Thursday, December 31, 2009

Happy New Year!

New Year's Eve brings many thoughts to mind. This year it is filled with prayer's for my friend Tara's Mom. It is also a day when I think of my dear friend Pat and wish he were still with us to celebrate his birthday.

To my family and
friends, both real and virtual from places around the world, I wish you a happy, healthy and prosperous 2010.

The
Irish Blessing below holds a special meaning to me so again I share it with each of you,
May your days be filled with wine and roses.



May love and laughter light your days, and warm your heart and home.

May good and faithful friends be yours, wherever you may roam.

May peace and plenty bless your world with joy that long endures.

May all life's passing seasons bring the best to you and yours!


Happy New Year!









Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, December 26, 2009

So, You Have a New Computer . . .

Congratulations! I am sure you are really excited about the new computer. Unless it is laptop_Win7a netbook, the computer will have Windows 7 installed. Although Windows 7 has many security features, there are still steps needed in order to protect your new computer.

I recommend the following steps before you go online,

1) Configure Windows 7 for a Limited User Account. This is a simple step and will help protect your account should your computer become infected. Step-by-step instructions are available in Steve Friedl's article “Configuring Windows 7 for a Limited User Account”.

2) Create a Password Reset Disk.

If you forget your computer password, you can use a password reset disk to create a new one. To create a password reset disk, click the Start button and type User Accounts in the search box. The link is located in the left pane.

3) Software Firewall.

Even if your computer is behind a router or you plan on using a different software firewall, you don’t want your initial online experience to be unprotected. Open Windows Firewall by clicking the Start button and typing firewall in the search box. Select Turn the Windows Firewall on or off from the left pane.

4) Windows Update.

Confirm that Windows Update is turned on so that any updates since your computer was built can be downloaded when you go online. Again, the fastest way to get there is to click the Start button and start typing update. Select Windows Update.

The minimum steps have now been completed so you can finally connect to the Internet. Not that you finally made it, the first step is to download and install an antivirus software.

5) Antivirus Software.

There are several antivirus software programs that are free for personal use. However, in testing the free versions do not score as well as their paid counterparts or Microsoft Security Essentials (MSE) which is also free for personal use and can be downloaded directly from the dedicated Microsoft web site at http://www.microsoft.com/security essentials. (Instructions for installing MSE are available here.)

Two of the free antivirus software programs that I recommend to people with budget constraints are avast! 4 Home Edition and Avira AntiVir PersonalEdition Classic. My favorite subscription antivirus is ESET. Another excellent program is Kaspersky.

6) Anti-Malware and Monitoring Software.

It is strongly recommended that you maintain at least one and, depending on your surfing habits, perhaps two updated anti-malware software programs on your computer. Microsoft provides Windows Defender, although if you install MSE, Windows Defender is replaced by the anti-malware portion of MSE.

An excellent choice for a supplementary program is Malwarebytes' Anti-Malware (MBAM), which is free for personal use. MBAM also has a licensed version available which includes the “Realtime Protection Module” which uses an advanced heuristic scanning technology which monitors your system to keep it safe and secure.

SUPERAntiSpyware is another popular anti-malware program.

There is one more program that is actually the first thing I install on my computers -- WinPatrol. WinPatrol is free for personal use and also has a one-time payment licensed Plus version. The features listed below are the primary reason I use WinPatrol, described more fully at the Win Patrol Features page:

  • Delay Startup Programs
  • Warn if AutoUpdate Status Changes
  • Track Date/Time Programs are First Detected
  • Prevents Changes to File Type Associations
  • Keylogger Detection
  • Kill Multiple Tasks in One Step
  • Twenty Thousand Program Descriptions
  • Disable Vulnerable Active X Controls
  • Create Hijack Style Log Files

7. Adding Hardware and Software.

If you have Microsoft Hardware that you want to use on your new computer, the correct software for Windows 7 is available at the Microsoft Hardware Support for Windows 7 website. Check the vendor site for other brands.

Check the Windows 7 Compatibility Center to find out what software and hardware are compatible with Windows 7. You can also download drivers and updates from the Windows 7 Compatibility center.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Now that you have the basics covered, there is a wealth of information provided by Microsoft at the Windows 7 Help & How-to website. From there you can find help for installing new hardware, backing up your files, how to personalize your PC or transfer files and settings from another computer as well as a security checklist and much more.

