I'll be away for a bit visiting family.
See you soon!
Friday, July 27, 2007
Wednesday, July 25, 2007
Windows Vista Won't Silence Scotty's Bark
I don't know what you do during your lunch break. What I like to do is catch up on my reading. Catching up today just led me to Bill Pytlovany's blog post, Bits from Bill: Vista Won't Silence Scotty's Bark.
Regular Security Garden readers (as well as folks I have helped on the forums) know that I am a long-time fan of WinPatrol. It was the first software I installed on my new Windows Vista machine.
Although WinPatrol works just fine on Windows Vista without Scotty's bark, I admit that I have missed hearing Scotty when launching WinPatrol to formulate a forum response to a user's question or to check settings on my own machine. So I will add my thanks to Larry Osterman for his assistance.
I will be on vacation next week when the new version of WinPatrol with Scotty's bark is expected. However, I will look forward to the update when I return as well as finding out what other surprises Bill has in store.
Regular Security Garden readers (as well as folks I have helped on the forums) know that I am a long-time fan of WinPatrol. It was the first software I installed on my new Windows Vista machine.
Although WinPatrol works just fine on Windows Vista without Scotty's bark, I admit that I have missed hearing Scotty when launching WinPatrol to formulate a forum response to a user's question or to check settings on my own machine. So I will add my thanks to Larry Osterman for his assistance.
I will be on vacation next week when the new version of WinPatrol with Scotty's bark is expected. However, I will look forward to the update when I return as well as finding out what other surprises Bill has in store.
Tuesday, July 24, 2007
Major Counterfeit Software Bust
Updated 25July2007 -- Link to Windows Genuine Advantage Blog article with samples of counterfeit Windows Vista DVDs: Biggest Counterfeit Bust ... ever. The included photographic sample illustrate why it is so easy to fool people with the counterfeit.
As reported by the FBI:
As much as I protested WGA (Windows Genuine Advantage) being added to Windows XP, I have no objections to it being included as a part of Windows Vista. My reasoning? WGA was not part of XP when the license was purchased and the initial software caused many headaches. However, with a brand new operating system in Windows Vista, it is known that WGA is included from the start.
Complete report at Federal Bureau of Investigation.
Via Todd Bishop's Microsoft Blog
As reported by the FBI:
"For Immediate Release
DATE: July 23, 2007
INTERNATIONAL INVESTIGATION CONDUCTED JOINTLY BY FBI AND LAW ENFORCEMENT AUTHORITIES IN PEOPLE’S REPUBLIC OF CHINA RESULTS IN MULTIPLE ARRESTS IN CHINA AND SEIZURES OF COUNTERFEIT MICROSOFT AND SYMANTEC SOFTWARE
A joint investigation conducted by the FBI and authorities with the People’s Republic of China’s (PRC) Ministry of Public Security (MPS) has resulted in multiple arrests and the seizure of more than a half billion dollars worth of counterfeit software, announced J. Stephen Tidwell, Assistant Director in Charge of the FBI in Los Angeles, and Steven Hendershot, the FBI’s Legal Attache in Beijing, China.
The operation, codenamed “Summer Solstice,” began in 2005 and since then, law enforcement in both countries have worked closely by sharing information to jointly investigate multinational conspiracies by groups who manufacture and distribute counterfeit software products around the world. This unprecedented cooperative effort led to the arrest of twenty five individuals, the search of multiple businesses and residential locations, asset seizures by the Chinese government worth over $7 million, and the seizure of over 290,000 counterfeit software CDs and COAs (certificates of authenticity) in China. The counterfeit software has an estimated retail value of $500 million. In addition, Agents with the FBI’s Los Angeles Field Office executed 24 searches and asset seizure warrants, yielding approximately $2 million in counterfeit software products, in addition to assets seized by the U.S. government worth over $700,000.
Operation Summer Solstice encompasses multiple investigations currently being conducted by the FBI in Los Angeles and the MPS, Economic Crime Investigation Department (ECID), in which criminal organizations responsible for manufacturing and distributing counterfeit software have been identified in both Shanghai and Shenzhen; as were distributors located in the United States.
As much as I protested WGA (Windows Genuine Advantage) being added to Windows XP, I have no objections to it being included as a part of Windows Vista. My reasoning? WGA was not part of XP when the license was purchased and the initial software caused many headaches. However, with a brand new operating system in Windows Vista, it is known that WGA is included from the start.
Complete report at Federal Bureau of Investigation.
Via Todd Bishop's Microsoft Blog
Monday, July 23, 2007
Microsoft Announces Enhanced Privacy Protections for Customers
Microsoft Announced an enhanced set of privacy principles for Live Search and online advertising data collection, use and protection. Microsoft's intention is to
There will be specific policies around search query data and Microsoft will be explicit with customers about how long the company retains search terms in an identifiable way as well as informing people when and how to “anonymize” such data.
Following Google and others, Microsoft will make all Live Search query data anonymous after 18 months, unless the company receives user consent for a longer time period. According to the announcement, the policy will be both retroactive and worldwide. It will include removal of cookies and IP Address connected with search terms.
Another important feature change is the storage of store Live Search service search terms separately from account information. With so many "Live" features requiring a Hotmail/Live email address, it is reassuring the personal data associated with that account will not be tied to other services.
See the Press Announcement for complete information.
