Computer Security : How not to get Infected.

In my previous blog post we talked about how the computer would get infected with Malware. Now on this blog post we will discuss how you can prevent most to all of these from ever happening again on your system.

Now let’s face it we are more and more going to be on the internet.   This is almost a necessity for a business or individuals.  You see Businesses have built there product around the internet and that is why it is necessary to be on the internet.

What program not to use to Surf the web

You should consider getting away from Internet Explorer,  I don’t say this lightly.   It may take Microsoft Months to fix a hole in something that involves ActiveX or Something like that.  We know how Microsoft will only push out the really big security holes out of Cycle but keep the minor ones in Cycle.   Hackers have jumped on exploits before when it comes Internet Explorer and use them on Black Wednesday, not less than 24 hours after the patches have been released.

Although these examples I showing doesn’t mean that they haven’t been fixed they are showing you how long it takes sometimes to fix them.

Microsoft to Release One Crictical update for Tuesday

Microsoft has release the information for May’s Patch Tuesday and it looks like there is one major update for Power point:

The Affected software is MS Office 2000, MS office Xp, MS Office 2003, Ms Office 2007, Power point viewer, and MS compatibility pack for Word, Excel, and Power point 2007.

What will be coming out for Tuesday is as Followers for Non-security Releated:

• Windows PowerShell 1.0 for Windows Vista (KB928439)
  
• Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)
• Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
• Windows Malicious Software Removal Tool – May 2009 (KB890830)/Windows Malicious Software Removal Tool – May 2009 (KB890830) – Internet Explorer Version
• Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)

Although some of this is usual like the Malicious software removal tool, and Windows Junke e-mail filter, we won’t know what else will be released until Tuesday.  Some of the updates will be minor like the Powershell, I am guessing tis will help get ready for SP2, and the SP1 for the .NET framwork also looks to be getting ready for SP2.  So I will keep you updated if i find out what else is released on Tuesday!

Offline Update 5.0, Clone of Autopatcher to Some!!

Offline updater 5.0 has been released a couple months ago and I just realized it now.  This is an excellent tool for IT professionals who want to keep all your Systems up-to-date with the last patches from Microsoft.  The systems it supports are Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 x64, And Windows Vista / Server 2008.(32 bit and 64 Bit updates).

I find this a very useful program for people who have a multitude of problems, from not being able to get on the net to computer virus infections.  This is really good for big businesses that want to update a lot of systems in easy way without having to wait for downloads of updates to install.   You can take a DVD and update on the fly within Mins.   DVD being Cheap or buying them in bulk helps saves time and money for the company.   Less time spent downloading the updates and more time actually getting work done.  As with the Conflicker, Downadup, and to some the Conflickr Trojan, if you got infected with that little worm.  This would help install the updates that it prevented you from doing in the first place.  I also found that once you download do the update the files are kept on the hard drive so you no longer have to redownload them again.  You just update the updates every second Tuesday of the month and it downloads the newest patches and creates a whole new ISO for you to burn.

A fan wants to Release Windows 7 Now : My Security Concerns

After reading about this from Kelly Poe) to find out the site he put up and I am quite impressed.    Here are few things that I am concerned about starting with the website.

I love the idea and all but I am quite concerned with the privacy of my email account.  I don’t know if you have to submit your email account but I would caution people not enter one until the site says what it will do with your email address.

Now that being said that’s the only thing I can think of when it comes to security for your email address, you don’t want to someone to give out your email address to spammers. That would just make it even worse for your email account.   You could however use a 10 min Email account to use but that might make it harder for Microsoft to contact you if they want to verify these accounts!!

Now my main concern is Windows 7  right now and Security.   You know the Conflicker/Conflickr/Downadup Worm is currently loose on the internet.  It uses the the Ms 08-067 Exploit and currently Windows 7  does not protect against this Worm in fact Microsoft has released information that you would need to install the updates manually to fix this problem.

Admins are shaking in there boots due to the Ms 09-001 Patch

I have to talk about this because this is a big deal.   According to Techworld and I’ll quote:

“This one scares me – a lot,” says Eric Schultze, CTO of Shavlik Technologies. “It is a lot like Blaster and Sasser. It is the same exploit vector. If I am an attacker and I can touch NetBios then I can execute code with no credentials.”

[via Techworld]

Now This is due to the fact of what is happening with an update that came a few months ago the MS 08 – 067 that still people haven’t patched their systems.  According to F-secure the Downadup/Conflicker has grown overnight by a million computers being infected.