For more in-dept information, Talking About Windows provides a behind-the-scenes look windows 7. It is a video blog with contributions provided by Microsoft engineers who helped build Windows 7.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 24, 2009

Merry Christmas, Ukrainian Style

Merry Christmas to all my family, friends and Security Garden readers. Whatever traditions you celebrate, I extend warmest wishes to each of you and your family. May you enjoy the spirit of Christmas every day of the coming year.

We celebrate Christmas Eve following Ukrainian tradition. In that spirit, I would like to share with you my favorite Ukrainian Carol, Shchedryk, commonly referred to as the Carol of the Bells. This rendition was performed by the Irkutsk University Choir.





 
Remember - "A day without laughter is a day wasted." 
May the wind sing to you and the sun rise in your heart...

Wednesday, December 16, 2009

A Childhood for Every Child

childhood_med

What are your favorite childhood memories? Mine include spring and summer gatherings of the children from the around the neighborhood in our large side yard playing baseball. The autumn meant jumping in piles of leaves and winter brought snow angels and ice skating in the frozen pond in back. It did not matter age or gender. Everyone had fun.

Not all children have the luxury of happy memories. Sadly, there are thousands of children subjected to sexual abuse and exploitation. These children are victimized over and over as recordings of the abuse are shared online among pedophiles as child pornography,

As explained by Ernie Allen, President & CEO, National Center for Missing and Exploited Children, in A Childhood for Every Child:

“Child pornography worldwide, and particularly in the United States, has exploded with the advent of the Internet. Here at NCMEC, since 2003, we have reviewed and analyzed almost 30 million photos and videos of child pornography, and we project that nine million child pornography photos and videos will be reviewed and analyzed in the coming year. As much as the Internet has improved our daily lives, it has also allowed people to access child pornography with limited risk of discovery, and encouraged pedophiles to build networks that validate and facilitate their depraved desires.”

In an effort to assist in the effort to fight this abuse, Microsoft is donating a new technology, PhotoDNA to the National Center for Missing & Exploited Children (NCMEC). PhotoDNA, was initially created by Microsoft Research and was further developed by Hany Farid, a leading digital-imaging expert and professor of computer science at Dartmouth College. The goal is to help NCMEC in its efforts to find hidden copies of the worst images of child sexual exploitation.

The following short video explains how PhotoDNA works (Silverlight required).

Help fight the problem of child sexual abuse and exploitation. If you see it, if you know about it, if you suspect it, report it to NCMEC by e-mail or call 1-800-THE-LOST.

Related Information:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Security Update 3.5.6

Mozilla released Firefox version 3.5.6 which includes the security updates referenced below as well as several stability issues. Updates MFSA 2009-65, -66 and -67 are identified as Critical.

To get the update now, click Help -> Check for Updates.

Fixed in Firefox 3.5.6
  • MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
  • MFSA 2009-70 Privilege escalation via chrome window.opener
  • MFSA 2009-69 Location bar spoofing vulnerabilities
  • MFSA 2009-68 NTLM reflection vulnerability
  • MFSA 2009-67 Integer overflow, crash in libtheora video library
  • MFSA 2009-66 Memory safety fixes in liboggplay media library
  • MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)


References:


Clubhouse Tags: Clubhouse, Security, Vulnerabilities, Updates, Information

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 15, 2009

Critical Adobe PDF Vulnerability: Disable JavaScript!

AdobeIcon No relief appears to be in sight as far as Adobe product vulnerabilities this year. Here is hope that 2010 proves better for Adobe security.

In the meantime, however, there is yet another vulnerability in Adobe Reader and Adobe Acrobat 9.2, including all earlier versions, being actively exploited in the wild. although the exploit is actively being used by attackers, at this time the number of attacks are limited. This is expected to change within the next few weeks.

All users of Adobe Reader and Adobe Acrobat 9.2 are strongly encouraged to incorporate the suggested workaround by disabling JavaScript in Adobe PDF Reader/Acrobat:

Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

For home use, you may wish to replace Adobe Reader with an alternate PDF reader. Other options are available at http://pdfreaders.org/.

