Microsoft Issues a Security Advisory KB971778

By Paul | May 29, 2009

Comments Off

Microsoft Security Advisory: Vulnerability in Microsoft DirectShow could allow remote code execution

http://support.microsoft.com/kb/971778

The systems that are vulnerable are Windows 2000, Windows XP or Windows Server 2003. I like this new way Microsoft is helping the less educated. They now havea Fix it button on the site. This fix it button is a registry change to there system. It does all the work for the End user. Although the corporate field will have to modify the registry there own way.

It looks like Microsoft is thinking of making this more user friendly. Here is how to do a manual registry fix for your computer:

Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following subkeys in the registry:
- For 32-bit Windows systems:
  HKEY_CLASSES_ROOT\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}
- For 64 bit Windows Systems:
  HKEY_CLASSES_ROOT\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}
  HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}
On the File menu, click Export.
In the Export Registry File dialog box, type Quicktime_Parser_Backup.reg, and then click Save.
Note By default, this will create a backup of this registry key in the My Documents folder.

Inside understanding of win32.netsky.q

By Paul | Dec 12, 2008

Comments Off

Netsky.Q is a worm that spreads through e-mail. It is distributed as a 28,008 byte Win32 executable, compressed with PEtite, which drops a 23,040 byte DLL file. It also distributes itself inside ZIP archives.

I saw this on on the net and through we should talk about and let people know how you could get that the worm off your computer. It seems to be a self-replicating worm, it will continue to send out fake messages to people with the subject lines Like:

Delivery Error
Delivery Failure
Delivery
Mail Delivery failure
Mail Delivery System
Mail System
Delivery
Delivered Message
Error
Status
Failure
Failed
Unknown Exception
Delivery Failed
Deliver Mail
Server Error
Delivery Bot

And with each message there is the reciepts email address at the end. This worm seems to be spreading like wildfire today. It is because people have not install

Fix Shutdown Problems in Vista!

By Paul | Dec 10, 2008

Comments Off

In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility. One thing it seemed to fix on my system has been the shutdown time. It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute. So if you’ve not installed this update please install it soon. I would like to know if people are seeing the same thing I am. I’ve found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs. This should fix most of the problem with older programs.

Upcoming Patch Tuesday

By Paul | Dec 7, 2008

View Comments

I wanted to get prepared for the updates for this Tuesday and I thought I’d go through them and list what Microsoft said about each. These are what’s been said on Technet and I am sure there will be more. Each one of these don’t look to serious but I will post Tuesday if there is anything I’ve missed on this post. As you might know this is not set in stone but just the direction of Microsoft for this Months Release.

KB955839

Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

You asked for it, Now it’s real — Vista SP2 Dec 4,2008

By Paul | Dec 2, 2008

Comments Off

Beginning Thursday Dec. 4^th, we will be making the Windows Vista and Windows Server 2008 Service Pack 2 Beta available to everyone through a Customer Preview Program (CPP). The CPP will launch on TechNet and be available to anyone interested in trying out this service pack. The CPP is intended for technology enthusiasts, developers, and IT Pros who would like to test Service Pack 2 in their environments and with their applications prior to final release. For most customers, our best advice would be to wait until the final release prior to installing this service pack.

[Via Technet]

Yes you heard right, you can get into the Beta of Vista SP2 and not have to wait till April. Some things to remember:

It is a Beta
It will Have Bugs
It is for people who want to test it out
It should only be installed for people who need to test it out

Microsoft issues Vista patches out of Monthly Patch Cycle!

By Laforge129 | Nov 26, 2008

View Comments

Microsoft issues Out of cycle patch for Vista. These patches are as Followed:

Kb957321

An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

KB959108

The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

Podcasters are in up in arms over Ustream.tv

By Laforge129 | Nov 25, 2008

View Comments

REVISED:

Podcasters and LifeCasters alike are not so happy with Ustream.tv right now. They have started to introduce there own ads overlay to where the lifecaster or podcast involved doesn’t get any revenue. One such Podcast right now is Mike Smith, Host of the Miketechshow Podcast, and Also Todd Cochrane, Host of Geeknewscentral. In a Recent post from Todd, he stated he is going to leave Ustream.tv.

Mike Smith in his last Podcast talked about this subject and why he is really unhappy with Ustream.tv. He says that the ads could possible violate his TOS with Techpodcast Network. He also would like to share the revenue because he was one of the founding podcasters that started to use Ustream.tv. He’s worried that there will be adult theme ads showing on his video stream and that He wants this to be family friendly. He’s said before the show if he has to he’ll go to other networks. Some of the networks that might help him out:

Mogulus
Stickam
Ustream.tv
Blogtv

Antivirus Professional 2008 uses Scare tactics

By Paul | Nov 10, 2008

Comments Off

We came across a rogue today called Antivirus Professional 2008 that uses GeoIP Lookup as part of its scare tactics. This site uses Flash and script to create the effect of an online scan, that then attempts to push an installer at the visitor. The NoScript extension for Mozilla Firefox is an excellent way to mitigate against this kind of garbage.

