Thursday, December 30, 2010

How to Block the New Fast Flux Botnet

The folks at Shadowserver have reported on a new spam campaign that, at first looked like the holiday e-card scams that have been around for many years.  After closer inspection of the details, it appears that it could be the next generation of Storm Worm or Waledac.

Below you'll find a list of subjects in the spam campaign reported by Stephen Adair in New Fast Flux Botnet for the Holidays: Could it be Storm Worm 3.0?.  The e-mails are coming from all over the Internet with spoofed sender addresses.
Greeting for you!
 Greeting you with heartiest New Year wishes
 Greetings to You
 Happy New Year greetings e-card is waiting for you
 Happy New Year greetings for you
 Happy New Year greetings from your friend
 Have a happy and colorful New Year!
 l want to share Greeting with you (Shadowserver note: the first letter is an L)
 New Year 2011 greetings for you
 You have a greeting card
 You have a New Year Greeting!
 You have received a greetings card
 You've got a Happy New Year Greeting Card!
The email contains a link to a compromised website.  Clicking the link results in a redirect to one of the new malicious domains being used by the botnet.  As explained in the report, "these are fast flux domains that will frequently return a new IP address each time they are resolved."


From New Fast Flux Botnet for the Holidays: Could it be Storm Worm 3.0?, the currently known domains hosting the botnet, whose purpose is to install malware, are listed below with the appropriate entry to add to your HOSTS file if you wish to block the domains.

If you use WinPatrol, it is easy to edit the HOSTS File, regardless of whether you are running Windows XP, Windows Vista or Windows 7,

  • Right-click on Scotty in the system tray to launch WinPatrol, selecting "Options".
  • Windows Vista and Windows 7 Users: Accept any UAC Prompts
  • Click "View HOSTS file", which will launch in Notepad
  • In Notepad copy/paste the following entries:

    127.0.0.1  bethira.com

    127.0.0.1  bitagede.com
    127.0.0.1  cifici.com
    127.0.0.1  darlev.com
    127.0.0.1  elberer.com
    127.0.0.1  envoyee.com
    127.0.0.1  leolati.com
    127.0.0.1  makonicu.com
    127.0.0.1  nurealla.com
    127.0.0.1  scypap.com
    127.0.0.1  suedev.com
    127.0.0.1  teddamp.com
    127.0.0.1  eplarine.com

  • Click File > Save
  • Close Notepad
  • Close WinPatrol


If you do not use WinPatrol (you should!), you can manually edit the HOSTS file.  It just takes a bit more effort.

With default Windows installations, the HOSTS file is located at C:\Windows\System32\drivers\etc.  If you use Windows 7, it is necessary to first click on Start, type in Notepad and then right-click on Notepad and choose Run as Administrator.  Then, for all systems (Windows XP, Windows Vista and Windows 7), right-click hosts and select to open with Notepad. 


This is an example of what you will see when Notepad launches the HOSTS File:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#    127.0.0.1       localhost
#    ::1             localhost

After the last line in the HOSTS file, paste the entries below
127.0.0.1  bethira.com
127.0.0.1  bitagede.com
127.0.0.1  cifici.com
127.0.0.1  darlev.com
127.0.0.1  elberer.com
127.0.0.1  envoyee.com
127.0.0.1  leolati.com
127.0.0.1  makonicu.com
127.0.0.1  nurealla.com
127.0.0.1  scypap.com
127.0.0.1  suedev.com
127.0.0.1  teddamp.com
127.0.0.1  eplarine.com

Save and close Notepad. 

Your HOSTS file has been updated and those malware domains have been blocked.

Clubhouse Tags: Clubhouse, Security, Privacy, How-To, Information, Tutorial, Family Safety, Windows Vista, Windows 7, Windows XP,


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, December 27, 2010

Facebook Privacy Warning

A notice is showing up for Facebook users to update security settings for "Account Protection".  The options are provided to make it easier to log back in to Facebook in the event there is a problem with your account.  The first provided option is to provide a secondary e-mail address.  The second option includes providing your Mobile number to achieve "High" account control. 

Unfortunately, caution is needed in both instances to prevent forfeiting privacy.  Added alternate e-mail address(es) have a default setting of "Friends Only".  If you elect to add your mobile number, there is a pre-checked option to add the number to your Facebook profile.  Instructions for customizing the information shared is in the "Privacy Settings" section below.

