Archive for the Category ◊ Microsoft Security ◊

 

There was a hacking conference in Vancouver, Canada last week, and the contest was to see who could hack into Internet Explorer 8 on a laptop running Windows 7. Articles exclaimed that “Hackers exploit Windows 7 in 2 minutes!”.

This is true, but they failed to report that the hackers turned off security features in IE8. So, if you have a burglar alarm on your house, and disconnect it, because you just don’t worry about that kind of stuff, sure it would be easier to get into your house.

If you turn off your Internet security software or disable security features in IE8, sure, it is not going to be as secure as it could be, and it can be vulnerable to attack.

Another thing the article did not mention, is some of the other hacking contests and other Browsers that got hacked.

Here is a news flash you won’t read everywhere, at the same conference a fully updated MAC running a fully patched OS X, was hacked, yes a MAC!!! So the supposed bullet proof MAC and Safari browser can be hacked too.

On another note, The German government issued a warning to citizens in March telling them that FireFox had a critical vulnerability, and they should stop using it.

Back at the conference, the winner of the most secure browser, Chrome by Google, it had been patched for 11 vulnerabilities a few days before the contest. That means there were holes or security issues with Chrome, the best one.

Internet Explorer 8 is secure, and when properly set up (usually with default security settings, a good Antivirus program, and Windows updates current, there should not be security problems.

Any browser is going to fail you if you do not update it with security updates, and if you disable important security features that are there to protect you.

I personally like IE8, and I know people who swear by FireFox or even Chrome. I say use what you like, but honestly, they are all targets for hackers, and it is up to you to make sure your security is on, and your updates are performed to keep your security up to date.

Important Security Vulnerability Updates from Microsoft
Monday, August 17th, 2009 | Author:

Late last month Microsoft released numerous security vulnerability updates that are critical. These updates are as important as your Anti-Virus Programs updates. There were holes found in the Microsoft operating systems, and these are patches to shore up the holes!

If you have the small yellow update icon that has an exclamation mark, near the clock, then you have updates that are waiting to be updated. If you click on that, you can allow the updates to happen. It is VERY important to make sure the updates from Microsoft happen.

I have a good description on how to manually check for Windows updates to make sure you are secure, just check out my previous blog entry on Security Help for XP.

If you have Vista, here are the steps to check your Microsoft updates. Microsoft released Service Pack 2 for Vista in July. This is a large update, so it might take a bit to download and install.

Click once on the Start menu (Microsoft Ball on the bottom left of the task bar)

Click on Control Panel

Click on Windows Update


If there are updates waiting, you can click on Install Updates. You can also View Available Updates, or check your Update History.

How to stay away from Bogus Win Antivirus 2009
Monday, April 06th, 2009 | Author:

These are a couple of samples of the fake software. There are many variations, but this gives you and idea of what they look like. Note the shield and how similar to Microsoft’s Security Warning it looks like.

