Friday, May 29, 2009

Microsoft Security Advisory 971778

Microsoft has released Security Advisory 971778 directed to a vulnerability in Microsoft DirectShow which could allow remote code execution if a specially crafted QuickTime media file is opened.

Microsoft is aware of limited, active attacks that use this exploit code. At this point in the investigation so far Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable. All versions of Windows Vista and Windows Server 2008 are not vulnerable.

Work-around Options:
  1. If you are using Windows 2000, SP4, Windows XP or Windows Server 2003, please see the Fix it provided to disables QuickTime parsing. After a security update is released, return to this link and click the automatically on a computer that is running Windows 2000, Windows XP or Windows Server 2003, click the "disable workaround".
  2. Use WinPatrol to disable QuickTime. See WinPatrol Features.

References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, May 28, 2009

The sound of found: Bing!

As you can see with a glance to the right, I removed the Live Search image and replaced it with the brand new logo for Bing, the new Microsoft search engine.
Discover Bing
Making the top trends in Twitter today has been the sound of Bing. In fact, that is the idea behind the title of the introduction to Bing at the Live Search blog:
"Why did we pick Bing as the new brand name? We needed a brand that was as fresh and new as our approach. It needed to be like the product — optimized for the Internet. A name that was memorable, short, easy to spell, and that would function well as a URL around the world. We like Bing because it sounds off in our heads when we think about that moment of discovery and decision making — when you resolve those important tasks. And frankly, the name needed to clearly communicate that this is something new, to invite you to come back, to re-introduce you to our new and improved service and encourage you to give it a try."
Learn more about Bing at Why Bing?.

Update: Listen to Apple co-founder Steve Wozniak in Woz Bing! Apple Co Founder a "Big Fan" of Microsofts New Search Engine

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, May 26, 2009

The Tech Herald: Criminals using Comodo to attempt legitimacy

In his report on the recent Comodo controversy, The Tech Herald writer, Steve Ragan, added information everyone else missed:

The ten thousand dollar question, which no one asked of Mr. Abdulhayoglu, was why Comodo offers DV certificates free for 90-days.

“A free SSL certificate will secure your site and begin building trust,” Comodo’s site states, adding that a free SSL certificate is, “the same as our paid Essential SSL” They even promise no, “faxes, no paperwork and no delays - get the golden padlock within minutes and be ready to sell online.” How is this not making an offer to encrypt data for a recipient you have not verified?

Mr. Ragan also contacted VeriSign since they were mentioned in the discussions. A VeriSign spokesperson told The Tech Herald, “RapidSSL, Thawte, and GeoTrust are the only brands VeriSign issues DV certificates from.”

This additional information was provided by VeriSign, further illustrating that poor practices are not in place by other certificate authorities:

“The system we have in place automatically rejects obviously fraudulent sites and kicks anything questionable to a manual approval. And if anyone flags a site as malicious, we have a team that investigates these and revokes the certificate if found to be malicious/fraudulent.”

Jay Schiavo, Product Manager at VeriSign, mirrored that thought by adding, “For GeoTrust and RapidSSL we have the ability to revoke a cert issued to a malicious or rogue site instantaneously. The cert will then show up on our CRLs immediately."

Read Steve Ragan's article in The Tech Herald: Criminals using Comodo to attempt legitimacy





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Zune HD Expected In the Fall

OLED + Zune HD = pure bliss!

According to a report by c|net reporter Ina Fried, Microsoft has confirmed that the Zune HD will be released in the U.S. in the fall.

The OLED touch-screen Zune will have a version of Internet Explorer customized for the touch screen. I really like the FM radio feature on the Zune and the Zune HD will go one further with an HD (high definition) Radio tuner. It will also be able to surf the Web and play high-definition movies. See Microsoft confirms Zune HD coming this fall for the complete story.

In case you are wondering why I am so excited about the Zune HD including an OLED touch screen, it is because I have met the inventors of the Kodak-invented OLED technology and have seen OLED products. OLED is just incredible!

About Zune HD:

OLED Background:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, May 25, 2009

Comodo . . . again

Hot on the heels of Microsoft MVP Mike Burgess' report of Comodo issuing certificates to known malware, he made another discovery, reported in Oh Comodo here we go again!