Information on the notice, steps to add the information and recommendations are provided below.

Notice



The "Account Protection" notice appears in the right column.  The status changes from Low to Medium after adding an alternate e-mail address. 







Step 1

Multiple alternate e-mail addresses can be added.  

Each added address will receive a "Facebook Contact Email Confirmation" with a link to confirm the alternate address.


WARNING:  If you restrict access or do not share your e-mail address with others in Facebook or have customized settings, it is necessary to update the settings for any added e-mail address(es).  See the instructions below under "Privacy Settings"
 
After confirming any added alternate e-mail addresses, clicking the question mark (?) on the update screen explains how you can achieve "High" security:



Step 2

When you select the option under Mobile Phone to "Sign up for Facebook mobile" and reach "High" Account Control, the instructions are to select country and mobile carrier and then enter the code received after sending a text message to FBOOK from the mobile number.

Unfortunately, this is where caution is needed.  The option to add the phone number to your Facebook profile is pre-checked:

 WARNING: "Add this phone number to my profile" is pre-checked.

If you do not have your that information blocked in your profile, unless the option is unchecked, depending on your privacy settings, you will be providing your mobile number to anyone who has access to your profile information. 

Personally, considering the frequent manner in which Facebook changes settings, I prefer not to include that information in Facebook.  However, in the event you elect to include your mobile number, you can control who has access to that and other personal information.

Privacy Settings


To edit your Privacy Settings, select Account > Privacy Settings. 



In the "Choose Your Privacy Settings" window that opens, select Customize settings.  From there you can change the options as to who has access to your contact information.  The options include Everyone, Friends of Friends, Friends and Customize (edit).  




Although I have not provided my Mobile phone, I kept the "Only Me" setting.  If you opt to customize that setting, you can make selected information visible to specific people on your friends list by individually adding their name(s).  Information can also be hidden from specific individuals by adding the name(s) in the bottom section:



If you have not seen the "Account Protection" notice and wish to go ahead and add a backup e-mail address and/or mobile number, the steps are available at http://www.facebook.com/update_security_info.php.  Just be careful that you are not sharing more information than you want available.


Clubhouse Tags: Clubhouse, Security, Privacy, How-To, Information, Tutorial, Family Safety,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, December 24, 2010

Ukrainian Christmas Eve

Merry Christmas to all my family, friends and Security Garden readers.

I extend warmest wishes to each of you and your family. May you enjoy the spirit of Christmas every day of the coming year.

Our family celebrates Christmas Eve in the Ukrainian tradition.  The video below includes examples of some of the traditional foods that are part of the Christmas Eve celebration. 





References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, December 22, 2010

Microsoft Security Advisory 2488013


Microsoft released Security Advisory 2488013 to address a public vulnerability in Internet Explorer 6, 7 or 8 if you visit a website hosting malicious code.  Microsoft reported that the current impact of this vulnerability is limited and they are not aware of any active attacks.

Microsoft is closely monitoring the situation but, due to the current limited impact, has determined there is not a need for an out-of-band release.  Should that change, an update will be provided on the MSRC Blog.


Internet Explorer Protected Mode on Windows Vista and Windows 7 helps limit the impact of the currently known proof-of-concept exploits. Protected Mode is on by default in the Internet and Restricted sites zones in Internet Explorer 7 and 8.  Protected Mode will warn you when a website attempts to install software, run or modify sensitive system components.  If you are not familiar with Protected Mode, you can learn more about it here:  What does Internet Explorer protected mode do?



References:
Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Advisory, Vulnerabilities, Information, Internet Explorer,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 16, 2010

Microsoft Security Essentials 2.0 Released

Along with release to manufacturing of Forefront Endpoint Protection 2010 (FEP) for business users, Microsoft Security Essentials (MSE) 2.0 has been released.  The updated version of MSE includes the following enhancements:

  • Windows Firewall integration – During setup, Microsoft Security Essentials will now ask if you would like to turn the Windows Firewall on or off.
  • Enhanced protection for web-based threats – Microsoft Security Essentials now integrates with Internet Explorer to provide protection against web-based threats.
  • New protection engine – The updated anti-malware engine offers enhanced detection and cleanup capabilities with better performance.
  • Network inspection system* – Protection against network-based exploits is now built in to Microsoft Security Essentials.