Now why are they scared of the recent patch (MS 09-001), because of so many vectors of infection, you don’t need any credentials.  The virus  does not  need to know any passwords or user names to gain access.  Just like the Downadup variant that is hitting the internet right now, this virus tries to access accounts by guessing weak passwords or even putting itself on flash drives or other mobile media to get other systems infected.

Internet Explorer still has a Vulnerability after Tuesday Patch!!

I just read this on several blogs and thought I’d share the details with you, it seems that Microsoft didn’t know there was a problem with this Bug/Vulnerability.   Computer world has a great article and  says this:

“The updates Microsoft released yesterday do not address this possible vulnerability,” a Microsoft spokesman said today in an e-mail reply to questions, “but I can tell you that Microsoft is investigating these new public claims of a possible vulnerability in Internet Explorer.”

[Via ComputerWorld]

I can only hope that Microsoft fixes this Vulnerability soon, I would take a guess that they will try to get this out on the patch cycle if not they will push it out after.   Some things to remember with IE(Internet Explorer) is only use it with Microsoft Updates.   I also Suggest downloading FireFox and checking out my Anti-virus and Anti-Spyrware Page for ways to prevent from getting a virus.

Upcoming Patch Tuesday

I wanted to get prepared for the updates for this Tuesday and I thought I’d go through them and list what Microsoft said about each.   These are what’s been said on Technet and I am sure there will be more.   Each one of these don’t look to serious but I will post Tuesday if there is anything I’ve missed on this post.   As you might know this is not set in stone but just the direction of Microsoft for this Months Release.

KB955839

Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

Facebook : Beware Spam for breakfast. (Virus)

In today’s society, we’ve been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:

The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user’s friends via the site.

“Unfortunately, users are very trusting of messages left by ‘friends’ on social networking sites,” said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. “So, the likelihood of a user clicking on a link like this is very high.”

[Via Channel Web]

This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they’ll say you need and if you’ve already installed this list of codecs then you know they’ll not telling the truth and you can quickly get away from the site laughing.

Microsoft issues Vista patches out of Monthly Patch Cycle!

Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:

Kb957321

An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

KB959108

The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

Windows update is getting a revision!

According to Computer World, dated Oct 31, 2008 and I’ll quote:

“Over the next couple of months, we’ll be rolling out another infrastructure update to the Windows Update agent (client code),” said an unidentified Microsoft employee on the Windows Update team’s official blog. “This update makes it possible for users to install more than 80 updates at the same time.”

[via Computer World]

Now if your like me and have several computers who need to be updated at a given schedule, you sometimes worry about these updates that come along that might just break your system. I have been using a program call Offline Updater, which does what Autopatcher does really nicely. So why is Microsoft sending out this patch? Two reasons, one they want you to be able to update your operating System without hurting your system integrity.

Now lets talk about the integrity of having to reboot your system. You see, every time you reboot the system, it causes the system hardware some strain.  It is something like having starting up a car, sooner or later you will have the starter go out, because of to much start up.

Time to Change your clocks.

Time to change those clocks of ours

Having been looking at one of my old clocks that would automatically change for Daylight Savings Time, I’ve had to keep reminding myself that it is an hour off. Starting tonight at 2 PM, it will be right. So I thought I would help people keep there computer clocks up to date by suggesting some good programs to us to keep your system having the right time.  So people know what dates are being affected according to the Greenwichmeantime they say  this:

Beginning in 2007, Daylight Saving Time is extended one month and the schedule for the states of the United States that adopt daylight saving time will be:

2 a.m. on the Second Sunday in March
to
2 a.m. on the First Sunday of November.

So that saying goes it “Fall back, Spring Forward“  So now here are some great programs to better help you get your computer clock up to snuff:

Worldtimeclock Atomic Clock Sync Program – It is a free program for you to use with your Windows.  Although you have to make sure your selected the right timezone once it is installed all you will need in an internet connection to sync your windows time with the atomic clock.

Microsoft Fixes some Performance issues with Vista a Month early!

Update for Windows Vista (KB957200)

This is a reliability update. This update resolves some performance and reliability issues in Windows Vista. By applying this update, you can achieve better performance and responsiveness in various scenarios. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.

Now if I know Microsoft, this update actually helps with some versions of programs that is currently out. I am just curious as to why they sent this updates out early. Has Microsoft changed there tactics with updates? Have they decided to send them out as soon as they are done?

Adobe released the latest version of shockwave.

Just saw this on the net, thought people would like to know where to get the information for the latest updates to shockwave.  Some stuff that they improved upon are:

1. New [3D effects]
2. New [Custom filters and effects]
3. New [Advanced text support]
4. New [Dynamic sound generation]
5. Updated [Drawing API]
6. Updated [Hardware acceleration]
7. And much more

Brought to you by Adobe. To see all the features of what is new with Shockwave 10 please click link.

