Friday, November 29, 2013

Malwarebytes Pro Limited Time Special Price


Malwarebytes

If you have not yet upgraded to Malwarebytes Anti-Malware Pro or need a special gift for a friend, now is the time to act.  Malwarebytes is having a limited-time sale that is just too good to pass up.

Today through December 2, 2013, a lifetime license of Malwarebytes Anti-Malware Pro is only $14.95 USD for a lifetime license!  That is a 40 percent discount off the regular price of $24.95, which is already a bargain for a lifetime license.

Reminder:  Malwarebytes is an anti-malware software program so you still need an antivirus software. 

Malwarebytes Anti-Malware PRO Features

  • Detects, blocks and quarantines spyware, adware and other threats in true real time
  • Protection from malicious links, harmful websites and malware servers
  • Kills browser hijackers, removes rootkits, prevents botnet attacks
  • On-demand & automatic malware scanning
  • Updates automatically for optimal protection
  • FREE unlimited customer support via email
  • Support for XP Service Pack 2, Vista, Windows 7, and Windows 8 (32-bit and 64-bit)
  • Compatible with leading Antivirus software


 
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Wednesday, November 27, 2013

Happy Thanksgiving


http://morellconsolidated.files.wordpress.com/2011/10/happythanksgiving1.jpg

Warmest wishes to family and friends for a Happy Thanksgiving!

If you are planning on shopping online to take advantage of the Black Friday and Cyber Monday sales, be sure to shop safely.  

The Safety Tips for Online Shopping written a couple of years ago are still applicable.  Be sure to check the "Tips" section for money-saving tips that may result in additional savings when you shop online.
 
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Friday, November 15, 2013

Mozilla Firefox Version 25.0.1 Released



Firefox

Mozilla sent Firefox Version 25.0.1 to the release channel.  Although the Release Notes indicate that the update includes security fixes, the Security Advisories page has yet to be updated.

What’s New

  • FIXED -- 25.0.1: New security fixes can be found here
  • FIXED -- 25.0.1: Pages sometimes wouldn't load without first moving the cursor
The changes made in Version 25.0 can be found here:  Mozilla Firefox 25.0 Released.

Update

To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, November 12, 2013

Adobe Flash Player and AIR Security Update

Adobe Flashplayer

Adobe has released bug and security updates for Adobe Flash Player for Windows, Macintosh and Linux. 
With today's Windows Update, Internet Explorer 10 and 11 in Windows 8 and Windows 8.1 are also updated.  Windows RT must obtain the update from Windows Update.  Google Chrome will be automatically updated.


Release date: November 12, 2013
Vulnerability identifier: APSB13-26
CVE number: CVE-2013-5329, CVE-2013-5330
Platform: All Platforms

Update Information

The newest versions are as follows:
Windows and Macintosh:  11.9.900.152
Linux: 11.2.202.327

Adobe AIR:  3.9.0.1210

Flash Player Update Instructions

Warning:  Although Adobe suggests downloading the update from the Adobe Flash Player Download Center, that link includes a pre-checked option to install Google Drive.

It is recommended that you either use the auto-update mechanism within the product when prompted, or my preference, the direct download links.

Notes:
  • If you use the Adobe Flash Player Download Center, be careful to uncheck any optional downloads that you do not want.  Any pre-checked option is not needed for the Flash Player update.
  • Uncheck any toolbar offered with Adobe products if not wanted.
  • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
  • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
Adobe Flash Player for Android

The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.   

Verify Installation

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

Do this for each browser installed on your computer.

To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

References







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Microsoft Security Updates for November 2013


Microsoft released eight (8) bulletins.  Three of the bulletins are identified as Critical with the remaining five bulletins rated Important.

The updates address vulnerabilities in Internet Explorer and Microsoft Windows.  Please refer to the MSRC Blog post, Authenticity and the November 2013 Security Updates, for additional information about the updates, including the update to EMET and a new policy for CA's (Certificate Authorities).

The update in MS13-090 addresses CVE-2013-3918 which affects an Internet Explorer ActiveX Control which was publicly disclosed.

Critical:
  • MS13-088 -- Cumulative Security Update for Internet Explorer (2888505) 
  • MS13-089 -- Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)  
  • MS13-090 -- Cumulative Security Update of ActiveX Kill Bits (2900986) 
Important: 
  • MS13-091 -- Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)
  • MS13-092 -- Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986) 
  • MS13-094 -- Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514) 
  • MS13-095 -- Vulnerability in Digital Signatures Could Allow Denial of Service (2868626) 

MSRT

Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Two families targeted by the Malicious Software Removal Tool (MSRT) this month are Win32/Napolar and the bitcoin mining family Win32/Deminnix.

Support

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.