*Windows XP Users Note:   As explained when the MSE Beta was announced, the network inspection system feature is not enabled on Windows XP. The network inspection system requires the Windows Filtering Platform (WFP) in order to run.  WFP is only available in Windows Vista and Windows 7.

How to get MSE 2.0:

Microsoft Security Essentials 2.0 can be downloaded from the Microsoft Download Center.  
Tips
  1. Select the correct version:  MSE has both a 32 and 64-bit version.  (To determine If your computer is running a 32-bit or 64-bit version of Windows, click the Start button > Control Panel > System and Security > System.  The system type is shown under System.)  
  2. If you have a different antivirus software program already installed, it will be necessary to uninstall it before installing MSE. You may want to use AppRemover to remove the left-overs not removed during the normal uninstall process of the antivirus program.
  3. It is highly advised to install all Microsoft Security Updates prior to installing MSE.
  4. Do NOT install MSE on an already infected system.  If you need assistance removing malware from your computer, seek help from a by trained analyst.  A a fairly comprehensive list is available here:  Malware Removal Help Sites.
  5. The Installation process is essentially the same as for the original release, described in this tutorial
If you are already running MSE on your computer, it is easy to update to the new version.  You should see the following when launching MSE:
Click on the Upgrade link to install and then restart the computer to complete the process.  Version detail information is available in "About Security Essentials" located in the drop-down option in Help. 

Edit Addition:  I have seen a lot of questions about the MSE software update in the forums.  To check manually for the software update, click the triangle next to Help and select "Check for software updates" as illustrated below:


Note the addition of the Network Inspection System Engine:
Security Essentials Version: 2.0.650.0
Antimalware Client Version: 3.0.8107.0
Engine Version: 1.1.6402.0
Antivirus definition: 1.95.1960.0
Antispyware definition: 1.95.1960.0
Network Inspection System Engine Version: 2.0.5854.0
Network Inspection System Definition Version: 9.1.0.0
Edit Note:  Fellow MVP, Alan Burchill, published a new post for Group Policy for MSE Version 2 to support its new features:  Group Policy for Microsoft Security Essentials 2.0



Clubhouse Tags: Clubhouse, familyHow-to, antivirus, Microsoft, Windows, Security, UpdatesInformation,






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, December 14, 2010

Security Bulletin Release for December, 2010


Microsoft released seventeen (17) bulletins addressing forty (40) vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint Server and Exchange. Two (2) of those bulletins carry a Critical rating, while fourteen (14) are rated Important and one is rated Moderate.

A complete description of all the bulletins is available in the TechNet Bulletin Summary linked below.  The bulletin that closes out the last known vulnerability exploited by the Stuxnet malware is MS10-092.

Following is the description from the MSRC Blog of the two critical bulletins:
  • MS10-090 This bulletin resolves seven issues -- five Critical, two Moderate -- affecting all supported versions of Internet Explorer, on both Windows clients and Windows servers. Among its other updates, it addresses a vulnerability previously described in Security Advisory 2458511.
  • MS10-091 This bulletin is Critical and addresses three vulnerabilities in Windows' OpenType Font driver. All three issues were privately reported and we are not aware of any active attacks using them.

Microsoft also released an updated Malicious Software Removal Tool this month.

For complete details, see the references listed below.


References:

Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 09, 2010

Mozilla Firefox 3.6.13 Security and Stability Update



Mozilla Firefox 3.6.13 has been released to fix stability issues and address the following security vulnerabilities:
  • MFSA 2010-84 XSS hazard in multiple character encodings
  • MFSA 2010-83 Location bar SSL spoofing using network error page
  • MFSA 2010-82 Incomplete fix for CVE-2010-0179
  • MFSA 2010-81 Integer overflow vulnerability in NewIdArray
  • MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
  • MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
  • MFSA 2010-78 Add support for OTS font sanitizer
  • MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
  • MFSA 2010-76 Chrome privilege escalation with window.open and element
  • MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
  • MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

To manually check for the update, click Help and Check for Updates.


References:


Clubhouse Tags: Clubhouse, Security, Updates, Information









Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
iv>

Security Bulletin Advance Notification for December, 2010


On Tuesday, December 14, 2010, Microsoft is planning to release 17 updates addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange. Two bulletins are rated Critical, 14 are rated Important, and one is rated Moderate.  


