 |
|
| |
|
|
|
|
|
|
|
Security Updates
================
Microsoft: On Patch Tuesday (July 10) MS released patches to Windows XP, Vista, MS Office
Yahoo: On June 8 Yahoo released patches for parts of Yahoo Messenger (its Webcam Upload and Webcam Viewer). If you installed Yahoo Messenger before then, get the update.
Mozilla: On June 4, it released a security-fix Version 1.5.0.12 of its Thunderbird e-mail client
Apple: On June 20 and 22 Apple patched security holes in Mac OS X (10.4.10); in June Apple patched QuickTime (7.2)
Sun: Update Java to version 6 update 2
Adobe: Update Flash to version 9.47
Hacker Tricks
=============
Fake emails claiming to be Microsoft Updates, virus alerts, IRS or FTC notices, BBB notices
Greeting cards, PDF files, images, and QuickTime movies hiding malware
Emails about YouTube videos: the videos look innocent but deposit malware
Apple Safari
============
Apple released a beta version of its Safari browser for Windows. 8 security flaws were identified the first day. You may want to wait until Apple works out all the bugs before installing Safari for Windows.
OpenOffice security flaw
========================
Known malware can use OpenOffice to infect Windows, Mac, and Linux computers. Be as careful opening OpenOffice files as you are with Microsoft Office.
More P2P concerns
=================
In addition to the possibility of downloading files loaded with viruses and malware, you may also be exposing sensitive information on your own computer to download by outsiders. If you must use file sharing networks, always use extreme care and be sure the folders you expose ONLY contain the files you want outsiders to see.
Firefox/IE Cross-Browser Vulnerability
======================================
Firefox includes a capability for a site being viewed in Internet Explorer to force Firefox to open and run code which it wouldn't if it had been started normally. Mozilla is accelerating the release of Firefox 2.0.0.5 to July 19. Similar flaws exist in other applications which incorporate a similar ability to be started by code on a web page, such as the Trillian Instant Messaging program.
Virustotal.com
==============
If you receive a suspicious file, you can upload it online or by email to virustotal.com and they will scan it with 30 different scanners. It's not a guarantee, but 30 second opinions can catch a lot of malware. This doesn't install any protection on your computer -- you still should have your own virus and malware protection on your computer.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Security Patches
================
Opera web browser: upgrade to version 9.21 <http://www.opera.com/download/get.pl?id=29517>
MAC OSX: Apple patched 17 bugs on May 24. Use Apple Software Update to get patches.
QuickTime: more patches released May 29. Use Apple Software Update to get patches.
Yahoo Messenger: upgrade to version 8.1.0.401 <http://messenger.yahoo.com/webmessengerpromo.php>
Firefox/Seamonkey: Mozilla patched 6 flaws on May 31. Upgrade Firefox to version 2.0.0.4, Seamonkey to version 1.0.9 or 1.1.2
British Telecom: update your webhelper ActiveX controls
Microsoft Update Glitch
=======================
Some users of Microsoft Office 2007 on Windows Vista did not get the updates released in May. If you use Vista and Office 2007, go to MS Update to be sure you got this month's patches.
Security Alerts
===============
Spammers have been tricking businesses with email claiming to be from the Better Business Bureau or the IRS about customer complaints against your business. Do not click on links in this email, just delete it.
Firefox Add-Ons: The official Mozilla add-on site, <http://addons.mozilla.org> uses a secure server to update add-ons, but some third-party add-ons are updated insecurely and are therefore vulnerable to fake updates which take over your computer. Even Google, Yahoo, and AOL add-ons don't use secure servers for updates. Stick to add-ons from the official Mozilla site only.
iTunes now sells DRM-free music at a premium price, but the music files still include your iTunes account name and email inside them.
MAC OSX has outdated, vulnerable version of Samba. If you use Samba for file and print sharing, go to www.samba.org to update it.