I have had a larger number of Win Antivirus and Antispyware 2009 infections in the shop lately, and I wanted to give you a few tips on how to avoid this junk on your computer.
The interesting thing is that most of the computers have had valid Antivirus Software, and the Virus still got on the computer. The problem is we say something is OK, and our Antivirus just assumes you want it, even though there may have been a warning, or maybe no warning.
What is this stuff anyway?
Antivirus 2009 and Antispyware 2009 are not real programs. They act like they are going to help you, and when you pay the fee, they are just smoke and mirrors. The program pops up over and over and says you have hundreds upon hundreds of horrible bad stuff, and they are going to do a scan to clean up your computer.
These fake programs use trojans, such as Zlob or Vundo, to spread. These viruses have been around for a while and are really common in the infected computers I work on.
Where does it come from?
Sometimes the viruses come from porn sites or what are called as Warez sites (free illegal software) or other illegally downloaded music/programs/movies. Even though it is very common to come from a place like this, there are a lot of other seemingly innocent ways.
Many viruses can come from files downloaded on Filesharing programs such as Limewire, Bearshare and eDonkey. These is called P2P, or Peer to Peer software. Many people are using this method to share movies/music/software illegally with others, and in turn, others share their stuff with you, including viruses. This is all under the guise of sharing legally, but no one really pays for the stuff and it is a way to get free stuff.
Another way some of the Bogus Antivirus programs show up is on a “drive by.” You go to a site you think is ok, and the message pops up, and it looks like a real antivirus message from your antivirus program.
But if you look closely, you will see that it is not. It is really just a pop up ad, that when you click on it, you are essentially downloading the virus. Dawn had one of these pop up on her desktop, and it was just that, a pop up ad that looked just like a security warning. We did the procedures below, and did a full scan, and thankfully we never actually got the virus.
The so-called program shows hundreds or viruses on your computer. It even acts like it is doing a scan, and then says you need to pay to get rid of the stuff. It is all a scam. Once they get your money, that is it. There is no antivirus program. It does nothing for you, but mess up your computer, and make your pockets lighter if you fall for it.
How to avoid getting it
If you get a message like this suddenly, check it out carefully. It should say Trend Micro or Norton, AVG, or whatever your antivirus program name is on the top or somewhere on the window. If it does not, here is what you do. The window will have the look and feel of a real program. I have included screen shots of what some look like.
First off, DO NOT click on the window at all. Many times the buttons are disguised as to what they will do, and usually clicking on it will attempt to download the problem onto your computer. Even the handy X for exit or other buttons may activate it.
Hit Control+Alt+Del and bring up the task manager. Look at the running applications, and there should be one that is Internet Explorer, or one that says the name of the program Win Antivir 2009. Click on that and click on End Task.
Then disconnect from the internet (easiest way is to unplug your modem from the wall power). Then run a “FULL” scan of your computer and make sure you do not have any Trojans. If you do this, at the first sign, you may have never gotten the virus on your computer, but it was more of a pop up ad/scam to get you to put it on your computer. This is what happened to Dawn, and thankfully she caught it right away.
Also if you have CCleaner on your computer, run that to remove all your Temp files and Temporary Internet files. These are not needed and they are a place where the bad stuff likes to hide. Click here to get CCleaner.

I run this monthly on my computer and would suggest the same for you.

Downloading Tip


One last thing on downloading anything, including this Ccleaner. You have to watch what is on the page, and not click on the DOWNLOAD buttons that are for other stuff. It can be very confusing, and even with all my experience, when I am in a hurry, I have clicked on the wrong thing, and downloaded something I did not want. Clicking on these buttons that look like what you want, can give you a lot of other junk you do not want or need.

One of the things sites have done now, is when you click on download, it goes to the next page, saying your download is starting. While you are waiting (a wait done on purpose by the way) you are presented with a screen which says DOWNLOAD Now! If you look carefully, that is for something different, maybe similar, but not what you are trying to download.

Wait a minute, and usually you will see the bar light up across the top of your browser saying “To help protect your security, IE has blocked this site from downloading… Click here for options.” That yellow bar on the top is where you download the file from. Click on the bar, and then save the file to your computer.

If a download button or pop up window says it will help you speed up your computer, check your computer, clean up your computer, make your bed, clean your registry or any other great claim, completely avoid it unless a reputable source recommends it and has tested it themselves.

Remember, up to date antivirus software and up to date windows security updates are both key to helping you out here.

Several Internet security firms have confirmed that the “conficker” worm is set to go off in possibly millions of computers on April 1st. This virus has been around for a few months and is picking up steam. Many times viruses like this can lay dormant in your computer and pop up on a set date. The Aprils fool day has always been popular amongst virus makers.

There are a lot of theories and suggestions of what it could do. The main thing this virus does is allows many computers to attack or “flood” the internet all at the same time, causing what is called denial of service attacks.

Basically it would be like everyone getting in their car and driving down to main street, and trying to drive. Too many cars, not enough road. This is the same concept. The main difference is, you would know if you were driving downtown, in fact more like someone stole your car to drive down there. Your computer just sits there, and you might not even know it is involved in causing the problem!

Here are a couple of things to make sure you do before April 1st:

Check your antivirus program and make sure it is up to date and working. It should be down in your system tray near your clock. Double click on it, ( all the top programs Trend Micro, Norton, McAfee, F-Secure) show you that everything is working or lets you know if there are problems. Most of them have a FIX it button, just click on that if it shows problems.

Second, run a full scan. Many of the programs run a quick scan. On Trend for example, if you open it up and see the scan button, just to the right is an arrow. Click on the down arrow, and choose FULL SCAN. Run that baby and delete any bad stuff it finds.