Update: Adobe PSIRT announced plans to issue an update to Adobe Reader and Acrobat by January 12, 2010. In addition, the official Security Advisory was posted at Adobe - Security Advisories: APSA09-07


References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 10, 2009

Facebook Privacy

As announced last summer, the Facebook privacy policy has been updated. Unfortunately, when Facebook members are presented with the update, the default entry is “Everyone”. As those of us who spend time in the security arena are well aware, people tend to miss or click past pre-checked settings. I suspect Facebook advertisers are hoping that will be the case with the recent changes.
Following are screen copies of what is presented to Facebook members.
1) Privacy Announcement

FB_Privacy1

2) Update Privacy Settings

FB_Privacy2

3) Confirmation
FB_Privacy3
There are other issues relating to your privacy that most Facebook members are unaware of as well. It has to do with applications accessing your settings -- you know, the Mafia, Farmville, What animal is your spirit guide, What is your ruling plane, Quizes, and all the rest that show up as invitations.

As Bill Pytlovany explains, it is not only the games. When you take a quiz, or even donate to “Causes” you are providing access your personal information. When your friend allows an application, they give away all your information too. See Facebook Simplifies Sharing your Personal Info and Who Gets Your Personal Information on Facebook? and then lock down your Facebook profile settings by clicking on “Settings” (located at the top, right corner of the page). Select“Privacy Settings” in the drop-down menu and consider changing the settings from Everyone to a more modest approach such as Friends of Friends.

You can also change the access that specific Applications have to your information. Click Applications in the bottom left corner of the Facebook page and select "Edit Applications". Review the various permissions provided to applications in the drop-down menu identified as "Show".




Facebook Information:
References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, December 09, 2009

Introducing WinPatrol PLUS Family Pack


Just in time for the Holidays, BillP Studios introduced the WinPatrol PLUS family Pack! The PLUS Family Pack license is valid for immediate family. As a result, for only $49.95 you can upgrade to WinPatrol PLUS and use the same PLUS code on your desktop, laptop, your spouse's computer, as well as your children(s) computer.

Stuck on gift ideas for your sister, brother or best friend? A WinPatrol PLUS Family Pack license is the gift that keeps on giving. It isn't a subscription, it is good for life.

As Bill Pytlovany explained,
"This is a limited offer but I hope it will make the holidays brighter especially for those of you with large families."
Click here to Order

WinPatrol works on all Microsoft Windows Operating systems.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 08, 2009

Microsoft Security Bulletin: December 2009


Microsoft released six security bulletins addressing a total of 12 vulnerabilities. The updates affect Windows, Internet Explorer and Microsoft Office.

Affected products include Windows, Internet Explorer (IE) and Microsoft Office products. Additional information regarding the severity and exploitability are available in the MSRC blog, linked below.


Critical

Important
References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 03, 2009

December 2009 Bulletin Release Advance Notification

On Tuesday, December 8, 2009, Microsoft is planning to release six new security bulletins addressing 12 vulnerabilities in Windows, Internet Explorer (IE) and Microsoft Office products. Three of the bulletins have a maximum severity rating of Critical and three have a maximum severity rating of Important.

As indicated by Jerry Bryant in the MSRC Blog, the updates touch all supported versions of Windows and IE. Expect that a restart will be required. In addition, Jerry reported:

"We want to make customers aware that we will be addressing the vulnerability discussed in Security Advisory 977981 in the IE bulletin on Tuesday. We know that customers are concerned about this issue and we are also aware that Proof of Concept (PoC) code is available publicly."



References:



Clubhouse Tags: Clubhouse, Security, Updates, Microsoft, Information


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Security Advisory for Adobe Flash Player

AdobeIcon Adobe released Security Advisory APSB09-19 affecting Adobe Flash Player 10.0.32.18 and earlier versions and Adobe AIR 1.5.2 and earlier versions. Adobe has announced a security update to resolve critical security issues for these products on Tuesday, December 8, 2009.

As defined by Adobe, a critical security issue is a vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.


References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, November 28, 2009

Passwords and User Names

Unfortunately, very little has change by computer users in selecting a password over the past several years. Compare the following list of the top 10 most passwords used in automated attacks reported by the Microsoft Malware Protection Center in Do and don’ts for p@$w0rd$, with the the PC Magazine list of the 10 most commonly used passwords online, published by Threadwatch.org in 2007:

Microsoft List - November, 2009:
  1. password
  2. 123456
  3. #!comment:
  4. changeme
  5. F**kyou (edited)
  6. abc123
  7. peter
  8. Michael
  9. andrew
  10. matthew
PC Magazine list - April, 2007:
  1. password
  2. 123456
  3. qwerty
  4. abc123
  5. letmein
  6. monkey
  7. myspace1
  8. password1
  9. blink182
  10. your first name)
Similarly, the MMPC provided this list of the top 10 list most common user names used in automated attacks:
  1. Administrator
  2. Administrateur
  3. admin
  4. andrew
  5. dave
  6. steve
  7. tsinternetuser
  8. tsinternetusers
  9. paul
  10. adam

