Microsoft makes Firefox more insecure with the .NET 3.5 Framework (KB951847)!

In February, Microsoft quietly installed .NET Framework Assistant (ClickOnce) Firefox Extension. This extension is a bad idea because of what this could do.

This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.

[Via Annoyances.org]

As you see, this is a way to make Firefox less secure and almost like Internet Explorer.   We’ve seen the problems with all the Malware exploits that people have used in the past.   If you want to uninstall it, well you can’t.   Microsoft as went out if its way to prevent users from uninstalling.    Here is what Brad Abrams talked about on his blog:

We added this support at the machine level in order to enable the feature for all users on the machine.Seems reasonable right? Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.

People coming from Sites that don’t exist

So I woke up today checking out my sites, and looking outside.   So As I was checking my Stats for my blog.  I cam across a referring site that brought Supposedly Two people to my site.  I looked at the URL for the site:

• http://trojan.fiftystatesclassifiedads.com/index.php

So after seeing the “trojan” Prefix and I am wondering if this was an attempt by Malware to infect my domain.   So I go check this domain out.   I got to it and I get a 404.  I then do a Cache Check with OPENDNS.  I also Then decided to see if it was even Registered domain by the doing a Whois.  So I am opening this up to people who might know.   I did do some research and here’s wha I’ve found out so far.

According to How2hack, they talk about how people want privacy and that it might be someone who does not want to be found.  I tend to agree with them, Privacy for Privacy sake is good but if you want to be private you would you even be checking out websites knowing people will want to find out who really is coming to your site.  The How2Hack site also talks about how this might happen and I see where they are coming from.

trojan.zlob removal tricks!!

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.”  So to remove this little Trojan you would want to download one an Anti-virus and firewall.   Once you install the software the program should fix the problem for you.   This one seems to be really easy to fix.   So Please read my post on how to better protect your self if you want to prevent this in the future.

sinowal.trojan Problems.

Trojan-PSW:W32/Sinowal.CP drops and loads a password stealing component on the infected system and tries to steal account information from it. It also tries to steal information that is required to access certain online banks’ and online payment systems’ websites.

[via F-secure]

It seems to be a very hard virus to remove but there are ways to get rid of this virus.   Some tips and tricks to get rid are:

• Check out my Anti-Virus Page
• Computing.net
• The Geek Police
• How to Detect Sinowal

This are the beginning steps to get rid of a Virus but it will be a really hard virus because it wants to stay in your system.  You should also Restart in Safe mode and Try to remove that virus that one.   You will also want to disable your system restore due to the fact that it will be in there and might come back if you restore your system.  Just some simple tips to help keep you safe on the net.

You asked for it, Now it’s real — Vista SP2 Dec 4,2008

Beginning Thursday Dec. 4^th, we will be making the Windows Vista and Windows Server 2008 Service Pack 2 Beta available to everyone through a Customer Preview Program (CPP). The CPP will launch on TechNet and be available to anyone interested in trying out this service pack. The CPP is intended for technology enthusiasts, developers, and IT Pros who would like to test Service Pack 2 in their environments and with their applications prior to final release. For most customers, our best advice would be to wait until the final release prior to installing this service pack.

[Via Technet]

Yes you heard right, you can get into the Beta of Vista SP2 and not have to wait till April.  Some things to remember:

• It is a Beta
• It will Have Bugs
• It is for people who want to test it out
• It should only be installed for people who need to test it out

Spying on Spyware.ISpynow!!

This is another Virus that is going around and thought I’d tell you about it:

Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]

Now this one isn’t to hard to figure out what happened.  You have to manually install it on your system to get infected.  Symantec has a great way on uninstalling this annoyance.  I also suggest checking out my other program list just in case you don’t want to buy Symantec Anti-Virus programs.  Some other things to check out is:

• Avg detected Trojan Horse Generic 12.htc? – This has a great article on how to use HiJackthis program and how to make sure you no longer have the virus.
  
• Some Important programs to prevent yourself from having viruses and Malware!! — This article gives you some other programs to use other than Symantec.   You have a wide variety of choices on Anti-virus programs and Firewall Choices.  You also have some choices on Spyware removal programs.

