Welcome to the Security Garden, where everything is coming up roses.
The best way to protect your garden is to fence it in. The same applies to your computer.
Get computer security news and information, help, tips and more at the Security Garden.
The rapid release path for Firefox version updates did not run all that smoothly for Version 7. After updating to Version 7, there were instances in which users discovered one or more of their add-ons were hidden. As a result, the release of the new updates to Firefox Version 7 was paused in order to minimize the impact.
An update fixing the issue has been released. To get the update now, select Help, About Firefox, Check for Updates.
Also available now is the list of vulnerabilities that were fixed in Version 7.
Fixed in Firefox 7
MFSA 2011-45 Inferring Keystrokes from motion data MFSA 2011-44 Use after free reading OGG headers MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter MFSA 2011-42 Potentially exploitable crash in the YARR regular expression library MFSA 2011-41 Potentially exploitable WebGL crashes MFSA 2011-40 Code installation through holding down Enter MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23)
In keeping with the rapid release schedule, Mozilla released Firefox 7 today.
As expected when a version update is released, you may find that many of your favorite add-ons are not compatible with the new release. Use Add-on Compatibility Reporter to test and report on your favorite add-ons in version 7.
The Release Notes listed the following new features in version 7, At this point the indicated security updates are not listed in the Security Advisories. There is, however, a very lengthy list of Bug Fixes for version 7.
The upgrade to Firefox 7 will be offered through the browser update mechanism. However, as the upgrade includes critical security updates, it is recommended that the update be applied as soon as possible. To get the update now, select Help, About Firefox, Check for Updates.
As illustrated in this topic on the Microsoft Answers forum, the issue of fake tech support telephone calls has been a problem for over two years. The scams appeared to have originated in the U.K., spread to Australia, followed by Canada and the United States.
Although reports in various forum topics have pointed fingers at other vendors, in the instant case, the finger was pointing at "Comantra" who was a Microsoft Gold Certified Partner.
Comantra, like other vendors, was said to have cold-called people, implying that they represent Microsoft. After convincing the call recipients that the errors seen in Event Viewer on Windows are dangerous, the technicians would attempt to convince the people to allow the technicians to have remote access to their computer. Repairs, of course, required a credit card charge.
About Microsoft Gold Certified and Certified Partners
It is important to understand that being a Microsoft Partner, in any shape, whether Certified or Gold Certified, does not mean that the company represents Microsoft. Rather, it merely means that the company has met the requisite requirements, has paid the requisite fee and has earned the appropriate Partner Points for the Partner level. The requirements for both Microsoft Gold Certified and Microsoft Certified Partners are fully described at the eHow.com references below.
In addition to the above, Microsoft Gold Certified Partners must employ a minimum number of Microsoft certified professionals, meet the certification and sales requirements and submit competency-specific customer referrals.
Microsoft Certified Partners additionally complete one of three requirements (i.e. employ or employ by contract at least two Microsoft Certified Professionals, with three customer references approved by Microsoft or product software that Microsoft has tested and approved or hardware that a Microsoft authorized testing vendor has approved.)
How to handle telephone scams
If you receive a call from someone claiming to be representing Microsoft or Microsoft tech support, just hang up! Microsoft does not make unsolicited calls.
In the event you have been taken in by one of the fake tech support calls, it is strongly recommended that you take the following steps:
Change the passwords or PINs on your computer and your online accounts.
Place a fraud alert on your credit reports.
If you know of any accounts that were accessed or opened fraudulently, close those accounts.
Routinely review your bank and credit card statements monthly for unexplained charges or inquiries that were not initiated by you.
People in Australia, Canada, U.K. and U.S. appear to have been hardest hit by telephone tech support scams. The links below have additional information and resources.
Adobe Flash Player was updated to address critical security issues as well as what is described as an important universal cross-site scripting issue that is reportedly being exploited in the wild in targeted attacks. The exploit could cause a crash and potentially allow an attacker to take control of the affected system.
The newest version for Windows, Macintosh, Linux and Solaris is 10.3.183.10 and the update for Android is 10.3.186.7.
Release date: September 21, 2011 Vulnerability identifier: APSB11-26 CVE number: CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2429, CVE-2011-2430, CVE-2011-2444 Platform: All platforms
Adobe Flash Player for Android 10.3.186.7 by downloading it from the Android Marketplace by browsing to it on a mobile phone.
Browser Update Instructions
Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, the direct download links are as follows:
If you use the Adobe Flash Player Download Center, be careful to UNCHECK the box shown below. It is not needed for the Flash Player update. In addition, any toolbar offered with Adobe products can be unchecked if not wanted.
Verify Installation
To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu.
Do this for each browser installed on your computer.
Adobe released a Security Bulletin (APSB11-24) which contains the quarterly security updates for Adobe Reader and Acrobat. The updates address critical security issues in the products. Adobe recommends that users apply the updates for their product installations.
Acrobat and Reader users can update to the latest version using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from http://www.adobe.com/products/reader/.
The next quarterly security updates for Adobe Reader and Acrobat are currently scheduled for December 13, 2011.
Alternatively, you could switch to an alternate PDF reader. There are a number of open source readers available from http://pdfreaders.org/. I have been using Sumatra PDF for around three years. Nitro Reader is also a viable substitute.
Microsoft released five (5) bulletins addressing vulnerabilities in Microsoft Windows and Office All five bulletins are rated Important.