From the report, Francis Allan Tan Seng and Andrei Saygo provide this advice:

"We just want to make users aware of the fact that passwords of around 8-10 characters (the average length of passwords that are normally used for Internet accounts) are used in attacks. Even a long password (10 to 15, or even 20 characters) isn’t good enough if it’s dictionary-based. As seen in the table above, there are passwords in dictionaries that are even using special characters (for example #!comment: ), not only numbers and letters.

You should take good care of what user name and password you're choosing. If your account has no limit on the number of login attempts, then knowing the user name is like having half of the job done. Especially for the user names from the top 10 (and mainly for the Administrator/Administrateur accounts), the passwords shouldn’t be picked lightly.

Usually we choose easy to type and/or easy to remember passwords, but please don’t forget that those passwords (for the moment) are the most commonly used or authentication on the Internet so they need to be strong.

The three basic things to remember when creating a strong password are the following:

1. Use a combination of letters, numbers and special characters. Also, remember that some dictionaries used in attacks have a "l33t" mode, which allows common letter/number-to-special character substitutions (like changing a-@, i-1 ,o-0 and s=$, for example, password = p@$$w0rd). Therefore, mix them in different ways so that they are not predictable.

2. Use a combination of upper and lower case letters.

3. Make it lengthy. A longer password does not necessarily mean it is strong but it can help in some cases."


For additional assistance see Strong passwords: How to create and use them. After creating a new, strong password, use the Microsoft Password Checker.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Clubhouse Tags: Clubhouse, safety, security, story

Wednesday, November 25, 2009

Happy Thanksgiving

Warmest wishes to family and friends for a Happy Thanksgiving!

"Some people complain because God put thorns on roses,
while others praise Him for putting roses among thorns."
May your Thanksgiving day be a rose among thorns.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Woot! Happy Birthday, Aaron!


{{{Happy Birthday HUGS}}} Corrine

Remember - "A day without laughter is a day wasted." May the wind sing to you and the sun rise in your heart...

Monday, November 23, 2009

Holiday Shopping Story


With the biggest shopping season of the year starting, this year I have a true story to share with you about a shopping experience of a long-time friend.

As a bit of background, this friend is one of the most organized people I know. She doesn't merely make lists. She actually completes the items on her lists too! I have known her for over twenty years. She is smart, alert and cautious.

So what happened? Early last week, she used her debit card at a store that did not have a PIN machine. As a result, the card was swiped as a credit card, she signed the credit slip and card returned. From that store, she went on to make two additional transactions, signing her name to both credit slips.

Later in the week, an attempt to use the card as a debit card was denied. She tried again and once again the debit transaction was denied. Since she was recently married and this was a new card with her married name, she thought there was something wrong with the new card. In telling her husband about it, he asked her what was wrong with the card. She hadn't looked at it closely, so pulled it out to see if it was obviously damaged.

That was when she discovered that the card was not hers, rather during one of the credit transactions when the card was swiped by the cashier, another person's card was returned to her! She called the bank immediately and reported the situation, placing a hold on her accounts. Fortunately, whoever received her card had not used it as no transactions have been placed on her account.

Particularly during the holiday shopping season when cashiers are harried, if you have to give your credit card or debit card to a salesperson, make sure you get your card back.

If you are planning on doing any shopping online, review these Online Shopping Safety Tips from Microsoft Online Safety. Frequent online shoppers should consider Windows CardSpace which helps control your digital identity, making online shopping safer.

Whether you shop in the brick and mortar stores, online or a combination of both, be careful, stay safe.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Clubhouse Tags: Clubhouse, safety, security, fraud, story

Saturday, November 14, 2009

Microsoft Security Advisory 977544 Released

Microsoft released Security Advisory 977544, "Vulnerabilities in SMB Could Allow Denial of Service", on November 13, 2009.

From the MSRC Blog:

"Today we released Security Advisory 977544 to provide information, including customer guidance, on a publicly reported Denial-of-Service (DoS) vulnerability affecting Server Messaging Block (SMB) Protocol. This vulnerability, in SMBv1 and SMBv2, affects Windows 7 and Windows Server 2008 R2. Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003 and Windows 2000 are not affected.