"implement new privacy features and practices as it continues to develop its online services and offer new controls that help users manage the types of communications they receive from Microsoft."I selected some of the key features from the announcement that caught my attention. For example, later this year, Microsoft plans to offer advertising services to third-party Web sites. Under the enhanced privacy, customers will have the ability to opt out of the behavioral ad targeting by Microsoft’s network-advertising service on those Web sites.
There will be specific policies around search query data and Microsoft will be explicit with customers about how long the company retains search terms in an identifiable way as well as informing people when and how to “anonymize” such data.
Following Google and others, Microsoft will make all Live Search query data anonymous after 18 months, unless the company receives user consent for a longer time period. According to the announcement, the policy will be both retroactive and worldwide. It will include removal of cookies and IP Address connected with search terms.
Another important feature change is the storage of store Live Search service search terms separately from account information. With so many "Live" features requiring a Hotmail/Live email address, it is reassuring the personal data associated with that account will not be tied to other services.
See the Press Announcement for complete information.
Lavasoft Replaces CEO Ann-Christine Åkerlund
Although I thought that I had removed my name from the Lavasoft mail lists over a year ago, it seems that it didn't take. Perhaps the change announced below that I discovered in the email just received will help bring an end to some of the troubles Lavasoft has encountered the past few years.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
News ReleaseFor Immediate Release:
Lavasoft Welcomes New Chief Executive Officer
Gothenburg, Sweden (July 23, 2007)
Lavasoft AB today announced Jason King has been named as the company’s new Chief Executive Officer.
Ann-Christine Åkerlund, current Chief Executive Officer of Lavasoft, is retiring from her position at the company. Ms. Åkerlund will remain a silent partner in the privately owned Lavasoft AB.
After six years of building the Ad-Aware brand, which now boasts over 250 million downloads worldwide, and company itself, which has grown to include 4,000 partners in 120 different countries, Ms. Åkerlund will be passing on the torch to a member of the company’s senior management team.
Mr. King, currently Lavasoft’s Director of Worldwide Sales, will assume full management responsibility for the company effective August 6, 2007.
“Jason King brings strong execution skills and an excellent track record at the company. I am confident that Jason will continue to uphold the Lavasoft mission and vision, and will lead the company to the next level,” said Ms. Åkerlund.
With the recent release of its new anti-spyware software version, Ad-Aware 2007, important opportunities lie ahead as Lavasoft develops the high-quality solutions that are needed to combat the changing threat landscape in today’s cyber world. Mr. King will focus on continuing Lavasoft’s leadership in the computer security industry.
“Lavasoft is known for its high standards of security products which protect the privacy and security of our customers. I look forward to building on the success of the company, as our products continue to grow and expand to take on today’s security challenges,” Mr. King said.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Sunday, July 22, 2007
Remember When?
With so many links in my RSS Feed, I find that there are many sites I do not personally visit but rather read from the feed. In catching up with some reading today, rather than viewing in the reader a lengthy post on "Types of Vulnerabilities and Their Impacts" at Gonzo's Garage, I went directly to the blog. From there, I decided to take a closer look around his site than I have had time for lately. I ended up on the Remember When? page. What a perfect lead-in for this post!
Do you remember a time when if someone said they had a virus, there was no connection to computer? Although VirusList sites an earlier time in their History of Malware, the general consensus is that the first computer virus was Elk Cloner. As reported by The Register:
By the way, do take the time to head over to Gonzo's Garage - Computers and One-Liners: Types of Vulnerabilities and Their Impacts. It is an excellent report.
Do you remember a time when if someone said they had a virus, there was no connection to computer? Although VirusList sites an earlier time in their History of Malware, the general consensus is that the first computer virus was Elk Cloner. As reported by The Register:
I haven't checked the various hoax sites to see if all (or any) of the quotations below from Really Dumb Quotes are authentic, so I would suggest taking them with a "grain of salt". However, when considered in conjunction with the "Remember When?" page from Gonzo's Garage and the first computer virus, the quotes fall into place. Enjoy!"Elk Cloner, which spread between Apple II computers via infected floppy disks, has the dubious distinction of the first computer virus1 to spread in the wild. The malware is thought to be the work of Rich Skrenta, a 15-year-old high school student from Pittsburgh, who released it in July 1982.
The payload of Elk Cloner was largely benign, harking back to an earlier more innocent age before today's generation of Trojans that turn compromised PCs into clients on zombie networks controlled for profit-motivated cybercrooks. Elk Cloner's payload was merely a verse or two of poetry. Mostly harmless. Although the malware did set the theme for a stream of annoying pieces of malware which popped up on the screens of Apple II, BBC Micro and, later, early PC users' screens."
"I think there is a world market for maybe five computers."
Thomas Watson, chairman of IBM, 1943
"Computers in the future may weigh no more than 1.5 tons."
"But what ... is it good for?"Popular Mechanics, forecasting the relentless march of science, 1949
Engineer at the Advanced Computing Systems Division of IBM, 1968, commenting on the microchip.
"There is no reason anyone would want a computer in their home."
Ken Olson, president, chairman and founder of Digital Equipment Corp., 1977
"Who in their right mind would ever need more than 640k of ram!?"