Google Desktop is vulnerable to Man-In-The-Middle attacks. Another reason to avoid unsecured public wireless hotspots.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Microsoft Security Patches ========================= Microsoft released a number of security patches on May 8, including a number of Microsoft Office patches. If you use Microsoft Updates and have it set to install critical patches automatically, you've already received them; if not, be sure to get the updates. If your version of Microsoft Office (or individual components, like Word, Excel, etc.) is OLDER than 2003, the updates are NOT installed automatically. You can get them here. Removable Drive Worm ==================== A recent worm is targeting removable drives, such as floppies and USB flash drives. If you connect an infected floppy or flash drive to your computer it will become infected, and any removable drives you connect to it will themselves become infected. The current worm reveals itself by changing the title bar in Internet Explorer to read "Hacked by 1BYTE" but later variants may not give themselves away. Consider turning off autorun for removable drives and scan removable drives for viruses before use. If you keep your Antivirus program up to date it will stop the worm. Wireless Networks Must Use WPA Encryption ==================================== If you have a wireless network, you should use WPA encryption, rather than WEP. WEP encryption can be cracked in a matter of minutes. The biggest identity theft in history, the theft of 45 million credit card numbers from TJX, started with the cracking of WEP encryption on a wireless network which allowed the intruder to infiltrate the entire TJX network.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Security Patches ============= Apple released a patch for the critical QuickTime flaw discovered two weeks ago, as well as a fix for last month's patch. Make sure you have QuickTime version 7.1.6; if you use QuickTime Alternative instead, the patched version is 1.81. Trillian released three security patches; the patched version is 3.1.5.0. Microsoft is due to release a number of critical security patches on Tuesday for both Windows and Office. If your version of Microsoft Office is 2000 or earlier, Microsoft Update will NOT patch you automatically, so be sure to obtain the patches manually. And more Security Flaws ======================= Photoshop vulnerabilities could allow an attacker to take over your computer with a specially-crafted .PNG or .BMP file (and other image types may turn out to be vulnerable as well). If you use Photoshop you should select another program, such as your browser or a graphics program like IrfanView, as the default for opening image files. Winamp vulnerabilities could all an attack with a specially-crafted .MP4 file. If you use Winamp, disassociate the .MP4 extension from Winamp by choosing Options/Preferences, then General Preferences/File Types and deselecting MP4. Fake Windows Activation Trojan ========================== Once your computer is infected, this malware will tell you that your copy of Windows needs to be activated, and ask for a credit card number (claiming you won't be charged). For more details on exactly how this trojan presents itself, see this article.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Critical QuickTime Flaw
======================= A security researcher took full control of a fully patched MAC OS X using a vulnerability in QuickTime. Both Mac and Windows machines are vulnerable if they have QuickTime installed and Java-enabled browsers. No patch is available yet.
Security Patches This Month
===========================
Kaspersky security products (4/5/07)
Yahoo Instant Messenger (4/5/07)
Apple patch for AirPort Extreme Base Station with 802.11n (4/9/07) -- only applies to the wireless-N version
Microsoft patch Tuesday (4/10/07) included several security updates as well as fixes for conflicts resulting from the April 3 animated cursor security patch. Windows Update will detect if you have any hardware or software which requires the fix and only install it if you do.
Apple MAC OSX (4/19/07) patch for 25 security flaws
New Spam and Malware Tricks
===========================
Emails saying you're infected by a virus which are themselves carrying viruses rather than fixes
Emails with news stories exploiting the Virginia Tech tragedy to install malware
Phony tax e-filing sites which steal your refunds
Malware transmitted by Skype VOIP and Skype IM
USB drives left lying around in public places with malware on them
AVG Anti-Rootkit
================
After a 6-month beta period, this tool is now available for free. Other free anti-rootkit tools are available from F-Secure and Sophos.
Beware of Tagged.com
====================
Many people worry about teenagers using social networking sites like MySpace, but Tagged.com does a particularly malicious trick of asking for your email PASSWORD when you sign up, then logging into your email account and sending invitations to people in your address book. For more details see this article: <a href="http://www.eweek.com/article2/0,1759,2112675,00.asp?kc=EWRSS03129TX1K0000614">
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Apple Patches
=============
Apple has released a "megapatch" for Mac OSX (version 10.4.9) which plugs 45 security holes. It's a major update, so make a disk image first, as some users have had problems after the update. Apple released a QuickTime patch earlier this month for both Mac and Windows (version 7.1.5) which fixes 8 security holes. And if you haven't gotten patches from last month, Apple on 2/15 released four security patches in iChat, Finder, and UserNotification.