The updates will address the last Stuxnet-related issues.  This is a local Elevation of Privilege vulnerability.  Aside from Stuxnet, Microsoft has not seen evidence of its use in active exploits. Microsoft is also addressing the Internet Explorer vulnerability described in Security Advisory 2458511.

In reviewing the Advance Notice, note that six of the bulletins are not applicable to Windows 7. The bulletins for Microsoft Office Suites and Software apply to all versions from Microsoft Office XP Service Pack 3 through Office 2010, 64-bit.

References:


Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Updates, Vulnerabilities, Information, Microsoft Office,




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, December 08, 2010

Oracle SunJava Update

java

Oracle SunJava released an update to Java Runtime Environment (JRK).  The full internal version number for this update release is 1.6.0_23-b05 (where "b" means "build"). The external version number is 6u23.

This is not a security update.  The next security update is scheduled for 18 January 2011.  Rather, the update contains enhancements, described as follows:


  • Improved performance and stability
  • Enhanced support for right-to-left languages

Although Java is not required (See Do You Need Java?), if you do have Java installed on your computer, it is advisable to install the latest update. 

Download Update: Java SE Runtime Environment 6u23


Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

Please check add/remove programs to ensure that you have uninstalled all prior (and vulnerable) versions of SunJava.

References:



Clubhouse Tags: Clubhouse, Updates, Java





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, December 02, 2010

AVG Update Disaster Impacts Windows Users

Windows customers of AVG Antivirus ran into a problem with virus database 271.1.1/3292 (432/3292) released 12:53 AM CET.  When following through with the requested computer restart, instead of Windows loading, they received the error:
"STOP: c0000135 The program can't start because %hs is missing from your computer. Try reinstalling the program to fix this problem."
Although the update was removed from the servers as soon as they were aware of the problem, there were many impacted by this issue.  From reports on the AVG forum, it appears as though 64-bit systems were impacted by this issue.  Reports differ as to whether this issue was restricted to Windows 7 or if it also included Windows Vista customers.

AVG has provided suggested steps in the forum thread at Some Windows 7 Operating Systems Cannot Be Started After Latest Update, followed by an FAQ topic: System crash after the recent AVG 2011 update 3292 (BSOD).  

One AVE user reported the method at "Alternate Method" as successful with a failed repair disk.

If you are looking for a replacement antivirus solution, the following are free for personal use.
My favorite paid/licensed solution is ESET antivirus products.

Clubhouse Tags: Clubhouse, Windows, Security, AntiVirus, Information, MSE, Microsoft Security Essentials, Information, Windows Vista, Windows 7,


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, November 28, 2010

Command Prompt Series, 7Tutorials

I must apologize to Security Garden readers who use Windows 7.  I have neglected to provide a link to a site that I have been following for a long time.



I was reminded of this omission recently after following the excellent series of tutorials at 7tutorials on using the Command Prompt in Windows 7.  If you are not familiar with how to use the Command Prompt or would like to learn additional features, I recommend the illustrated tutorials listed below.




The primary reason I like 7tutorials is the care site owner, Ciprian Rusen, and the editorial staff take in preparing the information for publication.  This is exemplified in the site Mission Statement:

"Just like yourself, we are tired of encountering sites which publish bad tutorials that ruin your computer instead of fixing it. We are also tired of editors who write tutorials in a rush and miss some important steps, site owners who shamelessly rip-off other sites, or those who don't thoroughly test their solutions and don't answer all your questions.

Our team has one simple mission: provide complete tutorials for Windows 7. We want to offer quality, not quantity. You might see our site updating less often than others but that's because we will do our best to offer quality articles."

There is a wealth of information available at 7tutorials.  I encourage you to check it out.  This site definitely deserves to be in the Spotlight!

Clubhouse Tags: Clubhouse, Microsoft, Windows, Tools, Information, Help,


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, November 27, 2010

Online Shopping Safety Tips

After dealing with the crowds in the stores shopping for great deals on Black Friday, many people have sworn off the brick and mortar stores in favor of online shopping.  Others will be searching for specials on "Cyber Monday" to complete their Holiday gift shopping.

Cyber Monday is the Monday after Thanksgiving when most Americans return to work after the long Thanksgiving Holiday weekend. It is the day when stores generally have their best online special deals.