Podcasters are in up in arms over Ustream.tv

REVISED:

Podcasters and LifeCasters alike are not so happy with Ustream.tv right now. They have started to introduce there own ads overlay to where the lifecaster or podcast involved doesn’t get any revenue. One such Podcast right now is Mike Smith, Host of the Miketechshow Podcast, and Also Todd Cochrane, Host of Geeknewscentral.  In a Recent post from Todd, he stated he is going to leave Ustream.tv.

Mike Smith in his last Podcast talked about this subject and why he is really unhappy with Ustream.tv.  He says that the ads could possible violate his TOS with Techpodcast Network.  He also would like to share the revenue because he was one of the founding podcasters that started to use Ustream.tv.   He’s worried that there will be adult theme ads showing on his video stream and that He wants this to be family friendly.  He’s said before the show if he has to he’ll go to other networks.   Some of the networks that might help him out:

• Mogulus
• Stickam
• Ustream.tv
• Blogtv

How to disable autorun the easy way!!!

I read a report from Cnet about USB devices spreading Virus and I will quote:

The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices,” said Gunter Ollmann, chief security strategist for IBM’s ISS security division. “They are today’s floppy drives.”

An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. The Mac has an equivalent function, according to Ollmann.

[Via Cnet]

In order to disable “autorun“, which in Vista is called Autoplay. In order to disable Autoplay from starting when you insert media into your computer here is how you do it:

You will need to be Logged in as Administrator before this can be done:

Next click start and type “Autoplay” without quotes. It will bring up a screen but all you have to worry about is this:

Did the Xbox Experience break netflix on Demand activation?

According to Google Trends people are trying to activate there Xbox Experience with Netflix.  This could be a problem for Netflix, I just tried and they are extremely slow in response.   I am willing to guess that later on tonight the Netflix will go down when everyone comes home from work and tries the new Xbox Experience with Netflix.   I’ve heard of problems with activating the Netflix on the Xbox 360, this will become 10 times as bad tonight when people want to hook up and try out this new service from Netflix.   Microsoft should of released this one day at a time for each time zone.   Some blogs talking about the problems that might come along with the update are:

• Columbia Tribune
• The Standard
• Joystiq
• Venture Beat

Although this is just a few that talks about the experience and Netflix problems there are going to be more tonight when people start to come home from work wanting this service.   I would bet over 100$ it will probably go down because to many request to sign up!! I hope they have the IT guys ready for this tonight or it will be a long night!!

A good free VPN Client — OpenVPN & more

I’ve been doing some research on what might be good to use in case, I was away from my home network.  I was thinking how safe am I at Starbucks or other places that I might doing my web.  So I did a little looking around to see which one I liked and I came to the conclusions that only one I need right now is:

The nice thing about this was the simple installation of the software and how easy it was to set it up. This service is in beta but seems to be really well done with regards to the end users. When you install this software and want to connect it uses the OpenVPN software with there configurations. OpenVPN, is a open sourced SSL VPN solution and is free to use. The way this this free is of Ad Supported banners. Now it is cheaper than paying monthly for a VPN service. The ones I’ve found so far are these few:

• OpenVPN (FREE)(*advertisement)(Linux, and Windows)
• Always VPN (Prepay) (5 GB to 80 GB limit) (Linux, Mac and Windows)*Out of Beta
  
• Hotspot Shield (FREE) (*advertisement) (Windows) (3 gig Cap)
  

Google Now lets you Video/Voice chat!!

After checking out some of what Google has been doing.  I find out that you can now Video Conference for free.  That is to say that you can conference with someone on line and do cloud computing.   According to Google:

To Get this Video and Voice chat Click this link

Now I might not a lot but this will be most likely be used in association with the new Google Phone, the G1. So I thought about how this will be used? This will be used in several ways. To keep in touch with family, to make it easier to telecommute and to Video Conference with associates from work. Google Model is “DO NO EVIL”. There is a flaw to this I am sure, this is a Internet Protocol to Internet Protocol connection and in doing so you create so much possibility of a virus getting through. There is no doubt that this is using flash. It also is know to make the infrastructure of a business weak. The Intranet of the business would be compromised. I am sure there are vulnerabilities in this and we will hear them shortly. I’d give it a week or two, remember the problem with Google Chrome and how un-secure it is. These are just a few of what would cause security headaches to all who work in the IT field. I just want to bring that up to prove a point. Google’s mantra isn’t perfect, it is what it is.

