Wednesday, January 29, 2014

Malwarebytes Anti-Malware 2.00 Public Beta


Malwarebytes Malwarebytes Anti-Malware (MBAM) has long been a favorite, not only of mine but also by members of the security community.  In fact, one look at the names included in the Staff list is certainly evidence of that support with names long associated with security experts and developers of early tools. 

For that reason, when I had the opportunity to test-drive the early (non-public) beta, I didn't hesitate.  Although MBAM has yet to detect any malware or PUPs (Potentially Unwanted Programs) on my computer, I credit that to the real-time protection incorporated in the PRO version which dynamically blocks malware sites and servers and includes malware execution prevention.

What's New

But, enough of the reasons why I like Malwarebytes and on to the announcement about the public beta available for Malwarebytes Anti-Malware 2.0.  Following are some of the changes incorporated in the redesigned version:
  • Redesigned user interface
  • Built in and improved the Anti-Rootkit and Chameleon self-protection technologies
  • Rewritten Malicious Website Blocking
  • Improved native x64 support
  • Detection and removal engine was significantly improved under the hood

Malwarebytes Anti-Malware PRO License Change

At launch, Malwarebytes will be moving to a subscription licensing model of $24.95 per year for Malwarebytes Anti-Malware PRO.  Unlike the current license terms, the license will be valid for three computers. 
Marcin explained the reason for this change as the cost of doing business due to the popularity of the program:
"As more and more people have come to rely on us for malware protection and cleanup, our costs in bandwidth, hosting fees, infrastructure, salaries of our researchers, QA department, and more have grown immensely. Though our company is about more than just making money, we are a company and we do have to make money to pay our staff to continue doing what they love, which is fighting malware. The subscription model will help us to be sustainable for the future while staying true to our roots that we will always make malware cleanup free for everyone."
Note:  Lifetime licenses for version 1.x will continue to be honored with that license converted to a lifetime license for version 2.x. In addition, Malwarebytes will also be offering a few thousand more lifetime licenses during launch.

Reminders

1. Beta Software:  As "SpyDie", a long time friend has always said:
Beta. Software undergoes beta testing shortly before it's released. Beta is Latin for 'still doesn't work.'
Thus, although I have personally not had any problems with Malwarebytes Anti-Malware 2.0 beta, it is important to remember that beta software should not be run on production machines.

2.  Prior to installing the 2.0 beta, uninstall Malwarebytes Anti-Malware 1.75, including a shutdown/restart.

3. Testing the beta requires the use of a temporary license key.  If you have a Malwarebytes Anti-Malware PRO license, be sure to make a note of the license key so that you can add it when the final version is released.

The download link and temporary license are available from the reference below.

References:

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, January 28, 2014

Data Privacy Day #DPD14

Data Privacy Day


Although January 28 is the date officially set aside annually as Data Privacy Day, privacy needs to be an every day concern.

The official Data Privacy Day theme is: Respecting Privacy, Safeguarding Data and Enabling Trust.

Following is an update of information I have provided previously on protecting your data privacy, with additional references included.  Take a closer look at why we would want to safeguard our data and steps we can all take for keeping our data safe.

Data

What information do you store on your computer?

Home computers have rapidly become the storage place not only for personal correspondence but also for financial data, including bank records and government tax return forms.  This information in the wrong hands can, and does, result in identity theft

What information do you share on social network sites?


Facebook is one of the largest social network sites where people connect with not only friends and family but also acquaintances.  These acquaintances may be people they "met" at other sites, forums or through friends and family.  However, they are only known virtually.

Not only is the information you share on sites like Facebook data, so is your home town, where you went to school, when you graduated, your birth date, address and telephone number as well as names and birth dates of family members.  If this information is public, it is the very information that identity thieves can use.

What about your smart phone?

Do you check in at every location as you go about your daily travels and share it on Twitter or Facebook?  Do you announce and document business or family trips?

Is your browser tracking your activities?

Check the settings in your browser of choice.


Information stored on your computer or shared on social networking sites includes data that needs to be safeguarded to protect your privacy.

Safeguarding Data

The message about having an up-to-date antivirus software and firewall has been well received by home computer users.  When helping with malware removal, it is has been a very long time since I have seen a computer without antivirus software and a firewall.  Computer users are also getting much more conscientious about installing security updates and keeping third-party software updated.

This is all good news, but malware writers are very clever and manage to find a way to infect computers.  In addition to the standard antivirus, firewall, updating what else can you do to safeguard your data?

In addition to keeping your computer and software programs updated, following are a some general suggestions for protecting the data on your computer:
  1. Protect your wireless router with a strong password.
  2. Don't open e-mail, instant message or Facebook attachments you are not expecting.
  3. Do not click anywhere on a pop-up or warning from a program you did not install.  Use the keyboard shortcut Alt + F4 to close the window.
  4. Pay close attention when installing software.  Do not blindly click through the screens or you may end up with more than you expected.
  5. Whenever possible, only download software programs from the vendor site.  Keep in mind that free is not always free.
  6. Always scan any file you download from the Internet.
  7. Have a back-up plan in place, particularly for documents, pictures and other files that cannot be replaced. 
  8. Use a complex password, not a "dictionary word" or family name.
What about safeguarding the data you share on social networking sites like Facebook?  