As Melih Abdulhayoglu, the President and CEO of Comodo, explained previously:
"Comodo cares for their security, so when somoene gets a DV cert from Comodo, we do try to explain to them it is important that they get a higher validation certificate like OV (Organisation Validation) or EV (Extended Validation). This way at lease we can convert some of the people who whould have bought DV into a validated customers."
Perhaps instead of explaining to the DV certificate customer, Comodo would do better to take a few minutes to conduct a simple WhoIs domain search. As Mike put it here:
"First I very rarely see a certificate issued by GoDaddy to these type malware pushers ... now here is a tip ... perhaps the first clue would be to Google the domain name that wants to purchase a certificate ...

{snip}

Yet "Iam Monkey_boy=) from the comodo forums" states:
"Comodo can't really be blamed if a site that has a certificate hosts malware"

Let me put a little perspective on this ... "Conficker systems being updated with SpywareProtect2009"
Conficker is now believed to be the largest computer worm infection since the 2003 ... and Comodo issued the certificate to "SpywareProtector-2009" ... now you can't tell me that this domain name isn't a cause for concern? It gives me chills to think how many people were duped into purchasing this product.

Now if it was my company and I found out we were involved (even remotely) in the largest infection since 2003 ... I'd certainly want to make some changes in our policy as to how these certificates are issued ... but that's just me ..."

and here
"Comodo states: "To get a DV cert all you need is a domain name and $15..and no background check about your identity is required." As I stated in a previous post ... perhaps you should at least check the domain name ... duh! that would be a good first clue ... but I guess the $15 is more important?"




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Remembering . . .

Remembering men and women in uniform from around the world.










Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, May 24, 2009

WinPatrol Honors World War II Veterans

All WinPatrol PLUS subscriptions purchased on Memorial Day will be donated by Bill Pytlovany to the Honor Flight Network. As Bill explains:
"Memorial Day is always an emotional weekend for my family and others. Last year I discovered a nationwide programs called the Honor Flight Network. The goal of this charity is to help send World War II veterans to Washington D.C to visit the five year old WWII National Memorial. The Honor Flight Network won’t be around for long because our World War II veterans are passing away at a rate of 1,200 a day."
If you have been thinking about upgrading to WinPatrol PLUS, Memorial Day --May 25th, 2009-- might be a good day. Click here to purchase your WinPatrol PLUS activation code.

Full story here: WinPatrol Honors World War II Veterans






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, May 22, 2009

Microsoft: Fix it For Me Now!

It does not matter how something on a person's computer broke. It could be the result of a malware infection, a conflict with a third-party application, or self-help that backfired. Regardless of the source of the problem, we all want Microsoft to Fix it and to Fix it Now.

Although Microsoft has long provided Knowledge Base articles with detailed instructions for repairing problems such as those mentioned above, the instructions generally involve registry edits -- which is understandably something the average home user generally will shy away from doing.

Along comes Microsoft Fix it, a tool to automate those fixes that you want now, relieving you from worrying about messing up a registry edit that could result in your computer in worse condition than before you attempted the fix.

The Fix it Team has created a wide range of fixes covering problems in Windows, Internet Explorer, Microsoft Office programs such as Excel and Word, Outlook, Windows Media Player, Zune and a whole lot more. Many of those fixes are a result of Windows Error Reporting (WER) where people like you and I allow the submission of crash reports to Microsoft. By submitting those reports, Microsoft Product Support Reports (MPSReports) is able to analyze the results and fixes for repeated problems are added.

To check that Windows Error Reporting (WER) is enabled, do the following:

Windows Vista:

Click Control Panel > System and Maintenance > Problem Reports and Solutions > Change settings > Advanced settings > Select "Automatically check for solutions".
Windows XP:

Click Start > Right-click My Computer > Properties > Advanced Tab > Error Reporting.
If you are not sure where to start, you can try Microsoft Automated Troubleshooting Services (Microsoft ATS) to detect problems on your machine and automatically fix any common problems.

The Fix it Team has provided multiple resources to assist you in locating a Fix it solution:
  1. Fix it for me blog
  2. Fix it Gadget (Download link)
  3. Fix it Solutions Page
  4. Microsoft Fix it Solutions Center

Listed below are a few of my favorite fixes for problems I frequently see in the support forums.


Windows Fixes

clip_image002 Enable Windows Firewall

clip_image002 Error message when you use the Windows Update or Microsoft Update Web site to install updates: "0x8007000B"

clip_image002 How do I enable User Account Control in Windows Vista

clip_image002 How do I reset the Windows Update settings?

clip_image002 How to reset Internet Protocol (TCP/IP)


Internet Explorer

clip_image002 Ask Toolbar that causes a crash in Windows Internet Explorer 6 and 7

clip_image002How do I move the Standard toolbar to a location that is above the Address bar in Internet Explorer 7 or Internet Explorer 8?