Bill Gates, 1981
"So we went to Atari and said, 'Hey, we've got this amazing thing, even built with some of your parts, and what do you think about funding us? Or we'll give it to you. We just want to do it. Pay our salary, we'll come work for you.' And they said, 'No.' So then we went to Hewlett-Packard, and they said, 'Hey, we don't need you. You haven't got through college yet.'"
Apple Computer Inc. founder Steve Jobs on attempts to get Atari and H-P interested in his and Steve Wozniak's personal computer.
By the way, do take the time to head over to Gonzo's Garage - Computers and One-Liners: Types of Vulnerabilities and Their Impacts. It is an excellent report.
Friday, July 20, 2007
Windows Vista Service Pack 1 Update
Although the Beta release of Service Pack 1 (SP1) for Windows Vista had been Predicted for Mid-July, Josh Phillips reported at Windows Connected* that Microsoft has asked us to inform everyone the following:
*As a member of the Windows Connected Team, you can find the mirror to my Windows Vista Bookmarks at Connected to Vista Bookmarks
Another member of the blogging community claims he also received a message to pass along to the community. Read all about the lol sp1, "IM IN UR CHEEZEBURGER APDATING UR FLAVOURS."
“There will be a Windows Vista service pack and our current expectation is that a beta will be made available sometime this year. Service packs are part of the traditional software lifecycle — they’re something we do for all Microsoft products as part of our commitment to continuous improvement, and providing early test builds is a standard practice that helps us incorporate customer feedback and improve the overall quality of the product.
Service packs are just one example of the work we do to constantly improve the Windows experience. We also deliver improvements to Windows via Windows Update, which is an excellent channel for providing our customers with the most significant updates as they happen. And, since Windows Vista launched, we have continued working with partners to improve overall device coverage and application compatibility. There are now more than 2.1 million supported devices and more than 2,000 logoed applications for Windows Vista. We think customers will have a great experience using Windows Vista today.”
*As a member of the Windows Connected Team, you can find the mirror to my Windows Vista Bookmarks at Connected to Vista Bookmarks
Another member of the blogging community claims he also received a message to pass along to the community. Read all about the lol sp1, "IM IN UR CHEEZEBURGER APDATING UR FLAVOURS."
Aodhan Cullen, StatCounter, #1 Young Entrepreneur
The votes were cast, the ballots counted and Business Week has announced Aodhan Cullen, creator of StatCounter the winner of the most promising young entrepreneur in Europe.
Website owners and bloggers are very familiar with the information available in StatCounter. For the benefit of anyone who has not heard of it, StatCounter is an online service that provides website analytics such as the number of hits on the site, geographical location of visitors, pages viewed, keywords used to find the site, as well as statistical information on visitors' computer, such as browser, resolution and operating system.
As a blogger who has been using StatCounter for a while now, and also cast a vote for StatCounter, I add my congratulations to Aodhan Cullen on this outstanding recognition of his accomplishments.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Trackback
Website owners and bloggers are very familiar with the information available in StatCounter. For the benefit of anyone who has not heard of it, StatCounter is an online service that provides website analytics such as the number of hits on the site, geographical location of visitors, pages viewed, keywords used to find the site, as well as statistical information on visitors' computer, such as browser, resolution and operating system.As a blogger who has been using StatCounter for a while now, and also cast a vote for StatCounter, I add my congratulations to Aodhan Cullen on this outstanding recognition of his accomplishments.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Trackback
Thursday, July 19, 2007
Opera Browser Update 9.22
Following the Mozilla Firefox browser update yesterday, Opera has released an update due to a vulnerability in BitTorrent header parsing which can be exploited by malicious people to compromise a user's system. The vulnerability description from Secunia:
Update to Opera 9.x.
"The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced. This can be exploited to execute arbitrary code, when the user is tricked into clicking on a specially crafted BitTorrent file and then removes it via a right-click from the download pane."
Update to Opera 9.x.
Wednesday, July 18, 2007
Firefox 2.0.0.5 Update -- Fast Work on Reported Exploit!
Last week, a highly critical risk was reported, with proof of concept, involving registering a "firefoxurl://" URI (uniform resource identifier) handler on a computer with both IE and Firefox 2.0 (or later). This was described by Mozillazine as follows:
Note: By default, Firefox automatically checks for updates. If you have changed that setting, go to Menu > Help > Check for updates.
Included in Firefox 2.0.0.5:
References:
"When installed on Windows, Firefox registers a URL protocol handler to handle firefoxurl:// URLs (this works much like a http:// or ftp:// URL protocol handler). If an IE user visits a webpage that tries to call a firefoxurl:// URL (for example, using an iframe), IE will launch Firefox with no further prompting, passing it the URL. Neither IE nor Firefox escape or sanitise the URL, which allows an attacker to inject additional parameters into the command line used to invoke Firefox. Used in combination with the -chrome parameter, the attacker can make Firefox execute dangerous JavaScript code."If you read the above-referenced Mozillazine article, note the finger pointing as to whether the problem is caused by IE for passing untrusted data to another application or by Firefox for not validating input properly. Regardless of where the problem resides, Mozilla reacted quickly and included the fix in Firefox 2.0.0.5.
Note: By default, Firefox automatically checks for updates. If you have changed that setting, go to Menu > Help > Check for updates.