We all know the precautions to take when shopping at the local malls -- carefully secure your credit card after making a purchase, put your wallet in an inside pocket, don't carry your purse loosely, be aware of your surroundings when walking to your car, have your car keys ready, don't leave your valuables unattended, etc.

Whether you have given up fighting the crowds and long lines in the brick and mortar stores or are just looking for online shopping bargains, safety precautions are also required when shopping online, whether it be Cyber Monday or any other day of the year.

Protect Your PC:

Before you start shopping, take care of basic security.  This includes having a software firewall and up-to-date antivirus and anti-malware software.
  • If your antivirus software license expired, either renew the license or uninstall it and download and install Microsoft Security Essentials.  (If the replaced antivirus was a "security suite", be sure to activate the Windows Firewall when uninstalling.)
  • Now run a full system scan with your updated antivirus software.
  • Next, scan with an anti-malware software.  If you do not have an anti-malware software, my favorite is Malwarebytes' Anti-Malware.  Another popular program is SUPER AntiSpyware.
  • Check for and install Security Updates.

Protect Your Credit:

Your computer is ready and so are you.  But, safety precautions do not end with your computer.  Now the onus is on you to protect your credit.
  • Shop at reputable websites.  If the offer sounds too good to be true, it is probably a scam. Customer evaluations are available at sites like Epinions.com or BizRate to help you determine the legitimacy of a company.
  • ONLY do your online shopping from home and never from an insecure public WiFi spot or public area like the local Starbucks.
  • To complete your purchases, checking out will require creating an account.  It is not advisable to store your credit card and other personal information on the website.
  • At checkout, the site web address should be https: and there should be a closed padlock there or in the lower right corner of your browser.  If not, forget about it.  You will be giving away your credit card information!
  • It is best to use a "true" credit card, rather than a debit card as it is better fraud protection.
  • At the completion of your order, print or make a screen copy, including the confirmation number, as a receipt for your purchase.
Tips:

Finally, a couple of money-saving tips that may result in additional savings when you shop online.
  • Be wary of most of the "coupon sites".  However, there is at least one that I am aware of that appears to have a good reputation and is "McAfee Secure":
"Hundreds of well-known online stores like Barnes and Noble, Staples, and Overstock.com have a place within their shopping cart for a "coupon code" that gives a percent or dollar amount off your purchase. If you don't know the code, you can't take advantage of the discount. You can find these secret discount codes and coupon codes listed on many sites across the internet but the problem with these sites is that they're usually personal homepages and they don't maintain their lists! Currentcodes.com has a full-time staff of trained individuals whose only job is to find new coupon codes and discount codes and verify the accuracy of the existing database. We don't flood you with ads and we don't throw deals in your face. No hype, just current codes."
  • Check CyberMonday.com which includes special offers, including free shipping, at hundreds of online merchants.  On the actual Cyber Monday, the site will provide hourly specials and exclusives from popular online retailers.  A portion of the proceeds from CyberMonday.com supports the Ray Greenly Scholarship Fund.


Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Family Safety, Information, Online Safety,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, November 24, 2010

Happy Thanksgiving (and Happy Birthday!)


Wishing everyone a very 
Happy Thanksgiving! 


Whether your family is large or small, traveling from near or far, I hope you enjoy the celebration, company, traditional family favorite foods, football and, most importantly, take time to count your blessings.

This year, Thanksgiving falls on the birthday of two very special friends -- Dia and Aaron.  To both Dia and Aaron, special Happy Birthday Wishes and {{{HUGS}}}.









Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, November 16, 2010

How the TLD4 rootkit gets around driver signing policy on a 64-bit machine

"Microsoft’s Windows operating system, running on a 64-bit machine provides enhanced security with driver signing of system and low level drivers. This policy, called the kernel mode code signing policy, disallows any unauthorized or malicious driver to be loaded. [1.]

 The TDL4 rootkit bypasses driver signing policy on 64-bit machines by changing the boot options of Microsoft boot programs that will allow an unsigned driver to load."

See how its done at the SunbeltBlog: How the TLD4 rootkit gets around driver signing policy on a 64-bit machine.

Additional story at The Register: World's most advanced rootkit penetrates 64-bit Windows.