AVG Detected a False Positive

According to Security and The Net:

An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue.

[Via Security and The Net]

I bring this up because this is a false positive according to AVG. AVG since sent out another update to there Database and you can go and update the database to get rid of this problem. If you need to restore that DLL check out the article Security and The Net, they got some excellent suggestions on fixing the problem.

If you’ve not been affected by this yet, you probably won’t be. It is yet unknown how many people have been affected. I’m blogging about this to tell people about this and to warn people that not all of warnings from AVG are true and that is why you should always ask before you delete or do anything to your system. I always USE google when it comes to these types of questions

Is Vista just Windows 7?

According to Steven J. Vaughan-Nichols from Computer World, He talks about how Microsoft is scared on Linux and that people are flocking to remove Vista off there Machines. I say otherwise, you see according to some experts like Mark Hall from Computer World, he states Vista is better than Mac OS X. So why do people say one thing and do another?

Now I know Vista isn’t what people expected and that it had high expectations when they first released it.  I think that is due to the fact Microsoft tried so hard to make Vista seem more than it actually was.  Now According to Ina Fried from CNET her post was about Windows 7: A better Vista?. In her post she talked about the features of Windows 7, and how Windows 7 is almost like Vista. I tend to agree because of the look from screenshots I’ve seen to make me think it will be Version 2 of Vista. I don’t think it is anything that will change from Vista to Windows 7. It will however be more ready to boot up and shutdown that is according to what Microsoft said to Ina.

Peek Email tops Time Gadget of the Year!

I’ve not seen this yet, I will do my research on this Peek Email Device. This is fascinating that I didn’t know that there was something I’ve never heard of.   Anyways, I can’t beleive they don’t have a netbook or the new Gaming Laptop.  Please, a WII fit, Now how did they get there too?   How did The T-Mobile G1 get number 5th in the list.  I’m surprised that the GameBoy Advanced wasn’t one to be on there, After all they sold so many this year.   Why not the Xbox 360?  It seems people can still vote but don’t expect anything to change.

Go Vote and lets make our voice heard!!

Microsoft Releases MS08-062 to the Public a Month Early!

Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (KB953155)

This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

This update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses this vulnerability by changing the way that memory is allocated within the Internet Printing Protocol (IPP) service. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

[via Microsoft Bulletin]

Now from what I understand, if you have a Network attached printer on your system this would make you more vulnerable to someone taking control over your system. So this patch is supposed to fix that. I am recommending to all to update this and fix this update ASAP. I do not know if you don’t have one what that would do so just install this update, because you will undoubtedly still be runing the Internet Printer Protocol even if you don’t have a printer.

With Black Friday for 2008 quickly approaching!!

Since Black Friday is approaching next month, I Figured it is time to point to places where you could find them.  Now that being said, I don’t think people should take some of these ads serious because of all the possibility.  Where these ads are being placed is not going to be the absolute final end all price.   Knowing these competitors like I do, they are going to have an ace in the hole.  You will probably not find out until a week or a few days before black Friday.

They will of course try to keep the really juicy stuff out of the hands of people who blab about this on the net.

Why do they have Black Friday?

The term “Black Friday” originated in Philadelphia in reference to the heavy traffic on that day. More recently, merchants and the media have used it instead to refer to the beginning of the period in which retailers are in the black (i.e., turning a profit).

[via Wikipedia]

Adobe released the latest version of shockwave.

Just saw this on the net, thought people would like to know where to get the information for the latest updates to shockwave.  Some stuff that they improved upon are:

1. New [3D effects]
2. New [Custom filters and effects]
3. New [Advanced text support]
4. New [Dynamic sound generation]
5. Updated [Drawing API]
6. Updated [Hardware acceleration]
7. And much more

Brought to you by Adobe. To see all the features of what is new with Shockwave 10 please click link.

Download it now