Fix it Reset Internet Explorer settings

Fix it Re-Register the Internet Explorer .dll file

Fix it Uninstall or remove Internet Explorer 8 - restores your previous version.


Other Examples

clip_image002 Default line spacing and default paragraph spacing in Word 2007 differ from the default spacing in earlier versions of Word

clip_image002 How to move the Windows Taskbar from its default position or reset it to its default position

clip_image002 Reset Windows Media Player Associations


The next time you need a solution for a problem, let Microsoft Fix it for you.



Related Posts: Microsoft FixIt Label


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, May 19, 2009

Basic Computer Security for the Home User

Before I start with a list of do's and don'ts for the home computer user, please allow me to tell you a little bit about yourself. You are a mom, a dad, a grandparent, aunt, uncle, cousin, brother, sister, only child, neighbor, friend, rocker, jazz enthusiast, student, teacher, banker, purchasing agent, and somewhere between the age of 10 and 90 or so.

Regardless of which tag or tags describe you, there is one thing each of you have in common; that commonality being a home computer user. We all know that the cost of computers has come down over the years but that is no reason to jeopardize your investment.

So let's talk about basic computer security to protect your computer. Using the analogy that I started this blog with:

The best way to protect your garden is to fence it in.
The same applies to your computer.


What are the basics needs to fence in your computer?

1) Firewall

The purpose of a firewall is to block unauthorized access to your computer, yet allowing programs you allow access to the internet. The firewall is your first line of defense in protecting your computer and the data stored on it.

There are several basic firewall software programs that are free for personal use that I recommend. Each of those software vendors also have a full-featured licensed version available for purchase:
See Vista Compatible Firewalls for a broader selection of software firewalls.

For information beyond the basics, see the documents prepared by Microsoft:
In the case of a software firewall, two is not better than one. Only run one software firewall on your system. (Note: even if you are behind a router, you still need a software firewall.)

2) Security and Software Updates

Yes, I know. You have heard over and over that you need Microsoft Security Updates but what is this about other software? Software programs like Adobe Reader, Acrobat, Adobe Flash, SunJava, Firefox, Safari, and others also have security issues and need to be kept updated.

Start with Microsoft Security updates, issued the second Tuesday of each month:
How can you keep up to date with the other software on your computer? It certainly sounds like a daunting task. There is, however, a simple tool that will make it easier. To periodically check if your system is missing security updates or has insecure applications installed, visit http://secunia.com/software_inspector/. The Secunia Software Inspector runs through your browser with no installation or download required and does the following:
  • Detects insecure versions of applications installed
  • Verifies that all Microsoft patches are applied
  • Assists you in updating your system and applications
3) Antivirus Software

Just as a firewall is important to prevent unauthorized access, antivirus software is needed to help prevent your computer from being infected by viruses. You also need to keep your antivirus software regularly updated.

There are a couple of free antivirus software programs that I recommend to people with budget constraints:
My favorite subscription antivirus is ESET. Another excellent program is Kaspersky. See Vista Compatible Antivirus Software for a complete list. Only run only one antivirus software on your computer.

For more information about computer viruses, see Beyond the Basics: Viruses.

4) Anti-Malware and Monitoring Software

The word malware was created from a combination of malicious + software. Malicious software includes computer viruses, worms, trojan horses, spyware, adware and other malicious and unwanted software.

Although there is somewhat of an overlap between anti-malware software and antivirus software, it is strongly recommended that you maintain an updated anti-malware software on your computer. Microsoft provides Windows Defender.

Another excellent choice is Malwarebytes' Anti-Malware (MBAM), which is free for personal use. MBAM also has a licensed version available which includes the Realtime Protection Module which uses an advanced heuristic scanning technology which monitors your system to keep it safe and secure.

There is one more program that is actually the first thing I install on my computers -- WinPatrol. Indeed, I would feel I was doing a disservice if I didn't mention WinPatrol, referred as "Scotty, the Windows Watchdog". WinPatrol was introduced in the days of Windows 95 and is compatible with every Windows Operating System, including Windows 7. WinPatrol is free for personal use and also has a one-time payment licensed Plus version. WinPatrol was the first software I installed on my Windows Vista computer. Bill Pytlovany, the developer of WinPatrol is also a Microsoft MVP.