Mozilla Patches
===============
On 3/6 Mozilla released patches for FireFox, following up on the 2/23 patches to Firefox, Thunderbird and Google Desktop. Make sure you're using Firefox version 1.5.0.10 or 2.0.0.2
Other Patches
=============
Symantec released patches for an ActiveX flaw in Norton Antivirus 2006 and Norton Internet Security 2006 (as well as other products) and these products may also falsely report that your license is expiring. Go to www.symantec.com for patches and a possible free upgrade to the 2007 versions. McAfee and Trend Micro have also patched their security products. Solaris has patched a telnet bug. Even OpenBSD, known for its security, has had vulnerabilities revealed. And even though Microsoft isn't releasing any critical patches this month, there are still several critical vulnerabilities still unpatched.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Microsoft Critical Updates
==========================
Microsoft is releasing a dozen updates today, some of them critical security patches. If you are using Microsoft Update and have it set to automatic updates, you'll get them automatically; otherwise, be sure to get them manually. If you use Windows Update instead of Microsoft Update, or have an older version of Microsoft Office, be sure to get those patches manually. There are still unpatched Microsoft Office security flaws, so as always be vigilant about opening documents, spreadsheets, and PowerPoint presentations in email or on websites unless you are certain they are safe, even if the email appears to come from someone you know.
Non-Microsoft Security Patches
==============================
Apple QuickTime (both Mac and Windows versions), Apple Airport, Java, and Trend Micro security products have all patched serious security flaws in the past few weeks. Make sure you have the latest updates for these products.
Firefox Flaws
=============
Two flaws in the Firefox browser have recently surfaced. The first is in the popup blocker feature -- if you allow popups from a particular site, an attacker may be able to access files on your computer. Don't allow popups unless you're sure the site is safe, and upgrade to the latest version of Firefox. The second flaw is in the phishing filter, which can be tricked into thinking a site is legitimate when it is not; this flaw affects the latest version of Firefox as well as earlier versions.
AOL Parental Controls
=====================
If you use AOL Parental Controls, be aware that if you have high-speed access, there are things that can get past the controls. AOL says that you need to download an additional program to block against this (AOL provides the link for this program).
Ransomware and Valentine's Day Attacks
======================================
Ransomware is malware that encrypts your files and demands you pay ransom to have your files unlocked. It's been on the rise, so be vigilant and be sure to back up your important files regularly. Also be cautious about Valentine's Day emails which ask you to click to see an e-card or the like, as there are many attacks going around using this sort of trick.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Hackers infiltrated computers at TJX, the owners of the following stores: TJ Maxx, Marshall's, HomeGoods, A.J.Wright, Winners, HomeSense, and Bob's Stores. Credit card information from 2003 and 2006, and possibly other periods, may have been stolen. If you frequent these stores, check your credit card statements carefully. This includes purchases made at the stores and by phone, not just online.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Q: How do I turn off the reading pane in Outlook 2003 for ALL my folders instead of having to do it one folder at a time? A: In the past I have advised turning off the "reading pane" in your email programs. This is the window that opens the current email before you actively click on it. While it is a convenience, it's also a potential security problem -- when you come across spam, you would rather delete it without ever opening it. However, if you use Outlook 2003 as your email program, you can't turn the reading pane off globally (that is, for all your mailboxes/folders). You have to do it for each folder. Here's a way to turn it off globally, so that when you create a new folder the reading pane is off: With the Inbox highlighted, right click on one of the toolbars and select Advanced. This adds an extra toolbar (you can remove it afterwards the same way). One of the items on the new toolbar is a drop-down box displaying "Messages". From the drop-down list, select "Define Views." A chart opens up -- make sure "current view settings" is selected. Click on "Modify", then "Other Settings". If all you want to do is turn off the reading pane, select Off in the Reading Pane section. (You can also turn off Grouping, get rid of the Gridlines and change the display fonts.) Once you have made your changes, click OK to close the "Other Settings" window, OK again to close "Customize View: Messages", then click Apply View. Your Inbox and subfolders will now display without the reading pane.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
A flaw has been discovered in a Broadcom driver that could allow someone nearby with a laptop to take control of your computer without any action on your part. This driver is used by most Wireless Network Adapters built into computers today, and can be exploited even if you don't use your computer's wireless capability. How do I know if I have the flaw? To check for this vulnerability, search your computer for a file named BCMWL5.SYS, which is usually found in c:\windows\system32\drivers, but could be located elsewhere. Be sure to turn on the advanced search options to search hidden and system files. Right-click on the file and select Properties. If the version number is less than 4.100.15.5, you are vulnerable. What do I do about it? Go to Start > Control Panel > System > Hardware > Device Manager and expand the entry for Network Adapters. The entries will typically say either wireless or 10/100. 10/100 is a wired adapter and can be left alone. Note the exact name of the wireless adapter, go to your computer manufacturer's web site, and see if they have an updated driver. What if my manufacturer doesn't have an update? If you don't use your computer's wireless capability, you can disable your wireless adapter (you can also disable it when you aren't using it and enable it when you need it). To do this, go to Start > Control Panel > System > Hardware > Device Manager and expand the entry for Network Adapters. The entries will typically say either wireless or 10/100. 10/100 is a wired adapter and can be left alone. If it says wireless, right-click on it and choose Disable. To reactivate it, follow the same steps and choose Enable. If you do need your wireless capability and your computer manufacturer doesn't have an update, there is also a fixed driver available from Linksys, although installing it is somewhat complicated. George Ou of TechRepublic has instructions here.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Q: I have broadband cable. I want to reconnect my laptop for wireless. I have the router and the wireless cardbus adapter for the laptop. I lost my laptop connection when I moved into a new house. I reconnected the broadband back for my desktop but I cannot get my laptop to work wireless. What steps must I take to get the laptop going wireless again?