Included in Firefox 2.0.0.5:
- MFSA 2007-25 XPCNativeWrapper pollution
- MFSA 2007-24 Unauthorized access to wyciwyg:// documents
- MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
- MFSA 2007-22 File type confusion due to %00 in name
- MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
- MFSA 2007-20 Frame spoofing while window is loading
- MFSA 2007-19 XSS using addEventListener and setTimeout
- MFSA 2007-18 Crashes with evidence of memory corruption
References:
Sunday, July 15, 2007
Windows Vista Drivers
A major complaint by Windows Vista users, and an issue that may be keeping many people from upgrading to Windows Vista, is the slow response by vendors to release or update drivers for Windows Vista.
To that end, Ed Bott is doing his part to help Windows Vista users keep track of download locations for Windows Vista-compatible drivers for common hardware types in a single location. The rules Ed will be following for inclusion in the list are as follows:
References:
To that end, Ed Bott is doing his part to help Windows Vista users keep track of download locations for Windows Vista-compatible drivers for common hardware types in a single location. The rules Ed will be following for inclusion in the list are as follows:
Have no doubts, the link to The Vista Master Driver List has been added to Drivers, Hardware and Software in Windows Vista Bookmarks."1. Only primary download locations (official sites run by hardware maker) are allowed. I don’t trust or recommend third-party sites that allow direct downloads of drivers.
2. Whenever possible, I’m linking to the information page or the search page rather than the driver file itself. Linking to the file runs the risk that you’ll grab the wrong driver, miss an update or a readme file, or bypass other important information that might be on the info page."
References:
- Drivers, Hardware and Software (Windows Vista Bookmarks)
- Vista drivers (Ed Bott's Window Expertise)
- (The) Vista Master Driver List (Ed Bott)
Friday, July 13, 2007
About: The Microsoft MVP Program
Have you ever wondered what the Microsoft MVP (Most Valuable Professional) Program is about? Channel 9 is presenting a series on The Voice of Support. The 12th podcast in this series is a four-part look at The MVP Program In-Depth:
Reference: MVP Support
28Jun07 -- Updated to add second podcast.
12Jul07 -- Updated to add third podcast.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
"The next 4 podcasts will focus on the ins and outs of the MVP program. Microsoft Most Valuable Professionals (MVPs) are exceptional technical community leaders from around the world who are awarded for voluntarily sharing their high quality, real world expertise in offline and online technical communities."Tune in to the podcasts:
- The Voice of Support - Show 12: The MVP Program In-Depth (Part 1 of 4).
Ed Hickey and Brian Boston, who are both MVP leads @ Microsoft, give an overview of the program.
- The Voice of Support - Show 13: The MVP Program In-Depth (Part 2 of 4)
April Spence and Ben Miller, MVP leads @ Microsoft, talk about where MVPs can be found and the MVP site. - The Voice of Support - Show 14: The MVP Program In-Depth (Part 3 of 4)
April Spence and Mike Fosmire, MVP leads @ Microsoft, provide some details on what the "MVP awards" are all about - and what kinds of events do Microsoft organizes for the program.
Reference: MVP Support
28Jun07 -- Updated to add second podcast.
12Jul07 -- Updated to add third podcast.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Thursday, July 12, 2007
Adobe Flash and Quick Time Updates
Critical vulnerabilities have been identified in both Adobe Flash Player and Apple Quick Time. Please follow the links below to update your computer. Not sure if affected versions are on your computer? Use the Secunia Software Inspector to check if your system is missing security updates or have insecure applications installed. The Software Inspector:
- Detects insecure versions of applications installed
- Verifies that all Microsoft patches are applied
- Assists you in updating your system and applications
- Runs through your browser. No installation or download is required.
Adobe Flash Player
Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.
Adobe Flash Player 9.0.45.0 and earlier, 8.0.34.0 and earlier, and 7.0.69.0 and earlier.
Reference: Adobe Security BulletinApple Quick Time
Secunia describes the updates as vulnerabilities reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. QuickTime 7.2 addresses critical security issues and includes support for full screen viewing in QuickTime Player, updates to the H.264 codec and fixes numerous bugs.
The release is recommended for all QuickTime 7 users.
References:
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Wednesday, July 11, 2007
Tuesday, July 10, 2007
Happy 2nd Birthday, LandzDown Forum
Click the image above to join us in the celebration!
(Registration required to post.)
(Registration required to post.)
Microsoft security updates for July 2007
Microsoft released the following security updates today:
Critical:
References:
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Critical:
- MS07-036: This security update resolves three vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file.
- MS07-039: This security update resolves two vulnerabilities in implementations of Active Directory on Windows 2000 Server and Windows 2003 Server that could allow remote code execution.
- MS07-040: This security update resolves two vulnerabilities that could allow remote code execution and one information disclosure vulnerability on client systems with .NET Framework installed.
Important:
- MS07-037: This security update resolves a vulnerability that could allow remote code execution if a user viewed a specially crafted Microsoft Office Publisher 2007 file.
- MS07-041: This security update resolves a vulnerability which could allow remote code execution if an attacker sent specially crafted URL requests to a Web page hosted by Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2.
Moderate:
- MS07-038: This security update resolves a vulnerability that could allow an attacker could to gather system-specific information about the affected host.
The following security bulletin was re-released:
- MS06-078 has been updated to support the release of Windows Server 2003 SP2 (KB 923689 and KB 925398)
How to get the updates
To get the Windows updates and Microsoft Office updates for your home computer or laptop go to the Microsoft Update Web site now.