MS11-070 Vulnerability in WINS Could Allow Elevation of Privilege (2571621)
MS11-071 Vulnerability in Windows Components Could Allow Remote Code Execution (2570947)
MS11-072 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505)
MS11-073 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634)
MS11-074 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)
Although the Executive Summaries indicate that the updates "may" require a restart, regardless of the recommendation, it is always best to restart your computer after applying updates.
Support
The following additional information is provided in the Security Bulletin:
The affected software listed have been tested to determine which versions are affected. Other versions are past their support life cycle. To determine the support life cycle for your software version, visit Microsoft Support Lifecycle.
Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.
Mouse without Borders is a program created in The Garage at Microsoft by Truong Do, a developer for Microsoft Dynamics. The software allows you to use one keyboard and mouse across your PC's as if they were one desktop. You can control up to four computers with a single mouse and keyboard with Mouse without Borders.
Features
Control up to four (4) computers
Move or copy files between computers by dragging from one desktop to another
Lock or log in to all PCs from one PC
Personalize Logon Screen
Get/Send Screen Capture
Installation
Install Mouse Without Borders on the first PC:
At this screen, click No:
You will be presented with a Security Code:
Now follow the same installation instructions on the second PC, but this time click Yes to acknowledge installation on another computer and fill in the Security Code information from the first computer.
The two computers will be linked!
Uninstalling Mouse Without Borders
This update is to add information should you wish to uninstall Mouse Without Borders. You can uninstall Mouse Without Borders as you would any other program through Control Panel. However, if you cannot locate it, that is because you are looking in the wrong place! Scroll further down further and you will find it under Windows Garage.
In the event you are still having problems removing it, run the following command as an Admin:
There are occasions when a program will not completely uninstall. Other times, there are issues preventing a new program to be installed.
A recently released Microsoft Fix it solution is available to assist in diagnosing and fixing program installing and uninstalling problems automatically.
What it fixes...
Removes bad registry key on 64 bit operating systems.
Windows registry keys that control the upgrade (patching) data that become corrupted.
Resolves problems that prevent new programs from being installed.
Resolves problems that prevent programs from being completely uninstalled and blocking new installations and updates.
Use this troubleshooter for an uninstall only if the program fails to uninstall using the windows add/remove programs feature.
Critical security updates were issued by Adobe earlier this week for Adobe Flash Player, Shockwave Player, Photoshop and more. Details are available in the Released Updates linked below.
On Tuesday, September 13, 2011, Adobe is planning to release updates for Adobe Reader X (10.1) and Adobe Acrobat X (10.1) and earlier versions for Windows and Macintosh to resolve critical security issues.
Adobe additionally announced that they are in the process of removing the DigiNotar Qualified CA certificate from the Adobe Approved Trust List, indicating a further update is forthcoming.
In the meantime, the instructions below were provided by PSIRT for manually removing the DigiNotar certificates from Adobe Reader and Acrobat:
Adobe Reader Version 9
1) Open Adobe Reader.
2) Open the Document Menu and choose Manage Trusted Identities.
3) Drop down the ‘Display’ box that reads ‘Contacts’ and choose ‘Certificates.’
4) Select the DigiNotar Qualified CA. If you do not see this certificate in the list, no further action is required.
5) Click Delete, and then confirm the deletion by clicking OK.
Adobe Acrobat Version 9
1) Open Adobe Acrobat.
2) Open the Advanced Menu and choose Manage Trusted Identities.
3) Drop down the ‘Display’ box that reads ‘Contacts’ and choose ‘Certificates.’
4) Select the DigiNotar Qualified CA. If you do not see this certificate in the list, no further action is required.
5) Click Delete, and then confirm the deletion by clicking OK.
Adobe Reader and Acrobat X
1) Open Adobe Reader or Acrobat.
2) Open the Edit Menu->Protection->Manage Trusted Identities.
3) Drop down the ‘Display’ box that reads ‘Contacts’ and choose ‘Certificates.’
4) Select the DigiNotar Qualified CA. If you do not see this certificate in the list, no further action is required.
5) Click Delete, and then confirm the deletion by clicking OK.
On Tuesday, September 14, 2011, Microsoft is planning to release five (5) Security Bulletins, addressing 15 vulnerabilities. The bulletins are rated Important and address vulnerabilities in Microsoft Windows and Office.
The bulletins address Elevation of Privilege and Remote Code Execution, with at least one requiring a restart. Whether required or not, it is advised to restart your computer after installing updates.
To complete the process of providing protection against fraudulent DigiNotar certificates, Firefox 6.0.2 was released to the update channel today. (It has been available via FTP downloads since Sunday.)
Resolved an issue with gov.uk websites (see bug 669792)
The update to Firefox 6.0.2 is being offered through the browser update mechanism. To get the update now, select Help, About Firefox, Check for Updates.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Microsoft Security Advisory 2607712 has been updated to revoke the trust of the DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store.
The update is available via Automatic Update and applies to all supported releases of Microsoft Windows, including Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
A restart is required for all editions of Windows XP and of Windows Server 2003.
A restart is not required for all editions of Windows Vista, of Windows 7, of Windows Server 2008, and of Windows Server 2008 R2. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.
At the explicit request of the Dutch government, the release of this update on Windows Update will be delayed for the Netherlands.
This update will become available to the Netherlands on Windows Update and on all Automatic Update channels at a later date. Customers who want to manually install this update should click the appropriate platform download in the "Download information" section. On the next page, users will be able to select the language to install and can continue with the download and the installation.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...