The features listed below are the primary reason I use WinPatrol, described more fully at the Win Patrol Features page:
  • Delay Startup Programs
  • Warn if AutoUpdate Status Changes
  • Track Date/Time Programs are First Detected
  • Prevents Changes to File Type Associations
  • Keylogger Detection
  • Kill Multiple Tasks in One Step
  • Twenty Thousand Program Descriptions
  • Disable Vulnerable Active X Controls
  • Create Hijack Style Log Files
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

I know that is a lot to digest, especially knowing it is just the basics for keeping your computer secure. Over the years, I have covered other topics of interest for the home user, including phishing, setting up a home network, online shopping safety, family safety (including child-safety sites & tips). If you are interested in additional security tips, there is broad collection in the month-long Cyber Security Awareness Tip of the Day series from last October.

To receive e-mail notices of new Security Garden posts, consider the subscription option in the left column.

Clubhouse Tags: Clubhouse, challenge-safe, family, security, security center, How-to,


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Symantec PR Fixes Support Mess

Last week, Bill Pytlovany reported that a Symantec Support Rep had removed WinPatrol from the customer's computer and additionally charged the customer $99 in the process. As Bill explains in his follow-up report, Symantec Public Relations Specialist Noah Edwardsen contacted him after learning about the situation via Symantec contacts of @clarinette02 and @TimelessP (both of whom I follow).

Noah not only contacted Bill but also took the time to leave a comment at my original report:
Noah Edwardsen said...

Hi Corrine,

I wanted to let you know that we've been in touch with Bill Pytlovany and have reached out to the original customer who called support.

Symantec does not classify WinPatrol as a threat, and we're actively investigating this customer's experience to learn more about why the support agent provided incorrect information and to ensure it doesn't happen again.

Best,

Noah Edwardsen
Symantec



This is a win for public relations and social media. See the full story in Bits from Bill: Social Media Marketing is Great on One Condition.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, May 18, 2009

Online-Armor Goes to the Top of the List

When recommending a free-for-personal-use software firewall in the forums, the list I previously provided was in alphabetical order. As of today, that list has been changed to place Online-Armor at the very top of the list. Why? It is simple. Mike Nash got my attention when he chose ethics over dollars.

If you are looking for a full-featured subscription firewall, I highly recommend Online-Armor (Product Features). As Bill Pytlovany asked: Would you like Toolbar with your Software Order? The answer is a resounding No! Support vendors like Mike Nash and Bill Pytlovany who choose ethics over dollars.
Note: Although since updated and better than ever, Scot Finnie named Online Armor 2.1 as the Best Firewall Software of 2008. Online-Armor has been reported as working well on Windows 7 RC.
I encourage Security Garden readers to read for yourself why Mike made the decision to forgo tens of thousands of dollars per month by declining the Ask toolbar. As you are reading Mike's article, pay particular attention to the key points that Mike observed kept getting repeated when considering the toolbar. They are some of the reasons why vendors that bundle the bar are out of favor:
  • Users do not expect a security tool to install unneeded items, even if that security tool is free.
  • Default opt-in is the only way people will install due to inattention, accident or trickery of wording.
  • Default opt-in is wrong.
  • Users place a lot of trust in security vendors. They are trusted to do the right thing. Do not abuse that trust.
  • Is it ethical to ask your users to install a product you would not install and use yourself?
Read for yourself why Online-Armor made it to the top of the recommended list: Ask Toolbar in Online Armor Free? Nearly...


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, May 17, 2009

Another Comodo Controversey

Once again Comodo garners the attention of the security community. The latest issue came to light when Consumer Security MVP Mike Burgess reported that Comodo continues to issue certificates to known Malware.

Although Melih Abdulhayoglu, the President and CEO of Comodo, pointing a finger at Verisign and Godaddy, contends the difference is that the certificate is a DV (Domain Validation) Certificate:
"As far as I am concerned DV certs SHOULD NOT EXIST! Encrypting data for a recipient you have not verified is stupid at best!

Some people claim that DV certs has a place for just encryption for a site that has a pre-established trust, but that only happens if the user types https://www....... and goes to site... if the user types http://www... and then clicks on a link, then there is no trust as you can't trust this site in the first place cos its not validated (its just http).

So the problems that DV certs have caused has ranged from phishing sites to be secured with SSL to malware sites having a DV cert!"
he goes on to explain in a further forum reply:
"Comodo cares for their security, so when somoene gets a DV cert from Comodo, we do try to explain to them it is important that they get a higher validation certificate like OV (Organisation Validation) or EV (Extended Validation). This way at lease we can convert some of the people who whould have bought DV into a validated customers."
So, what does this indicate? According to Melih, DV Certs should not exist. Yet, Comodo still issues them to provide an opportunity to convert customers into other certificates that require validation.