A: Okay, let's go over the setup:
1 - The broadband modem is connected to the Internet (sometimes labeled WAN) port on the router, and the desktop is wired to one of the router's numbered ports, and the desktop is able to connect.
2 - On the desktop, Start > Run, type
cmd
and hit enter, then type ipconfig /all
This should give you an outward-facing WAN IP address for the router (the address given to the router by your ISP), as well as a LAN IP address for the router (typically something like 192.168.1.1), and the IP address assigned to the desktop by the router's DHCP (e.g. 192.168.1.101).
3 - Type the router's LAN IP address in your desktop's web browser. This should give you the configuration utility for the router. You want to make sure wireless is enabled. Be sure to change the router password and SSID from the defaults, and enable encryption (WPA2 if possible, else WPA, else WEP).
4 - Your laptop should now detect the SSID of your network. Request to connect and fill in the passphrase or security key.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
You may remember the news last year that Sony BMG Music Entertainment had put a rootkit on some audio CDs as part of its copy protection. This was decried as a security risk and Sony pulled the feature. The Texas Attorney General's office, which is investigating the rootkit as part of the state's lawsuit against Sony BMG, reports that some security programs, such as AOL's "Safety and Security Center" and PestPatrol, will disable the CD-ROM drive's configuration if they detect the rootkit. You can delete the rootkit with an uninstaller from Sony BMG, which can be downloaded here: http://cp.sonybmg.com/xcp/english/updates.htmlAOL and CA (which makes both PestPatrol and AOL's antispyware component) have a patch to avoid this problem. This information is from the article "Sony software still PC threat" by Alex Veiga, The Associated Press, Los Angeles.
|
|
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Once again, shortly after Microsoft's Patch Tuesday, a new security hole turned up. It affects
the Internet Explorer browser, using the ActiveX and Active Scripting features. This can be
particularly troublesome because many legitimate sites use these features. What you can do is
set Internet Explorer to prompt you before utilizing these features. You will get a pop-up
asking if it's okay to allow them. If it's a site you trust, you can allow them; if not, don't
allow them. Sometimes, it's only the ads that use these features, so you can say No and then,
if the site isn't working properly, click the Reload button and this time allow it. For sites
that you know you want to allow, such as your bank, add them to the Trusted Zone so you won't
get the popups all the time.
To set these features to Prompt:
On the IE menu bar, choose Tools > Internet Options and select the Security tab. Click the
Default button if it doesn't say Medium level. Then click the Custom button to make the
following changes.
1. In the ActiveX section, the last two items are "Run ActiveX Controls and Plugins" and "Script
ActiveX Controls Marked Safe For Scripting". At Medium level these are set to Enable. Change
them both to Prompt.
2. In the Scripting section, the first item is "Active Scripting". At Medium level this is set
to Enable. Change it to Prompt.
|
|
|
|
|
|
|
|
|
|
 |
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
While I make every effort to ensure all advice posted here is safe, I cannot be responsible for any damage or loss resulting from its use. Be sure to back up your data and keep the original CDs and product keys that came with your computer, as well as for programs subsequently installed. More details on any possible risks may be included within posts. Except where noted, instructions are written for Windows XP; earlier versions of Windows may not include capabilities necessary to implement the advice given, or may require different steps to accomplish. I have no relationship with the suppliers of any products I recommend and receive no compensation for recommending them.
See User Info for more information. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Previous 