Clubhouse Tags: Clubhouse, Microsoft, Windows, Security, Vulnerabilities, Information,


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Accelerated Adobe Reader/Acrobat Security Update


Adobe released an out-of-cycle security update to address the critical security issues in Adobe Reader and Adobe Acrobat.  In addition to addressing CVE-2010-3654 noted in Security Advisory APSA10-05 and CVE-2010-4091 referenced in the Adobe PSIRT blog ("Potential issue in Adobe Reader"), these updates also incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-26.

Release date: November 16, 2010
Vulnerability identifier: APSB10-28
CVE numbers: CVE-2010-3654, CVE-2010-4091
Platform: All Platforms

Edit Note:  I have been advised by my friend Randy that the Adobe Reader update re-introduces "Reader_SL.exe".  It is located in \%Program Files%\Adobe\Reader\ and is not required.  See the SystemLookUp description.


Acrobat and Reader users can update to the latest version, v. 9.4.1 using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from here. As usual, the caution to UNCHECK the box shown below. Neither the scan nor any offered toolbar are needed for the update! 






The next quarterly security update for Adobe Reader and Acrobat is scheduled for February 8, 2011.


References:

Clubhouse Tags: Clubhouse, Windows, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, November 13, 2010

Security alert: Active Links in Messenger 2009 Temporarily Turned Off to Prevent Malicious Worm



There is a particularly malicious worm (a self-replicating computer virus) currently trying to spread itself through many of the world's largest instant messaging and social networks.  The worm spreads by inserting a link into an IM conversation with a person whose computer is already infected. When the link is clicked, it opens in a browser and downloads the worm.  Then the process is repeated.

Because Windows Live Messenger 2009 is affected, Microsoft has temporarily turned off active hyperlinks for web addresses sent in IM conversations using Windows Live Messenger 2009. Messenger 2011 is not impacted.

If you think your computer may have already been infected by a malicious worm, download the malicious software removal tool from the Security TechCenter on Microsoft TechNet.

Additional details are available in Security alert: Active links in Messenger 2009 temporarily turned off to prevent a malicious worm.




 


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, November 12, 2010

Advance Notice: Adobe Reader/Acrobat Out of Cycle Update Scheduled



Adobe has announced an out of cycle security update for Adobe Reader and Acrobat.  The update is scheduled for Tuesday, November 16, 2010. As described in the PSIRT Blog:

"The updates will address critical security issues in the products, including CVE-2010-3654 noted in Security Advisory APSA10-05, CVE-2010-4091 referenced in the Adobe PSIRT blog (“Potential issue in Adobe Reader“), and the Adobe Flash Player update as noted in Security Bulletin APSB10-26."
 Following this out of cycle update, Adobe is scheduled to release the next quarterly security updates for Adobe Reader and Acrobat on February 8, 2011.

 References:

Clubhouse Tags: Clubhouse, Security, Updates, Vulnerabilities, Information,



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, November 11, 2010

Lest We Forget

At the the 11th hour of the 11th day of the 11th month, set aside politics and petty grievances and take time to pay tribute to all who died for their country.  

As in previous years, I am republishing my friend Canuk's last tribute. The comment he posted provides one example of why he was a special person:
"I too "will remember your friends who never had a full life", while thanking you and your comrades who have served with pride, honesty and honour.

Despite anyone's thoughts of the current conflict in Iraq - opposition or agreement, we must always remember that these brave young men and women are fighting for a cause they also may or may not agree with. The huge difference between them and us is that they are putting their lives on the line 24/7 while we sit in our homes in comfort, using the freedom of speech previous warriors won for us, and for that they deserve our love, respect, and support."
LEST WE FORGET





We Shall Keep the Faith by Moira Michael, November 1918

Oh! you who sleep in Flanders Fields, Sleep sweet - to rise anew! We caught the torch you threw And holding high, we keep the Faith With All who died. We cherish, too, the poppy red That grows on fields where valor led; It seems to signal to the skies That blood of heroes never dies, But lends a lustre to the red Of the flower that blooms above the dead In Flanders Fields. And now the Torch and Poppy Red We wear in honor of our dead. Fear not that ye have died for naught; We'll teach the lesson that ye wrought In Flanders Fields.
Flags courtesy of3DFlags.com



Clubhouse Tags: Clubhouse, Story






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...