Facebook makes it easy to connect and share information with friends and family.  However, it is critical to ensure that you are not openly sharing personal information that could make you a target of identity theft.

See this excellent guide by Sophos, Facebook Security Best Practice, which not only covers information and setting recommendations but also explains the reasoning for the recommendations. 

Another resource that is helpful for Facebook users is Facecrooks, a source for not only privacy information but also the latest hoaxes that regularly circulate on Facebook.

A few easy steps will keep both the data on your computer as well as the information you share both secure and private.

Resources




Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Friday, January 24, 2014

WinPatrol™2014, v30.0


WinPatrol Scotty

The awaited release of WinPatrol 2014 is now available!

Although Bill Pytlovany is referring to the latest release as a "Preview", it is not a beta release.  Rather, WinPatrol 2014 a preview of what is in the future for WinPatrol users in 2014.

Light on Resources

One change made in WinPatrol 2014 is to ensure that WinPatrol does not unnecessarily use CPU cycles.  This was effected by storing common system checks in WinPatrol local memory and updated only if needed.  This change will be most noticeable on older computers with limited memory.

Options

If, like me, you always want WinPatrol to start with Windows, don't worry, that feature hasn't been removed.  Rather, the wording has been altered so now on the Options tab you'll see "Always monitor at peak startup performance". In the event you do not want WinPatrol to launch at start up, just untick that box.

More

Bill outlines the other changes included in WinPatrol 2014 along with plans for future releases here or don't wait, just Download WinPatrol 30.0.2014 now!

WinPatrol runs on Windows XP, Vista, Windows 7 and Windows 8 including x64 versions.



Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, January 14, 2014

Oracle Java Critical Security Update

java


Oracle released the scheduled critical security updates for its Java SE Runtime Environment software.

This is a Critical Patch Update that contains 36 fixes for Java, 34 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in the Java Release Highlights, referenced below. 

If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

For those people who have desktop applications that require Java and cannot uninstall it, Java can now be disabled in Internet Explorer.  See Microsoft Fix it to Disable Java in Internet Explorer.

Java Security Recommendations

1)  In the Java Control Panel, at minimum, set the security to high.
2)  Keep Java disabled until needed.  Uncheck the box "Enable Java content in the browser" in the Java Control Panel.

Java ControlPanel
(Image via Sophos Naked Security Blog)

3)  If you use Firefox, install NoScript and only allow Java on those sites where it is required.

Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml

Download Information

Download link:  Java Version 7 Update 51

Verify your version:  http://www.java.com/en/download/testjava.jsp

Notes:
  • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
  • Starting with Java SE 7 Update 21 in April 2013, all Java Applets and Web Start Applications should be signed with a trusted certificate.  It is not recommended to run untrusted/unsigned Certificates.  See How to protect your computer against dangerous Java Applets

Critical Patch Updates

For Oracle Java SE Critical Patch Updates, the next scheduled dates are as follows:
  • 15 April 2014
  • 15 July 2014
  • 14 October 2014

References





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft Security Bulletins for January 2014


Microsoft released four (4) bulletins.  The bulletins are identified as Important.

The security updates address six (6) vulnerabilities in Microsoft Windows, Office, and Dynamics AX.

Note that the update provided in MS14-002 fully addresses the issue first described in Security Advisory 2914486, which only affects Windows XP and Server 2003.  Microsoft has only seen this issue used in conjunction with a PDF exploit in targeted attacks and not on its own.

Important: 
  • MS14-001 -- Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
  • MS14-002 -- Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368)
  • MS14-003 -- Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602)
  • MS14-004 -- Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826) 

February Security Advisory Implementation

As described in Security Advisory 2862973, usage of the MD5 hash algorithm in certificates will be restricted. This restriction is limited to certificates issued under roots in the Microsoft root certificate program. Usage of MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Prerequisite:  KB 2862966
Known Issues:  KB 286973

MSRT

Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Windows XP End of Support

Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Countdown Begins: Support for Windows XP Ends on April 8, 2014.

Also note that after April 8, 2014, technical assistance for Windows XP will no longer be available.  This includes automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download.  Note, however, that definitions will be available until July 15, 2015.  See Microsoft antimalware support for Windows XP.


The following additional information is provided in the Security Bulletin:

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Critial Adobe Flash Player Update

Adobe Flashplayer

Adobe has released security updates for Adobe Flash Player 11.9.900.170 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.332 and earlier versions for Linux.

These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Numerous bug fixes are also included in the update.
With today's Windows Update, Internet Explorer 10 and 11 in Windows 8 and Windows 8.1 are also updated.  Windows RT must obtain the update from Windows Update.  Google Chrome will be automatically updated.


Release date: January 14, 2014
Vulnerability identifier: APSB14-02

CVE number: CVE-2014-0491, CVE-2014-0492
Platform: All Platforms

Update Information

The newest versions are as follows:
Windows and Macintosh:  12.0.0.38
Linux: 11.2.202.335

Adobe AIR:  4.0

Flash Player Update Instructions

Warning:  Although Adobe suggests downloading the update from the Adobe Flash Player Download Center, that link includes a pre-checked option to install unnecessary extras, such as McAfee Scan Plus or Google Drive.  If you use the download center, uncheck any unnecessary extras.