Download it now

AVG detected trojan ; Generic11.BEOG

I had a Friend tell me his system detected  this Trojan GENERIC11.BEOG.  I did my research and right now.  It looking like Adobe added something to there recent updates *see updates below*.   I’ll  Have to check with some other sources but it looking like AVG over did it again and found something that might just be an AVG issue.  (correction)

I usually wait before updating something like adobe.  It is sure to be some minor change to adobe but if your are worried here’s the link to watch and see what people are asking or talking about this false positive:

Malwarebytes Security Forums

It seems that AVG is calling this possible virus but yet it looks like it is a false positive.  So don’t you worry.  If it was a true virus you’d probably would never know!!

*UPDATE*

I installed Adobe 9.0 and updated the virus scan database for AVG.  It hasn’t found any thing yet but I am still scanning my system.  I’ll let you know if it finds this false positive on my Vista machine!!  I’m doing this to test it out!!!  Come back later to find out the results of the test.  (if you like this website by all means google this website so it too can be on google trends.   I want to see it be up on google trends for a day or two.)

Taking back Program Controls : For the Beginners!

So, let’s face it, this is one of the most annoying problems there are with programs.   Programs that you think are shut down but are actually still active in the Taskmanager.  So I figured I’d talk about some of the most common fixes for these problems.    Now as you know there can be any number of programs or glitches as they say, causing the problems.  So let’s talk about the why, shall we.

Most of the time programs don’t quit because they are waiting for some kind of response from the system or the System is waiting for the program to close by itself.  It could also be a problem with a Virus or Root kit?  How do you fix it?

Fixing the problem is somewhat just trial and Error.  It isn’t always the hardest thing to do but sometimes people overlook the easiest solutions.   So here are some easy ones:

• Check to see if one of the Microsoft updates are causing the problem –  Sometimes you might not realize it, but having installed an update can cause problems like KB951748.  That one caused a major Headache for Zonealarm.  So it is wise to check each months updates when you start seeing problems, sometimes it could of been happening for a while but it can sometimes cause troubles.

Limiting Use of Your Bandwidth!!

With the Recent Comcast deciding to declare how much of bandwidth you can use.  I decided to talk about how to limit your bandwidth.  So Here are some tips and tricks to get the most out of your bandwidth:

Chapter 1 – Understanding your Wireless Router : This is a must.  This chapter talks about how to access your router and and how what is an IP!!

Chapter 2 — 10 Ways to keep your wireless router Secure – This one will help with those pesky neighbors who are leeching of your internet and Bandwidth!

Chapter 3

• Turn off Auto Update to Unimportant programs : Having several programs checking for updates can start to add up.  Although this is a small amount of bandwidth.  It will give your that extra amount.
• When not using your Internet turn off your Modem : This one is the most useful because when your not using your internet just turning off the modem will prevent you from using to much bandwidth.
  

PSP 3.80 and PS3 2.10 firmware updates now available

You knew they were coming, now PSP 3.80 and PS3 2.10 are out and ready to dance on your Sony console. That’s DivX and WMV video support with Blu-ray profile 1.1 now ready for your PS3 in addition to Internet radio and a few other goodies for your PSP. Now get to it Sony boy, you might want to call in sick to do it up right.

[Thanks to everyone who sent this in]
[Via Engadget]

I thought people would like to know to check for the updates!!

iPod classic May Have Battery Drain-o Bug

Today there was some buzz about a battery bug in the iPod classic. Since perceived bugs aren’t always universal, or even widespread, we like to wait a bit before sounding the alarm. Well, this afternoon, when I plugged in an iPod classic that I swore was close to fully charged and saw the “Please connect to a power source” error message you can see above, I decided to dig deeper.

Sure enough, many, many classic owners are experiencing troubles. On this Apple Support thread alone, 33 posts discuss the issue, with speculation about whether the cause is use of Cover Flow or even leaving the clock display on (for as long as it lasts) when music isn’t playing. Most people say the problem hit when they upgraded to 1.02, the supposed classic “fix.”

In my own circumstance, the cause couldn’t be Cover Flow, because I rarely use it. (Sorry Steve!) It could definitely be related to the 1.02 update, as I had no problems until I updated. If you haven’t updated to 1.02, you may want to hold off. If you have, some people recommend restarting it to get it out of its continuous battery-draining spin. Some people simply recommend taking it back to the Apple Store for a replacement.