have made it public but let’s go in and talk some things.

I have done my own test and come to the conclusion that it is 5% to 8% faster from Vista. Although I have a Vista OEM with some bloatware software it still in an even faster boot time and shutdown time on Windows 7. I also checked out the Memory Usage of each and I find that Windows 7 Beta using almost Half of what Vista Premium is using.

Microsoft Windows 7 Beta blog says this [Windows 7 is faster, more reliable, and makes it easier to do what you want. Both the everyday things and the killer “is that really possible?”]. Now saying that they have thinned it down because the memory usage. I also find the User Interface is really well build for being a beta system. I also like the User Access Control choices, they’ve made the UAC a lot friendlier and let’s you choice how to use it better. There is of course going to be issues with Windows 7 Beta and if you have a problem you can always visit the Forums to get help solving those problems.

[ad#ad2-left]If your curious and want to test it out for yourself go find the software and do your own test, I am sure people are doing it regardless of the EULA.   I did this test to make sure Microsoft wasn’t trying to hide the truth of the Windows 7.  I wanted to find out for myself, because of how it can “seem” to be faster doesn’t always mean it is.  After my test, I am thinking Microsoft is on the right track with Windows 7 beta, and I hope they keep on track.

My Recommendations for all who read this is “Go and grab your copy and try it out yourselves“.  You only have until January 24, 2009 to get your copy of Windows 7 Beta with a Key.  Now people can do what they want but I am hoping people keep the pressure on Microsoft to make this Operating System get even better in the future, because ultimately we are the ones who will have to use the system.

Do you want a Windows 7 Beta key?

Paul

Update See bottom:

I recently got 3 beta keys for Windows 7 Beta. I decide we are going to have some fun. IF you want one of the 2 beta keys here is how you do it. I want you to twitter it up on twitter. I would like you to make a Tinyurl using your twitter account so I know who sent the most people my way. Here’s how you do it:

Go to Tinyurl.com then you put this page in and tell it you want it to be made with your twitter name without the @ sign(it would look like this : http://tinyurl.com/twitterusername). The 2 most Referrers to come to my site in this weekend and leave a comment will get a reply from my twitter account saying they won and asking for there email account. I want as many people to see this as possible. If you want a beta key for Windows 7 then advertise people to come to my site and find out how they could win themselves. I only have two extra Beta keys. I used one right now to activate this Windows Beta but I will give the other two away for who ever brings in the 2 most people to my site.

tinyurlcustom

[ad#ad2-right]This end at 10pm EST Sunday Night Jan 11, 2009, so you have that long to get people to come to my site and using the tinyurl Custom Alias option to send people to my site or to this page.   I say this one last time, the top 2 people using the tinyurl to bring people to my site will get the site.   On the side note the other requirement is to have people leave a comment say who referred them to the site.   I want to make sure people don’t just create a URL and come that way to many times.  So Let’s talke about the Rules:

  1. Use a Custome URL to bring People to my site

  2. Leave a Comment with twitter name who brought them to my site.

I’ll add it up Sunday night 10:00 PM EST January 18, 2009, and will be twittering who wins on twitter.   So go at it people send people my way.

According to a blog there seems to be sending out keys that are the same all over the place. I am going to guess that after 2.5 due an over the net activation that these will become invalid. So activate as quickly as you can. I’ve also gotten the same keys from Microsoft also exactly the same Keys this blog is posting so I guess the contest for the 2 keys is now NULL and Void. Sorry guys, didn’t know thought they were unique keys. If you need a key go to that website and get your key!!