If you are using Windows Vista you can manage your updates through the control panel. For more information, see Windows Vista: How to update your operating system.
To manually download available updates, go to Microsoft Update or in Windows Vista go to your control panel. After your computer has been scanned to see which updates it needs, click the Custom button to find and choose the update you want to install. We recommend you install all High-Priority Security and Critical updates immediately.
We recommend that you get the updates delivered automatically to your PC. When your computer is on and connected to the Internet, the most current security updates are automatically downloaded and installed. To learn how to turn on automatic updating for your particular operating system, see Update your computer automatically.
References:
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Fiascos Continue in LavaLand
During the many years that I provided volunteer support for free and pay customers of Lavasoft's Ad-Aware and Ad-Watch, many people questioned why I devoted so much of my free time in the endeavor. At the time, my response was that I enjoyed helping people. I was proud of what Nicolas Stark was contributing to computer users to aid in the protection of their privacy and for removing malware from their computer. Nic (Screen Name: Urizen) assured our merry band of volunteers that Ad-Aware would always be free for personal use.
It appears that someone, somewhere, took Nic at his word. The most recently released update on July 6, 2007, to Ad-Aware 2007 Personal, version 7.0.1.5, included Ad-Watch! I have the feeling that customers who shell out the annual subscription fee of $39.95 for Pro and $26.95 for Plus (U.S. dollars) are going to be rather upset over this. New subscribers will certainly have incentive for contacting their credit company and challenging the charges. I cannot help but chuckle at the explanation of the "Ad-Watch Preview" that has been available the past four days.
Although I occasionally provide help to folks using Ad-Aware SE, the above is just the latest example on why I no longer provide support for Lavasoft products. A brief time spent at the Lavasoft Support Forums will clearly illustrate the number of problems encountered with the new AAW 2K product, including serious issues encountered with Ad-Watch.
Of course, many of the Plus and Pro subscribers were saved from the issues since the registration process was broken for the first month after release for existing customers. This resulted not only in Lavasoft having to extend the customer subscriptions for one month but also of an obvious loss of a month's income for all existing Plus and Pro customers! (See Upgrades For Holders Of Valid Se Licenses Available)
Aside from the issue earlier this year when the Beta Definitions were uploaded to the download server there was the recent situation where users received notice of new Ad-Aware 2007 software updates. Unfortunately the "upgrades" caused the GUI version to revert from 7.0.1.4 to 7.0.1.3 and the Definition File to revert to 000.4.0000 from 000.6.0000. This was explained as an update server which had been shut down being turned on without being updated with the latest versions of the software and definitions.
Then comes the question about the four-star rating of Ad-Aware at Download.com. Of course we all know that the number of downloads are cumulative so don't be fooled by the almost 249 Million figure posted there. As each new version is added, that number grows when users download a new version or replace a version lost or uninstalled. What does change is the review comments. Apparently, as each new version is uploaded, the review comments are removed, upsetting the folks taking the time to provide their comments:
The examples I provided just scratch the surface on why I no longer recommend Ad-Aware when helping people remove malware from their computer. However, based on the number and type of job openings currently listed on the Lavasoft "Careers" page
it is beginning to appear that it may indeed be time to turn off the lights.
It appears that someone, somewhere, took Nic at his word. The most recently released update on July 6, 2007, to Ad-Aware 2007 Personal, version 7.0.1.5, included Ad-Watch! I have the feeling that customers who shell out the annual subscription fee of $39.95 for Pro and $26.95 for Plus (U.S. dollars) are going to be rather upset over this. New subscribers will certainly have incentive for contacting their credit company and challenging the charges. I cannot help but chuckle at the explanation of the "Ad-Watch Preview" that has been available the past four days.
Although I occasionally provide help to folks using Ad-Aware SE, the above is just the latest example on why I no longer provide support for Lavasoft products. A brief time spent at the Lavasoft Support Forums will clearly illustrate the number of problems encountered with the new AAW 2K product, including serious issues encountered with Ad-Watch.
Of course, many of the Plus and Pro subscribers were saved from the issues since the registration process was broken for the first month after release for existing customers. This resulted not only in Lavasoft having to extend the customer subscriptions for one month but also of an obvious loss of a month's income for all existing Plus and Pro customers! (See Upgrades For Holders Of Valid Se Licenses Available)
Aside from the issue earlier this year when the Beta Definitions were uploaded to the download server there was the recent situation where users received notice of new Ad-Aware 2007 software updates. Unfortunately the "upgrades" caused the GUI version to revert from 7.0.1.4 to 7.0.1.3 and the Definition File to revert to 000.4.0000 from 000.6.0000. This was explained as an update server which had been shut down being turned on without being updated with the latest versions of the software and definitions.
Then comes the question about the four-star rating of Ad-Aware at Download.com. Of course we all know that the number of downloads are cumulative so don't be fooled by the almost 249 Million figure posted there. As each new version is added, that number grows when users download a new version or replace a version lost or uninstalled. What does change is the review comments. Apparently, as each new version is uploaded, the review comments are removed, upsetting the folks taking the time to provide their comments:
(Click image for larger view)
The examples I provided just scratch the surface on why I no longer recommend Ad-Aware when helping people remove malware from their computer. However, based on the number and type of job openings currently listed on the Lavasoft "Careers" page
it is beginning to appear that it may indeed be time to turn off the lights.