Edit Note: Paragraph Break added for clarification.

I decided to take a look at Comodo's website. Yes, I see, according to the Comodo "Cost Saving & Product Comparisons Calculator", regardless of the product being purchased, it only takes one hour for Comodo to provide validation for an SSL Certificate, compared to 3-7 days for the other vendors. Note also that "Company Legitimacy" is also provided:
Check the other provider/product comparisons on that page and you will find similar results.

Moving forward, Melih has now reported that the certificates relating to the site have been revoked. The discussion topic continues, however, with Comodo supporters questioning why there are not similar complaints about Verisign and Godaddy. As Consumer Security MVP Donna Buenaventura wrote about Comodo in her article, Making a boo boo, Can't beat them, Join them?:
"do you think it's a two-faced security vendor (for offering security service/product and at the same time, certifying a malicious site/service to be noticed/make money)"
The question still remains as to why Comodo has chosen to ignore Mike Burgess' notification of malware being served by a Comodo issued cert to rapid-antivirus2009. com and subsequently reissued a new certificate. As Mike went on to say:
"Comodo is supposed to be one of the good-guys ... and they even describe themselves as "Internet security software products including SSL certificates and Free Firewall Antivirus software among others from Comodo, a leading global trust provider" ... however I have been reporting on them since the WinFixer days and it seems it just falls on deaf ears ... and now that they bundle the Ask Toolbar it really makes you wonder ...?


References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, May 14, 2009

Foxit Reader Goes from Bad to Worse

Several months ago, I reported that people looking to Foxit Reader as a substitute to Adobe Reader had discovered the Ask Toolbar included as a pre-checked, opt-out option.

As illustrated by Paperghost in Why I Flushed Foxit, it appears that by the time the option is presented to accept or decline the Ask toolbar, it has already been installed!

If you are looking for an alternative to Adobe Reader, I suggest one of the open source programs available from http://pdfreaders.org/. In the event you are still using Adobe Reader, be sure to get the latest update.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Google currently falls short

In a carefully documented report, Ben Edelman, a well known and respected security expert, reveals how Google and its partners
  • intercede to divert traffic that would have reached advertisers' sites directly -- without advertisers incurring any advertising expense.
  • pass the traffic back to the advertisers users were trying to reach -- but only after collecting pay-per-click advertising fees.
Also demonstrated is what appears to be conveniently overlooking Google's "Software Principles" requirements for their WhenU and IAC partners.

See how
  • WhenU Covers Advertisers' Sites with Advertisers' Own Google Ads
  • IAC's SmileyCentral Grab Advertisers' Organic Traffic to Show Google Ads
  • Typosquatting: Cmcast.com, MediaLogik, and Thousands More Intercept Users' Misspellings to Show Google Ads
  • Google Chrome Suggestions Divert Users from Direct Navigation to Search
in How Google and Its Partners Inflate Measured Conversion Rates and Inflate Advertisers' Costs.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, May 12, 2009

Critical Update: Adobe Reader and Acrobat

Adobe has released an update to the critical vulnerability in both Adobe Reader 9.1 and Acrobat 9.1 as well as earlier versions. The vulnerability, described below as CVE-2009-1492, would cause the application to crash and could potentially allow an attacker to take control of the affected system.

A second vulnerability, identified as CVE-2009-1493, which affects Adobe Reader for UNIX is also addressed.

It is strongly recommended that the appropriate update be installed as soon as possible!

Adobe Reader Updates:

Windows: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows.

Macintosh: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh.

UNIX: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix.

Acrobat Updates:

Windows:

Macintosh:


CVE-2009-1492:
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
CVE-2009-1493:
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
Reference: APSB09-06 Security Updates available for Adobe Reader and Acrobat




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

May 2009 Microsoft Security Bulletin Release

Microsoft is releasing the following new security bulletin for newly discovered vulnerabilities:

Bulletin ID: MS09-017 -- Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (KP 967340)
This Bulletin is rated Critical with the vulnerability impact identified as Remote Code Execution. The update may require restart.
Affected Software:
Office 2000, Office XP, Office 2003, 2007 Office System, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac, PowerPoint Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Microsoft Works 8.5, Works 9.0.
MS09-017 replaces MS08-051 and addresses the vulnerability disclosed on in the April 2, 2009 Microsoft Security Advisory (969136).