The following additional information is provided in the Security Bulletin:

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Sunday, November 10, 2013

Lest We Forget

Whether you call it Veteran's Day, Armistice Day or Remembrance Day, November 11th is a time to put aside politics and pay tribute to all who died for their country.  It is also a perfect time to thank the Veterans in whatever country you live in. 

As in previous years, I am republishing my friend Canuk's last tribute and adding special thanks to my friends "Phantom Phixer" and "Ghost". The comment he posted provides one example of why he was a special person:
"I too "will remember your friends who never had a full life", while thanking you and your comrades who have served with pride, honesty and honour.

Despite anyone's thoughts of the current conflict in Iraq - opposition or agreement, we must always remember that these brave young men and women are fighting for a cause they also may or may not agree with. The huge difference between them and us is that they are putting their lives on the line 24/7 while we sit in our homes in comfort, using the freedom of speech previous warriors won for us, and for that they deserve our love, respect, and support."
LEST WE FORGET




We Shall Keep the Faith by Moira Michael, November 1918
Oh! you who sleep in Flanders Fields, Sleep sweet - to rise anew! We caught the torch you threw And holding high, we keep the Faith With All who died. We cherish, too, the poppy red That grows on fields where valor led; It seems to signal to the skies That blood of heroes never dies, But lends a lustre to the red Of the flower that blooms above the dead In Flanders Fields. And now the Torch and Poppy Red We wear in honor of our dead. Fear not that ye have died for naught; We'll teach the lesson that ye wrought In Flanders Fields. Flags courtesy of3DFlags.com








Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, November 08, 2013

New Microsoft Office Web App Features



OfficeThe Microsoft Office team has been busy adding new features and improvements to the Microsoft Office Web Apps.  Listed below are the changes being made to the Office Web Apps since my April 2013 article, Using Microsoft Office Web Apps

Word App
:
 
A significant improvement is the added ability to find and replace words and phrases.  You will now also be able to apply styles and formatting to tables and insert headers and footers. 
Excel Web App: 
Additions to the Excel Web App include the new ability to drag and drop cells and reorder sheets.   A quick analysis of a range of data in the status bar (including sum, count, and average of a selected range of cells) has been added.  In addition, there is support for more workbook types online. 
PowerPoint Web App:
New picture cropping functionality has been added to the PowerPoint Web App and the name of your files can now be changed not only within the editing window of the PowerPoint Web App but also across the other Office Web Apps.  
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Thursday, November 07, 2013

Security Bulletin Advance Notice for November 2013

Security Bulletin
On Tuesday, November 12, 2013, Microsoft is planning to release eight (8) bulletins.  Three of the bulletins are identified as Critical with the remaining five bulletins rated Important.

The Critical updates address vulnerabilities in Internet Explorer and Microsoft Windows. The Important updates will be directed to issues in Windows and Office and most of the updates will require a restart.

Security Advisory 2896666

The issues in Security Advisory 2896666 will not be included in the scheduled updates.  Although Microsoft has only detected only aware of targeted attacks against Office 2007 on Windows XP, the following additional guidance was provided regarding the affected installations by Dustin Childs in the below-linked MSRC post:

"For Office:
  • Office 2003 and Office 2007 are affected regardless of the installed operating system. Currently, we are only aware of targeted attacks against Office 2007 users.
  • Office 2010 is affected only if installed on Windows XP or Windows Server 2003.  Office 2010 is not affected when installed on Windows Vista or newer systems.
  • Office 2013 is not affected, regardless of OS platform.
For Windows:
  • Supported versions of Windows Vista and Windows Server 2008 ship with the affected component but are not known to be under active attack.
  • Other versions of Windows are not directly impacted. Customers who use these systems are only impacted if they have an affected version of Office or Lync.
For Lync clients:
  • All supported versions of Lync client are affected but are not known to be under active attack."
Users of Windows Vista, Windows Server 2008, Lync or the above-described installations of Office are advised to enable the Fix it solution, available from my post here

Reminder

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014.

As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, November 05, 2013

Microsoft Security Advisory 2896666 with Fix it

Security Advisory
Microsoft released Security Advisory 2896666 which relates to a vulnerability in the Microsoft Graphics component that affects Microsoft Windows Vista and Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync.

Microsoft is aware of targeted attacks primarily in the Middle East and South Asia that attempt to exploit this vulnerability in Microsoft Office products.  

The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images.  The vulnerability is exploited either through previewing or opening a specially crafted email message or file.  It is also exploited by browsing similarly web content.  The attacker could gain the same user rights as the current user.

Recommendations

Microsoft has made available a Fix it solution which will disable the TIFF codec. Below are the links to both enable and disable the Fix it solution. 
 
Enable Fix itDisable Fix it


Another option is to install the Enhanced Mitigation Experience Toolkit (EMET), described in the "workarounds" section of the Tech Net Advisory.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...