I want to be clear that this is a DoS vulnerability that is unrelated to Microsoft Security Bulletin MS09-050 which addressed a remote code execution vulnerability in the SMBv2 protocol. This vulnerability would not allow an attacker to take control or install malware on a user’s system, but could cause the affected system to stop responding until manually restarted."


Mitigating factors are provided in Microsoft Security Advisory 977544:
"Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the SMB ports should be blocked from the Internet."

For complete information, see Microsoft Security Advisory 977544 for an overview of the issue, details on affected components, mitigating factors, suggested actions, frequently asked questions (FAQs), and links to additional resources.

References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, November 11, 2009

Lest We Forget

Whether you call it Veteran's Day, Armistice Day or Remembrance Day, November 11th is a time to put aside politics and pay tribute to all who died for their country. As in previous years, I am republishing my friend Canuk's last tribute. The comment he posted provides one example of why he was a special person:
"I too "will remember your friends who never had a full life", while thanking you and your comrades who have served with pride, honesty and honour.

Despite anyone's thoughts of the current conflict in Iraq - opposition or agreement, we must always remember that these brave young men and women are fighting for a cause they also may or may not agree with. The huge difference between them and us is that they are putting their lives on the line 24/7 while we sit in our homes in comfort, using the freedom of speech previous warriors won for us, and for that they deserve our love, respect, and support."
LEST WE FORGET

We Shall Keep the Faith by Moira Michael, November 1918

Oh! you who sleep in Flanders Fields, Sleep sweet - to rise anew! We caught the torch you threw And holding high, we keep the Faith With All who died. We cherish, too, the poppy red That grows on fields where valor led; It seems to signal to the skies That blood of heroes never dies, But lends a lustre to the red Of the flower that blooms above the dead In Flanders Fields. And now the Torch and Poppy Red We wear in honor of our dead. Fear not that ye have died for naught; We'll teach the lesson that ye wrought In Flanders Fields.
Flags courtesy of3DFlags.com

Clubhouse Tags: Clubhouse, Story




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, November 10, 2009

Microsoft Security Bulletin: November 2009

Microsoft released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word).

In-depth technical detail on MS09-063, MS09-064 and MS09-065, is available at the Security Research & Defense team blog at this link.

Microsoft also re-released MS09-045 to add detection for users who may be running JScript 5.7 on Windows 2000 Service Pack 4. MS09-051 was re-released to update Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue.

  • MS09-063 - addresses a vulnerability in Windows (KB 973565)
  • MS09-064 - addresses a vulnerability in Windows (KB 974783)
  • MS09-065 - addresses a vulnerability in Windows (KB 969947)
  • MS09-066 - addresses a vulnerability in Windows (KB 973309)
  • MS09-067 - addresses a vulnerability in Microsoft Office (KB 972652)
  • MS09-068 - addresses a vulnerability in Microsoft Office (KB 976307)

References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, November 05, 2009

Advance Notice: November 2009 Microsoft Security Bulletin Release

On November 10, 2009, Microsoft is planning to release six bulletins (three critical and three important), addressing 15 vulnerabilities to Remote Code Execution. The affected products include Windows and Microsoft Office products. A restart will be needed in order to install the updates.

According to the Advance Notification, Bulletins 1-4 are planned for Windows (three Critical, one Important). The remaining two bulletins are updates for Microsoft Office and are designated Important.


References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, November 04, 2009

Critical Security Update for Sun Java JRE 6

Sun Microsystems released update 17 for Java SE JDK 6 and Java SE JRE 6. The update addresses multiple vulnerabilities. These vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure.

For detailed information on the updates, see Sun Alerts 269868, 269869, 269870, 270474, 270475, and 270476.

For English-lanugage operating systems, the download link is located at: Java SE Runtime Environment 6u17.



Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

Release Notes: Java SE 6 Update 17 Release Notes




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Tuesday, November 03, 2009

Celebrating 12 Years of WinPatrol!

In celebration of Scotty's 12th birthday, WinPatrol PLUS subscribers who have helped a friend or family member by having them adopt Scotty are eligible to register to win the grand prize in the WinPatrol Birthday Celebration: Windows Ultimate, Signature Edition!

See the details and register at WinPatrol Birthday Celebration.