"The GUN has left the building ... will the last one left standing please turn off the lights, and bring home the flag."
Monday, July 09, 2007
Microsoft Malware Protection Center
In April, we were provided with a preview of the Microsoft Malware Protection Center. The Malware Protection Center is no longer in "preview" mode but rather final form. A nice addition to the portal is the inclusion of the latest definitions for both Windows Defender and Microsoft Forefront Client Security Antivirus.
It comes as no surprise to see positions 1-3 of the top MSRT Detections as variants of the Zlob trojan. This trojan is often referred to as the "SmitFraud" infection or Trojan-Downloader.Win32.Zlob. I'll provide more information on the Zlob trojan in another post. In the meantime, check out the new Microsoft Malware Protection Center
Update 10 July 07:
The Antimalware Engineering Team Blog posted an update today announcing the official Version 1 of the Microsoft Malware Protection Center Portal.
Reference:
It comes as no surprise to see positions 1-3 of the top MSRT Detections as variants of the Zlob trojan. This trojan is often referred to as the "SmitFraud" infection or Trojan-Downloader.Win32.Zlob. I'll provide more information on the Zlob trojan in another post. In the meantime, check out the new Microsoft Malware Protection Center
Update 10 July 07:
The Antimalware Engineering Team Blog posted an update today announcing the official Version 1 of the Microsoft Malware Protection Center Portal.
Reference:
Beware of "Customer Support Robot"
Just like the phony e-card from a friend, neighbor, spouse, or other unidentified source, the emails from "Customer Support Robot" are also packed with trouble. This time, however, the creators of the Storm Worm (Nuwar) have disguised the infected path with a URL link that when moused over yields the IP Address.
The subject may vary from "Spyware Alert!", "Trojan Detected!", "Virus Detected!", etc. Regardless of the subject, don't be fooled. Instead, click the delete key.
The link from the sample below was removed and changed to red:
References:
The subject may vary from "Spyware Alert!", "Trojan Detected!", "Virus Detected!", etc. Regardless of the subject, don't be fooled. Instead, click the delete key.
The link from the sample below was removed and changed to red:
"Dear Customer,
Our robot has detected an abnormal activity from your IP adress
on sending e-mails. Probably it is connected with the last epidemic
of a worm which does not have official patches at the moment.
We recommend you to install this patch to remove worm files
and stop email sending, otherwise your account will be blocked.
Customer Support Robot"
References:
Vista SP1 Beta Predicted for Mid-July
Mary Jo Foley has reported that her unnamed sources have indicated that Microsoft is expected to release the first Beta for SP1 (Service Pack 1) for Windows Vista the week of July 16, with the anticipated final version in November, 2007.
With so many people holding off purchase of Windows Vista until after the Service Pack, a November release would be just in time for the Holiday shopping frenzy.
The rumored inclusions, according to Mary Jo, are
See Vista SP1 beta 1 to launch in mid-July
Edit to add:
With so many people holding off purchase of Windows Vista until after the Service Pack, a November release would be just in time for the Holiday shopping frenzy.
The rumored inclusions, according to Mary Jo, are
- Performance tweaks lessening the amount of time it takes to copy files and shut down Vista machines
- Improved transfer performance and decreased CPU utilization via support for SD Advanced Direct Memory Access (DMA)
- Support for ExFat, the Windows file format for flash memory storage and other consumer devices
- Improvements to BitLocker Drive Encryption to allow not just encryption of the whole Vista volume, but also locally created data volumes
- The ability to boot Extensible Firmware Interface (EFI) on an x64 machine
- Improved success rate for firewalled MeetingSpace and Remote Assistance connections
See Vista SP1 beta 1 to launch in mid-July
Edit to add:
- It appears that we will be seeing fine-tuning elsewhere with SP1. For example, from Mark Russinovich's blog post today, The Case of the Unexpected PsList Error, regarding providing read access to to PerfLib permissions for standard users will be included in SP1:
PsList is a utility in SysInternals which can be used to obtain detailed information about a process."To make a long story short, I filed a bug against Windows Vista Service Pack 1 (SP1) and Windows Server 2008 to have Interactive Users added back to PerfLib’s permissions. The reliability and diagnostics team reported back that the permissions changed inadvertently during the release of Windows Server 2003, but I convinced them it didn’t make sense, so in SP1 and Windows Server 2008 you won’t need to edit PerfLib’s permissions to be able to run tools like PsList as a standard user.
Another case closed by Process Monitor!"
- Also of interest is Long Zheng's report based on a tip from Josh Phillips of Windows Connected that Vista SP1 will fix critical ReadyBoost performance bug.
Sunday, July 08, 2007
They're Beautiful!
I see from Long Zheng that today Jennie Lam, Hillel Cooperman, and Walter Smith launched their first Jackson Fish Experience, "They're Beautiful". They're Beautiful is a virtual florist with a variety of bouquets you can send to friends and family. The recipient can register and maintain their bouquet in the "greenhouse".
As clever as their free service is, demonstrating creativity and the possibilities that can be experienced, timing for launching the site wasn't the best. Unfortunately, there has been a onslaught of postcards carrying a not-so-favorite, the "Storm Worm". As a result, both the florist delivery and registration ended up in my spam folder.