Lastly Make sure your Windows Security Updates are up to date! You can click here to check Microsoft Updates

If you do not have the worm, there is nothing to worry about. But it is better safe than sorry when it comes to viruses on computers. The biggest threat is to people who are not protected with Internet Security Software, theirs is not working or it is expired.

Here are a couple articles explaining more about the virus.

Microsoft

Fox News

Microsoft & Security Software – Another Gilligan’s Rerun
Saturday, February 21st, 2009 | Author:

Microsoft Drops Live OneCare Security product and will offer new free version of some new revamped security software. This is like seeing a rerun of Gilligan’s Island for the 15th time.

Like Gilligan’s Island, this is funny, predictable, entertaining, and always a catastrophe brewing. But the software is not really going to help keep your PC secure. Microsoft has tried to make Antivirus security programs for many years now, and each time, they have failed.

They have tried the free version, the pay version and the part free, part pay version, since back in the early 90’s. They all have been lousy programs that do not protect your computer well.

I have been a strong advocate against Window’s Live OneCare for a long time now, and Microsoft has announced that they are dropping the retail security software in June of this year.

The not surprising news is that they are coming out with a free program code named “Morro”. Microsoft has hired a guy from McAfee to oversee their Security Research & Response Team.

Microsoft has bought out many little Antivirus security companies that made good software, and then ran the products into the ground only to end up with watered-down, poor software.

I would strongly suggest not using this free product when it becomes widely available. It will be cheap and appealing to save a few bucks. However, as the old saying goes, “You get what you pay for!”

Remember, with Internet security, you pay $35-$60 a year, which is about $3-$5 a month, for peace of mind, safety, and keeping your computer and information protected. That is not a bad investment.

I still stand by Trend Micro Internet Security. Trend by the way, did not get the best review from PC World recently. The problem with the PC World review is that there is no comparison or discussion about how well the product performs. How easy is it to uninstall or troubleshoot a problem you might have? How easy is it for the average user to understand and use? How much does the program slow down the computer, and how much memory do you really need to run it?
Another issue I see is that PC World accepts advertising, and oddly enough there is not a lot of Trend Micro advertising in that magazine.

With the computers that come in the shop, I see fewer problems with Trend. I have tried them all, and sold both McAfee and Norton/Symantec, and I still feel Trend is one of the best products available, with everything considered. I have run AVG Free, F-Secure, Kaspersky, Panda, and they all have issues. There is no perfect product out there, but I do still highly recommend Trend.

Internet Security Tips

Whatever program you use for Internet Security, make you do the following:

  • Have good, current version of a paid-up Anti-virus/Internet Security program
  • Have it turned on and receiving automatic updates of the virus definitions
  • Have it set to automatically perform a full scan of the computer weekly
  • Make sure your Microsoft Windows updates are turned on (you can find the settings in Control Panel>Automatic Updates)

Here is a good article on the new Microsoft Free Antivirus that is coming soon:

Internet Explorer 8 is Coming Soon!
Saturday, February 07th, 2009 | Author:

Don’t get too excited… yet…

IE8 is still available as a BETA program, so if you download it and install it, you do that at your own risk. BETA RC1 (Release Candidate 1) means it is almost ready to go public, but there are still some bugs to work out.

We have downloaded it here and tried it out. It is quite a bit different, and like a lot of the Microsoft new products, it is trying to do a lot of stuff, and I am not sure how well it is going to “help” out or be better.

We also found several features that were different and some that did not work at all. Things like cutting and pasting from MS Word to a web browser was not working on the Blogspot site. There is a “compatibility mode” which will allow older style websites work with the new browser.

Better Security is one of the big areas they focused on, to keep us safer online. The other thing is usability, which is always different for each person. The Tabbing feature on the new IE8 is a lot more like FireFox now. One neat feature is that it asks you if you want to close all tabs, or just one of them.

I highly recommend you wait until IE8 has been released to the public in the final version, and then wait a few more months. My guess is, towards the end of the year. If you get a windows update telling you to download it, I would say no to IE8 at this point.

I will do some more testing and have a more thorough review in the next couple of months, and I will keep you updated.

Paul