[Via F-secure]

It seems that there is a site out there, that seems to be trying to scare you into downloading there software. If you have any questions about this site please feel free to check out what I’ve found out:

Registration Service Provided By: ESTDOMAINS INC
Contact: 1.3027224217
Website: http://www.estdomains.com
Domain Name: ANTIVIRUS-ONLINE-SCANNER.COM
Registrant:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Creation Date: 07-Jun-2008
Expiration Date: 07-Jun-2009
Domain servers in listed order:
ns2.antivirus-online-scanner.com
ns1.antivirus-online-scanner.com
Administrative Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Technical Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Billing Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732

Micrsoft TerraServer, What are they doing today?

By Paul | Oct 28, 2008

Comments Off

Just found this great way to get an aerial view of Los Angeles, Although the photos are old photos they still give you a sense of the area. For example this one:

Corpus Christi, Texas, United States 1/15/1995

As you can see you can get a good look around the US. If you want to check out your local area or maybe you know you Latitude and Longitude of where you live. You can also enter that too and see it in the past. It at least brings back memories for me. For example, the Twin Towers, they still have that photo. You could also look at the White House before 9/11 also. Go check out the Micrsoft Terraserver and go have some fun looking at old pictures.

Microsoft reveals “Microsoft Azure”

By Paul | Oct 27, 2008

Comments Off

Windows Azure is part of a set of new and existing technologies behind the Azure Services Platform, a development and execution platform that runs end-user and corporate software on Microsoft’s own servers, accessible over the web. It joins Google’s App Engine and Amazon’s EC2 in an increasingly competitive market.

[Via ZDnet]

Although, There isn’t much more they have said I am quite curious how they will interegrate this into the cloud computing. According to Microsoft, it won’t run on the company server but Microsoft Datacenter. Now this I can see is a big security problem. Because most companies use what they call an Intranet and not the internet. So that leaves questions on if companies are going to use this system or not. Are you ready to let your information float somewhere over the inernet tht is SENSITIVE and CONFIDENTIAL? These are the questions that Microsoft will have to Answer, before any company will use this on there systems.

Help stop those slow boot up!!

By Paul | Oct 24, 2008

Comments Off

I was searching for a program to help boot up my system a lot quicker. I came across this little program call Startup Delayer. In a nutshell, it allows you to pick which programs to start up first and then lets you decide how many minutes between each program that is asking to load.

In the best way possible you can download this program and use it for yourself. Although they seem to be having a little server problem right now. Go download Startup Delayer, and decide for yourself.

Windows XP/ME/Vista and 2000 compatible

Microsoft Windows Server Service Vulnerability (MS08-067)

By Paul | Oct 23, 2008

Comments Off

A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.

On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.

Note: This vulnerability is being exploited in targeted attacks.

[via FrSirt]

This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!

*UPDATE*
According to Microsoft:

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
[Via Microsoft Security Bulletin]

Are you asking to be scammed?

By Paul | Oct 15, 2008

Comments Off

As we go further into the economic death, we are faced with the most undesirable aspect of the human culture. That is to say, scammers are going to use the chance to find people to scam. I don’t say this lightly because scammers have become more cunning and dubious through the years. They are actually using the internet as well as most companies. They are going to sites like Monster.com, Careerbuilder.com, and other hiring sites to get people to apply for jobs.

<<See Previous Post – Nationwide Marketing Scam

Having said that, I recently had a problem with being tried to be scammed. I applied to a job posted on Careerbuilder and that is how they got a hold of my home address. I did not think about the security problems associated with applying for jobs on line, until recently.

As you can see that is how they got a hold of my information and have made myself vulnerable to scams and also, other potential problems. I am talking about Theft ID and also spam. Although spam is to be expected with anything we do online. I’ve come to the conclusion that we will always have to deal with spam. I wanted to talk about how to be careful when you apply for online jobs and put your information out on the internet. I’ve started taking some steps to prevent this from happening again.

Getting Spaz to work with the Twit Army:

By Paul | Sep 8, 2008

Comments Off

I having successfully installed Spaz and use it with the Twit Army. I’d figure I would talk about how to get Spaz to work like Twirl. It’s a very simple way but some people seem to having trouble. This will only work with Vista or XP and I am not sure about Linux or Mac. I’ve been successful doing this with a Vista Premium Machine. It seems to be really easy to use and not take up to much of your desk space.

Download and Install Adobe Air — (You will need this to installed first.)

Download and Install Spaz — (This is the main program)

Once install you will need to go to:

Go to the [ Preferences ]

Go to [ Other Services ]
Put this in exactly as shown (see example)
Go to [ Networking ] (optional)
Put this in exactly as sown (see example)

>

Doing this should get you connected to the Twit Army. I am not sure why it says “ERROR : Server returned invalid data” When you first start the program but if you wait a couple seconds you will see that it will eventually loads up. If you have any suggestions or comments please feel free to leave a comment.