If you receive a postcard with an IP address link to click, hit the delete key instead. However, a bouquet of virtual flowers from They're Beautiful is another story entirely. I am looking forward to seeing what else the combined creative minds of Jennie Lam, Hillel Cooperman, and Walter Smith come up with next.
This bouquet is for you! Enjoy.
As clever as their free service is, demonstrating creativity and the possibilities that can be experienced, timing for launching the site wasn't the best. Unfortunately, there has been a onslaught of postcards carrying a not-so-favorite, the "Storm Worm". As a result, both the florist delivery and registration ended up in my spam folder.
If you receive a postcard with an IP address link to click, hit the delete key instead. However, a bouquet of virtual flowers from They're Beautiful is another story entirely. I am looking forward to seeing what else the combined creative minds of Jennie Lam, Hillel Cooperman, and Walter Smith come up with next.
This bouquet is for you! Enjoy.
Saturday, July 07, 2007
For Silverlight Fans!
If you are a fan of Silverlight, Microsoft Technical Evangelist, Tim Sneath compiled a list of 50 Silverlight Applications (via The Road to Know Where).
For those not familiar with Silverlight, see Tim's post Introducing Microsoft Silverlight as well as other references below. Silverlight will support all major browsers on both Mac OS X and on Windows.
References:
For those not familiar with Silverlight, see Tim's post Introducing Microsoft Silverlight as well as other references below. Silverlight will support all major browsers on both Mac OS X and on Windows.
References:
- 50 Silverlight Applications
- Microsoft Silverlight
- Microsoft Silverlight PressPass
- Silverlight vs. Flash, The Developer Story
Thursday, July 05, 2007
MSRC Security Bulletin Release, July 2007 Advance Notice
Although subject to change, on 10 July 2007 Microsoft is planning to release six new security bulletins, with one Moderate update affecting Windows Vista. Here is a summary in order of severity:
Critical:
References:
Critical:
- Bulletin 1
Affected Products: Microsoft Office, Excel
Impact: Remote Code Execution
- Bulletin 4
Affected Products: Microsoft Windows
Impact: Remote Code Execution
- Bulletin 5
Affected Products: .NET Framework
Impact: Remote Code Execution
- Bulletin 2
Affected Products: Microsoft Office, Publisher
Impact: Remote Code Execution
- Bulletin 6
Affected Products: Microsoft Windows XP
Impact: Remote Code Execution
- Bulletin 3
Affected Products: Microsoft Windows Vista
Impact: Information Disclosure
References:
- MSRC Blog: July 2007 Bulletin Release Advance Notification
- TechNet: Microsoft Security Bulletin Advance Notification for July 2007
Kodak EasyShare Printers Rule
While Kodak is cleaning up the rubble from the implosion of two buildings last weekend, the evolution continues. Like many employees, I am extending the July 4th holiday with vacation time. Time away from the office allows more time to indulge in catching up on various computer topics of interest. Interest today was piqued by the top story in the current issue of Windows Secrets which claims Epson's claims of cheaper ink are empty. After reading the report by Scott Dunn, I agree with his analysis that
As you will see in the Windows Secrets article, linked below, the cost per page or photograph printed with a Kodak EasyShare printer is indeed less costly than the Brother, Canon, Epson, HP, or Lexmark. As Scott Dunn said:
References:
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
"Epson's TÜV study didn't look at cost. The Kodak/QualityLogic data indicates that packing multiple colors into a single cartridge can result in a lower cost per printed page than single-color cartridges. Until other studies validate or dispute these findings, Epson's claims must be viewed with skepticism."As I have written before, as a long-time employee, I am biased about "all things Kodak". However, I did purchase a Kodak EasyShare 5300 All In One (AIO) printer. A major incentive in making the purchase was the knowledge that the printer is Windows Vista compatible. I found the installation easy with no issues. More importantly, the printer is simple to operate and the quality is superb.
As you will see in the Windows Secrets article, linked below, the cost per page or photograph printed with a Kodak EasyShare printer is indeed less costly than the Brother, Canon, Epson, HP, or Lexmark. As Scott Dunn said:
"Kodak's multi-color modules do seem to offer significantly lower cost per page for each document type"The consumer has to appreciate the low cost of replacement ink cartridges:
- Black Ink Cartridge: $9.99
- Color Ink Cartridge: $14.99
- Economy (Both Black and Color): $21.99
References:
- Windows Secrets: Epson's claims of cheaper ink are empty
- Kodak Press Release: Kodak Reveals True Ink Costs for Consumer Inkjet Printers Using QualityLogic Yield Test Results
- Quality Logic Summary: QualityLogic Ink Yield Test Report, Kodak EASYSHARE 5300
- PDF, Quality Logic: QualityLogic Ink Yield Report
- Summary, Epson Study: Efficient Printers and printing consumables
- PDF, Epson Study: Study about the efficiencye of single-ink cartridges and multi-ink cartridges (PDF, 1.871 KB)
- FinancialTimes: The wicked price of print
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Wednesday, July 04, 2007
Java SE 6 - Update 1.6.0_02
Sun Java has been updated to 1.6.0_02. As shown in the Release Notes, the update includes a long list of bug fixes, including this classic: "sloppy developer missed testcase when fixing 6490790."