It is recommended that you either use the auto-update mechanism within the product when prompted, or my preference, the direct download links.

Notes:
  • If you use the Adobe Flash Player Download Center, be careful to uncheck any optional downloads that you do not want.  Any pre-checked option is not needed for the Flash Player update.
  • Uncheck any toolbar offered with Adobe products if not wanted.
  • If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.
  • The separate 32-bit and 64-bit uninstallers have been replaced with a single uninstaller.
Adobe Flash Player for Android

The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.   

Verify Installation

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

Do this for each browser installed on your computer.

To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

References







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Adobe Reader Critical Security Update

Adobe
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh.  These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Security hardening and expanded sandbox support occurs with each release. Other changes include:
  • Update blacklisted file extensions in HKLM’s FeatureLockDown\cDefaultLaunchAttachmentPerms\tBuiltInPermList.
  • More support for Enhanced Protected Mode in Internet Explorer (not fully supported yet).

Release date: October 14, 2013
Vulnerability identifier: APSB14-01
CVE numbers: CVE-2014-0493, CVE-2014-0495, CVE-2014-0496
Platform: Windows and Macintosh

Update or Complete Download

Update checks can be manually activated by choosing Help > Check for Updates.
    Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

    Additionally note that Adobe Air has been updated to version 4.0 and is available here.

    Enable "Protected View"

    Due to frequent vulnerabilities, it is recommended that Windows users of Adobe Reader and Acrobat ensure that Protected View is enabled.  Neither the Protected Mode or Protected View option is available for Macintosh users.

    To enable this setting, do the following:
    • Click Edit > Preferences > Security (Enhanced) menu. 
    • Change the "Off" setting to "All Files".
    • Ensure the "Enable Enhanced Security" box is checked. 

    Adobe Protected View
    Image via Sophos Naked Security Blog
    If you are looking for a replacement for Adobe Reader, consider Replacing Adobe Reader with Sumatra PDF.

    References




    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    Thursday, January 09, 2014

    Security Bulletin Advance Notice for January 2014

    Security Bulletin
    On Tuesday, January 14, 2014, Microsoft is planning to release four (4) bulletins.  Each of the four bulletins are identified as Important.

    The updates will be directed to vulnerabilities in Microsoft Windows, Office, and Dynamics AX.

    Additionally note that the update provided in MS14-002 fully addresses the issue first described in Security Advisory 2914486, which only affects Windows XP and Server 2003.  Microsoft has only seen this issue used in conjunction with a PDF exploit in targeted attacks and not on its own.

    Reminder

    Users of Windows XP are reminded that support ends for Windows XP on April 8, 2014.  See Tim Rains article, The Risk of Running Windows XP After Support Ends April 2014. Note also that Microsoft Security Essentials will no longer be available for download for Windows XP.

    As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    Wednesday, January 01, 2014

    Microsoft MVP and New Year Reflections

    Microsoft Most Valuable Professional



    It seems that New Year's Eve is the time when most people reflect on the previous year; the good, the bad, short-comings and high points.  For me, the reflection begins after receiving this e-mail from Microsoft:
    "Dear Corrine Chorney,

    Congratulations! We are pleased to present you with the 2014 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Consumer Security technical communities during the past year."
    The process of reflection led me to my thoughts at the start of 2013.  I was profoundly affected by an event that occurred in a nearby community, the Christmas Eve shooting of four volunteer firefighters, resulting in the death of Mike (Chip) Chiapperini and Tomasz Kaczowka and Theodore Scardino and Joseph Hofstetter being seriously injured.

    How was I to know that a mere nine months later, members of my own community firefighters would respond to my panic 911 call and miraculously bring my husband back to life?   (Group 3 responded last night... - Ridge Culver Professional Firefighters Association, Local 4176)

    So, as I celebrate the New Year and having again been awarded Microsoft MVP, I am extremely grateful that I live in a community of dedicated heroes.

    Wishing the very best that 2014 has to offer to family and friends -- both real-life friends as well as the many close "virtual" friends from around the globe.  

    From The Microsoft MVP Award Program Blog, Congratulations New and Renewed MVPs! - Happy New Year:
    "Today, 1,011 exemplary community leaders around the world were notified that they have received the MVP Award! These individuals were chosen because they have demonstrated their deep commitment to helping others make the most of their technology, voluntarily sharing their passion and real-world knowledge of Microsoft products with the community.
    While there are more than 100 million social and technical community members, only a small portion are selected to be recognized as MVPs. Each year, around 4,000 MVPs are honored. They are nominated by Microsoft, other community individuals, or in some cases themselves. Candidates are rigorously evaluated for their technical expertise, community leadership, and voluntary community contributions for the previous year. They come from more than 90 countries, speak over 40 different languages, and are awarded in more than 90 Microsoft technologies. Together, they answer more than 10 million questions a year!"

    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...