Internet Security Companies Warn about Patch Tuesday and Valentines Day.

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

Offline Update 5.0, Clone of Autopatcher to Some!!

Offline updater 5.0 has been released a couple months ago and I just realized it now.  This is an excellent tool for IT professionals who want to keep all your Systems up-to-date with the last patches from Microsoft.  The systems it supports are Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 x64, And Windows Vista / Server 2008.(32 bit and 64 Bit updates).

I find this a very useful program for people who have a multitude of problems, from not being able to get on the net to computer virus infections.  This is really good for big businesses that want to update a lot of systems in easy way without having to wait for downloads of updates to install.   You can take a DVD and update on the fly within Mins.   DVD being Cheap or buying them in bulk helps saves time and money for the company.   Less time spent downloading the updates and more time actually getting work done.  As with the Conflicker, Downadup, and to some the Conflickr Trojan, if you got infected with that little worm.  This would help install the updates that it prevented you from doing in the first place.  I also found that once you download do the update the files are kept on the hard drive so you no longer have to redownload them again.  You just update the updates every second Tuesday of the month and it downloads the newest patches and creates a whole new ISO for you to burn.

Admins are shaking in there boots due to the Ms 09-001 Patch

I have to talk about this because this is a big deal.   According to Techworld and I’ll quote:

“This one scares me – a lot,” says Eric Schultze, CTO of Shavlik Technologies. “It is a lot like Blaster and Sasser. It is the same exploit vector. If I am an attacker and I can touch NetBios then I can execute code with no credentials.”

[via Techworld]

Now This is due to the fact of what is happening with an update that came a few months ago the MS 08 – 067 that still people haven’t patched their systems.  According to F-secure the Downadup/Conflicker has grown overnight by a million computers being infected.

Now why are they scared of the recent patch (MS 09-001), because of so many vectors of infection, you don’t need any credentials.  The virus  does not  need to know any passwords or user names to gain access.  Just like the Downadup variant that is hitting the internet right now, this virus tries to access accounts by guessing weak passwords or even putting itself on flash drives or other mobile media to get other systems infected.

Internet Explorer still has a Vulnerability after Tuesday Patch!!

I just read this on several blogs and thought I’d share the details with you, it seems that Microsoft didn’t know there was a problem with this Bug/Vulnerability.   Computer world has a great article and  says this:

“The updates Microsoft released yesterday do not address this possible vulnerability,” a Microsoft spokesman said today in an e-mail reply to questions, “but I can tell you that Microsoft is investigating these new public claims of a possible vulnerability in Internet Explorer.”

[Via ComputerWorld]

I can only hope that Microsoft fixes this Vulnerability soon, I would take a guess that they will try to get this out on the patch cycle if not they will push it out after.   Some things to remember with IE(Internet Explorer) is only use it with Microsoft Updates.   I also Suggest downloading FireFox and checking out my Anti-virus and Anti-Spyrware Page for ways to prevent from getting a virus.

Fix Shutdown Problems in Vista!

In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility.  One thing it seemed to fix on my system has been the shutdown time.  It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute.   So if you’ve not installed this update please install it soon.   I would like to know if people are seeing the same thing I am.   I’ve found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs.  This should fix most of the problem with older programs.

Rumor is that Itunes will Remove DRM!

A report from last week brought to AppleInsider’s attention by French technology site ElectronLibre asserts that it’s now “clear” Apple will spark new interest in its music store by removing DRM from tracks published by Sony, Universal and Warner on December 9th.

[Via Apple Insider]

Although, this is somewhat unlikely I’ve got my own theories on this.  You see If Apple did this tomorrow that would be a BIG deal, due to the fact that Microsoft will be releasing there patches on the same day.  I find it would be a momentous occasion.

I can only guess why and the guess is just a guess.  If Itune’s did remove there DRM the same time as Microsoft Patch Tuesday, I’d have to guess they will co-inside because of the difficulty of using the DRM, Digital Rights Management, on other products.  For example, Windows Media Player .  If Apple decided to approach Microsoft and come up with a way to make sure all DRM is stripped this would be the ideal situation.   Although this is highly unlikely, I’d have to think Apple wouldn’t wait till tomorrow to strip the DRM.  They know Microsoft schedule.  We will have to find out in the coming days.

Upcoming Patch Tuesday

I wanted to get prepared for the updates for this Tuesday and I thought I’d go through them and list what Microsoft said about each.   These are what’s been said on Technet and I am sure there will be more.   Each one of these don’t look to serious but I will post Tuesday if there is anything I’ve missed on this post.   As you might know this is not set in stone but just the direction of Microsoft for this Months Release.

KB955839

Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

Stop botnets in its tracks With a Firewall!

According to PC World and I’ll quote:

According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.

[via PC World]

Now let’s talk about this, having been seeing recent surges of people getting infected.  I’ve come to the conclusion that companies like AVG and other Anti-Virus companies are keeping up.   Now true if all you have is an Anti-virus and nothing else that greatly increases your likely hood of getting a virus.

In a recent virus storm, We have people finding my site because of a Good Firewall.   No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it.  So let’s talk about how to prevent botnet attacks.   This is relatively easy and if you follow some common rules.   You to could be less likely to be infected.  I will say this most people don’t do these common tips and they should do them.

Silverlight 2.0.31005.0 Is release today.

I woke up this morning and found there was an update.  I thought to myself this isn’t the second Tuesday, that was last week.  So I click on my update tab to see what it was all about? Wouldn’t you know it, an update to Silverlight 2.

I will be looking into the new Microsoft Silverlight.   I have heard on the wind, that this might be due to the PDC coming Oct 27-30.   This has something to do with Windows 7, I’m almost sure of it.   I am sure as you can see this is most interesting. I’m also sure this has to do with some security fix but why push it out now when there is no need too.  This update effects Windows Xp/Vista/and 2000  so we will see what they have in mind the coming weeks.