I have not installed Sun Java on this machine yet but will be updating my posted Sunflowers and SunJava instructions in due course.
I have not installed Sun Java on this machine yet but will be updating my posted Sunflowers and SunJava instructions in due course.
BugHunter - MalWare Removal Tool - v2.2c
A good tool to have on hand. From the official description:
Bughunter is available from http://bughunter.it-mate.co.uk/
"BugHunter is a DOS based malware scanner which has a frequently updated database of signatures as well as engine updates. The program is designed to quickly scan for and optionally disable/remove any malware found. BugHunter is able to detect browser hijackers, rogue programs, adware, keyloggers, spyware (including some commercial ones), rootkits which are file based, malicious java/html/vb scripts, and various worms. As BugHunter is DOS based and does not require installation of any sort, it can easily be copied to various media and used to disinfect other systems without those systems having potentially harmful code present in memory. BugHunter gets along fine with most memory resident programs, and supports being run from a boot diskette/cdrom, such as BartPE."
Bughunter is available from http://bughunter.it-mate.co.uk/
ESET - The Best Just Got Better!
As I have mentioned, I am using ESET NOD32 on my laptop running Windows Vista Ultimate. Since NOD32 updates seamlessly, I really have no need to visit the website. However, the other day, a link from a forum or a question on something or another sent me to the ESET website.
Looking around, I found a couple of interesting features that I added to my notes for helping on the forums. Today, I learned from Nellie 2 of a new, free, on-line scanner ESET has made available:
The other helpful information I referred to above from ESET include links to uninstallers for Symantec, Trend Micro, and McAfee. The link is provided below. For specific virus infections not removed by your antivirus software, check the ESET Free Virus Remover.
References:
Looking around, I found a couple of interesting features that I added to my notes for helping on the forums. Today, I learned from Nellie 2 of a new, free, on-line scanner ESET has made available:
"ESET Online Scanner is a free Web-based service that enables computer users to perform a comprehensive system scan to check for and clean viruses, spyware, and other malware—without uninstalling their existing antivirus solution."The ESET Online Scanner works with Microsoft Windows 98/ME/NT/2000/XP/2003 and Windows Vista.
The other helpful information I referred to above from ESET include links to uninstallers for Symantec, Trend Micro, and McAfee. The link is provided below. For specific virus infections not removed by your antivirus software, check the ESET Free Virus Remover.
References:
Tuesday, July 03, 2007
WGA Changes and Updates
There have been a few changes announced on the WGA (Windows Genuine Advantage) Blog. Both the Windows Validation Assistant and the Office Validation Assistant have been replaced with the the Windows Comparison Guide (WCG) and the Office Comparison Guide (OCG). The primary difference is the WCG and OCG do not have the the web-based validation. The web-based validation is now located at http://www.microsoft.com/genuine.
With piracy being very costly to companies, and the unsuspecting victim as well, Microsoft has updated and added substantial information to the "How to Tell" site. There are around 600 products covered, including illustrations of the physical anti-piracy features released with Microsoft products.
Remember the questions that arose about the hologram on the Windows Vista DVD? What if you don't see the hologram? Go to the "How to Tell" site linked below. There are also samples of recent counterfeits for comparison.
References:
With piracy being very costly to companies, and the unsuspecting victim as well, Microsoft has updated and added substantial information to the "How to Tell" site. There are around 600 products covered, including illustrations of the physical anti-piracy features released with Microsoft products.
Remember the questions that arose about the hologram on the Windows Vista DVD? What if you don't see the hologram? Go to the "How to Tell" site linked below. There are also samples of recent counterfeits for comparison.
References:
- "How to Tell" -- http://www.howtotell.com/ and www.microsoft.com/howtotell
- Windows Genuine -- http://www.microsoft.com/genuine
- WGA Blog -- http://blogs.msdn.com/wga/default.aspx
Monday, July 02, 2007
Getting to know the Microsoft enthusiasts: Joseph Fieber - ITsVISTA.com
The second guest in "Getting to know Microsoft enthusiasts" at Vista4Beginners is Joseph Fieber of ITsVISTA.com. Although I did not discover ITsVISTA.com until the end of March, I quickly recognized the valuable information provided and promptly added it to Windows Vista Bookmarks.
Meet Joe at Vista4Beginners in Getting to know the Microsoft enthusiasts: Joseph Fieber - ITsVISTA.com.
Meet Joe at Vista4Beginners in Getting to know the Microsoft enthusiasts: Joseph Fieber - ITsVISTA.com.
Sunday, July 01, 2007
Happy Canada Day!
Thinking of Canadian friends, past and present, and sending wishes your way.
Happy Canada Day!
O Canada!
Our home and native land!
True patriot love in all thy sons command.
With glowing hearts we see thee rise,
The True North strong and free!
From far and wide, O Canada,
We stand on guard for thee.
God keep our land glorious and free!
O Canada, we stand on guard for thee.
O Canada, we stand on guard for thee.
Our home and native land!
True patriot love in all thy sons command.
With glowing hearts we see thee rise,
The True North strong and free!
From far and wide, O Canada,
We stand on guard for thee.
God keep our land glorious and free!
O Canada, we stand on guard for thee.
O Canada, we stand on guard for thee.
Subscribe to:
Posts (Atom)