Congratulations, Scotty.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, November 02, 2009

Fix it Solution for Windows 7 Upgrade Hanging at 62%



When upgrading from Windows Vista to Windows 7, a number of people have experienced the situation where the upgrade stops responding at 62% and does not resume. In addition, Windows creates a file that is named system_drive:\$WINDOWS.~BT\Sources\Panther\setupact.log

As explained in Microsoft Knowledge Base Article 975253, Upgrade stops responding (hangs) at 62% when you upgrade to Windows 7, this is because the Iphlpsvc service stops responding during the upgrade. According to KB 975253, it could also be other services causing a problem which results in the upgrade process hanging at 62%.

Microsoft released today a Fix it to fix the problem automatically. Note the caveat below specifically indicating that this solution is only to be used if the upgrade stops at 62%.

Important
The Fix it solution is ONLY if the upgrade stops responding at 62%. Do NOT use it if the upgrade stops responding at a different percentage than 62% or if the log entries are not logged.
From KB 975253:

Fix it for Me

To fix this problem automatically, restart the computer where the upgrade to Windows 7 fails at 62%. Your computer will roll back to Windows Vista. Either download the following fix to a flash drive or to a CD or return to this article on the machine where the upgrade fails. If you return to this article on the machine where you experience this problem, click the Fix this problem link. Click Run in the File Download dialog box, and follow the steps in the Fix it wizard.


Fix this problem
Microsoft Fix it 50319







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, October 29, 2009

Advance Notice: Security Updates for Java SE

The Sun Security Blog published the following update announcement:
"On November 3, 2009, Sun will release the following security updates:
  • JDK and JRE 6 Update 17
  • JDK and JRE 5.0 Update 22
  • SDK and JRE 1.4.2_24
  • SDK and JRE 1.3.1_27
The following Sun Alerts corresponding to these updates will be released following the availability of these updates.
  • 269868
  • 269869
  • 269870
  • 270474
  • 270475
  • 270476"
Sun Security Blog



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, October 28, 2009

Firefox and Opera Browser Updates

Browser updates were released yesterday for Mozilla Firefox and today for Opera. Details and download links for both browsers follow:

Firefox 3.5.4

In addition to the security fixes listed below, the update to Firefox fixed several stability issues, added the ability to re-submit crash reports and addressed the issue where after using Clear Recent History some SSL sites would not load all images and styles without pressing reload.

To get the update, click Help -> check for updates.

Security Issues:
  • MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
  • MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
  • MFSA 2009-62 Download filename spoofing with RTL override
  • MFSA 2009-61 Cross-origin data theft through document.getSelection()
  • MFSA 2009-59 Heap buffer overflow in string to number conversion
  • MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
  • MFSA 2009-56 Heap buffer overflow in GIF color map parser
  • MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
  • MFSA 2009-54 Crash with recursive web-worker calls
  • MFSA 2009-53 Local downloaded file tampering
  • MFSA 2009-52 Form history vulnerable to stealing
Release Notes and Download: http://en-us.www.mozilla.com/en-US/firefox/3.5.4/releasenotes/


Opera 10.01

Opera users can obtain the update to version 10.01 by clicking "Help -> check for updates and following the prompts.

New users can download Opera from http://www.opera.com/browser/download/
Features: http://www.opera.com/browser/features/




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, October 22, 2009

Windows 7 Launch = Success!

Hello, Windows 7!

Windows 7 Default Desktop, designed by Chuck Anderson

Although the Windows 7 launch events were scaled down from the Windows Vista launch, there was no less enthusiasm on the part of Microsoft employees, partners and Windows fans. If you missed the launch event, it is available at Microsoft PressPass.

The full video is 54:02 in length, but worth the time. I particularly enjoyed the demonstration by Brad Brooks, corporate vice president located around the 29 minute mark. Of course, Kylie, the little girl who won hearts around the world, made everyone smile when she introduced Steve Ballmer.

Kylie, from the Windows commercials, introduces
Microsoft CEO Steve Ballmer at the launch event
in New York City on Oct. 22.
(Silverlight Required)

If you are in the market for a new PC, check what is available in Brandon’s Guide to Awesome New Windows 7 PCs. From there, move on to the refreshed Windows 7 web site, being sure not to miss the 7 days of Windows 7 savings .

Edit Note: As pointed out in the comments, if available in your country, the URL link for the "7 days of Windows 7 savings" offers will vary. The above link is to the U.S. site.

Clubhouse Tags: Clubhouse, Windows 7, Microsoft, News, Tips, Information


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...