Summaries for the new bulletin may be found at http://www.microsoft.com/technet/security/bulletin/MS09-May.mspx.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, May 11, 2009

Symantec Support Screws Up Again!

This one takes the cake! Symantec support apparently is not familiar with industry products. If they were, the support representative described in this post by WinPatrol developer and Microsoft MVP, Bill Pytlovany, certainly would have recognized WinPatrol on their customer's computer. Still further, the representative would not have charged the customer $99 for uninstalling what is, in my opinion, the best Windows monitoring software program in the industry.

As Bill Pytlovany wrote when he reported the incident in Symantec Support says WinPatrol is a Virus:
"Apparently Symantec is having tough economic times. They’ve even dishonored themselves by partnering with Ask.com to generate additional revenue at the expense of their customers."
Is it any wonder why myself and others consider Symantec unreliable and untrustworthy?

Previous Security Garden Posts on Symantec:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, May 09, 2009

WinPatrol Mother's Day Special

Via Twitter I see that Bill Pytlovany is offering a special Mother's Day Special for the Plus version of WinPatrol:
5/10 Mother's Day Special. Protect Mom's computer with @WinPatrol PLUS & save $10. Use coupon "momrocks". http://bit.ly/wplus
Treat your Mom (or yourself) and have a Happy Mother's Day!

Edit Note: See Mother's Day Special $10 Off Coupon




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, May 07, 2009

Microsoft Advance Notice: Security Bulletin for May 2009

On May 12, 2009, Microsoft is planning to release one new security bulletin, identified as critical. Below is a summary.
Bulletin ID: PowerPoint
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office
According to the MSRC Blog post by Jerry Bryant, Microsoft is also planning to release at least one high priority, non-security update and additional detections to the Microsoft Windows Malicious Software Removal Tool.

References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, May 04, 2009

Windows Security Updates Are For Everyone

Here we go again with sensationalism. Are bloggers so desperate for readers that they need to twist a simple explanation about security updates into headline-grabbing misinformation?

Microsoft has not made changes in policy. Windows security updates are and have been available for everyone, including non-genuine systems. As Paul Cooke recently explained in the Windows Security Blog:
"Not only do all security updates go to all users' systems, but non-genuine Windows systems are able to install service packs, update rollups, and important reliability and application compatibility updates. In addition, the users of non-genuine Windows systems can also upgrade a lot of the other software on their computer. For example Internet Explorer 8 has numerous security-oriented features and improvements, and it is available to all users."
For some reason, articles are being published playing this up as if it were something new for Windows 7 and that Microsoft is ignoring piracy. Providing security updates to all Windows users is not something new for Windows 7 nor does it imply that Microsoft has gone soft on piracy.

Rather than jumping the gun, perhaps reading the rest of the article and noting that Paul also stated that worms such as Blaster (2003) and Sasser (2004) followed publicly available Microsoft security updates. The same is true with Conficker with MS08-067 having been available since October, 2008.

Security updates for non-genuine Windows systems can be obtained as follows:
Windows Vista: use the Windows Update control panel
Windows XP: use Automatic Updates
Note:
Optional updates, available through the Windows Update and Microsoft Update websites, are not available to non-genuine Windows systems.


Reference:
Who Gets Windows Security Updates? - Windows Security Blog - The Windows Blog



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, May 03, 2009

Adobe Reader Vulnerability

The Adobe Product Response Team reported:
"A Security Advisory has been posted in regards to the Adobe Reader vulnerability last mentioned in the Adobe PSIRT blog on April 28 (“Update to Adobe Reader Issue”, CVE-2009-1492). We are in the process of fixing the issue, and expect to make available product updates for the relevant supported Adobe Reader and Acrobat versions and platforms by May 12th, 2009. Adobe plans to make available Windows updates for Adobe Reader versions 9.X, 8.X, and 7.X and Acrobat versions 9.X, 8.X, and 7.X, Macintosh updates for Adobe Reader versions 9.X and 8.X and Acrobat versions 9.X and 8.X, as well as Adobe Reader for Unix versions 9.X and 8.X."
There are a couple of options available, one of which is the work-around provided by Adobe:
1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK
The recommended option, however, is to use an alternate reader. There are a number of open source readers available from http://pdfreaders.org/.

Sidebar:
I discontinued using Foxit PDF Reader some time ago as it now includes the Ask Toolbar and eBay desktop shortcut. It has been reported that there is reduced functionality when those add-ons are not included in the installation of Foxit.

Reference: Adobe Product Security Incident Response Team (PSIRT)




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...