Complete Solutions
Home General Home Maintenance
Complete Solutions
Complete Solutions

Archive for May, 2009
Three critical patches rolled out today

A very busy day in the IT world…

Microsoft Powerpoint for Windows and Mac

On April 3rd 2009, a  zero-day exploit was found on the Internet that allows a powerpoint presentation to be specially created to allow an unauthorized user to gain control of your computer.  The good news was that if you were logged in as a regular user, then the exploit only granted user access, but if you were logged in as an administrator, then the unauthorized user had full access to your network and/or computer.  Today, Microsoft released a patch to address this problem.  Office for Mac, unfortunatly, does not have a patch as of yet and is vulnerable to this method of attack.  The good news for Mac is that the exploit hasn’t been found on the internet, but Microsoft does realize it is vulnerable.  Be careful who you are accepting powerpoint presentations from and be wary of the emails you get with funny .pps or .ppt files in them, if they are forwarded around the internet, they are likely to have some exploit in it. Check out Microsoft Updates for the non-mac users to get this update if you haven’t already installed it. For the technical breakdown of this issue and patch, check out Microsoft’s Technet site

Mac has 67 patches for OS X and Safari 3.2.3 comes out for PC and Mac

Mac normally will release their patches in clumps rather than priority, I’m not sure if that is a decision by engineers or by marketing to make Mac seem stronger.  I’ll have an entry about the myth of Mac being way more solid than PC for security in the future, but for now, the details of these updates.

The 67 patches handle a lot of issues, some small and some huge.  I strongly suggest you install this on all Macs, especially due to the flash player updates that prevent your computer from being compromised.  You may click the Apple icon on the top left of your Mac and choose “Software Update” to download everything.

Safari 3.2.3 has three real patches in it according to Apple, one of them discovered by Microsoft’s team (MSVR).  These patches are important, but not dire.  With slight patches, I’m comfortable telling you to patch your computers with this as you don’t have the same risks associated with doing a full upgrade.  For example, Safari 4 is in testing and I suggest you don’t download that until it has been out for awhile.  Anytime a major upgrade comes out,  you have two issues, the browser itself and websites working with the new version.  For example, Safari 4 might work great, but your online banking site might not.  So, to recap, install the patches and ignore Safari 4 beta testing at this time.  If you want to read the gory details from Mac about each patch, grab a coffee and check out this link for the 60+ patches for OS X and this link for Safari 3.2.3

Adobe Acrobat 9.1.1 released

Though I enjoy the version number of 9.1.1, this release patches one critical issue that will crash Adobe 9.1 and earlier.  It will allow an attacker to gain access to your computer, but not full control from what I can find.  Checkout Adobe’s 9.1 here for a new version AND go here for the final patch. If you already know that you have Adobe 9.1 installed already, then you just need the second link.  If you aren’t sure, use both links.

Finally, these patches are important, like all patches. Remember, if you get infected with a virus or an exploit, most of the time, you will hardly notice. These Malware makers are doing this to make money and to take advantage of your resources for another purpose.  Sometimes they harvest data out of your computer, automatically by using automated programs to search for databases and other information.  Sometimes, they want your internet speed to combine with other compromised computers at different homes and companies to create havoc like when the Storm Botnet attack the University of California-Berkeley for trying to disable it.  Point being, they don’t want you to know they are in your network rather they want your data or someone elses…. Be smart and patch up.  As always, if you need help with this, please give us a call at 715-309-3510 and we offer automated patching solutions and help on a case-by-case basis.
Tag More more...




Free sites for better performance

Sometimes, the little things make a big difference. This is true in the computer world; a lot of malware (software that is designed with malicious intent) will try to get into your computer through applications that are installed on your computer. If you take a moment to think like a malware maker, your goal is to install your malware on as many computers as possible, so you will want to make you work count. What are some programs that everyone uses, here are a few, that are free and in use quite often:

1. Adobe Acrobat Reader – If I sent you an email that had an attachment called filename.pdf, you would need Acrobat Reader or Acrobat to use it. This is a great program that allows you to view documents and make the most of it (searching, printing, organizing, etc.) Tons of people have this program, in fact, the last count I found was 500 million copies since 1993 according to Adobe themselves… A very rich target

2. Adobe Flash Player – Ever watch a movie on You Tube? If so, you use the Adobe Flash Player which is very good at giving you audio/video without a lot of delay waiting for it to load. This program has, according to Adobe, been installed on 99% of internet enabled computers, yet again, target rich for malware vendors…

3. Sun JRE (a.k.a. Java) – Now Java is a lot of things, but when users talk about Java, they are talking about the Java Runtime Environment, which is used for a lot of interactive programs that you may find on websites, for example, moving radar on weather.gov. According to Sun, the maker of Java, it is installed on over 800 million PCs and 2 billion mobile devices!

So back to the original point, if you think about those three programs and think about installing your malware, you would want to focus on taking advantages of flaws in those programs to get your malware installed.  The next step is that the malware maker will setup what are called “Drive-By downloads”, which is a download that the user didn’t authorize or was tricked into.  Malware vendors will go ahead and take advantage of unpatched servers and put in their drive-by download, then as users go by and view these webpages, the malware is installed into your system without your intervention, and the exploit is executed.   Simply put, some generally safe websites that you, as a user, visit on a daily basis are compromised due to website hosts not taking the time to keep their websites safe.  This has happened to Yahoo and other major sites in the past, so don’t think you have to go to shady websites, though your odds of infection go up quite a bit there..

So what can you do, as a user, to keep your computer a little safer???  

  1. Download a free update, once a month, for your Adobe Acrobat Reader here
  2. Download a free update, once a month, for your Adobe Flash Player here
  3. Download a new version of Java, once a month from here
  4. Get a good antivirus program, I always prefer one that you pay for as opposed to AVG, which is a fine antivirus, but I always appriciate the little things from a paid version.  Checkout McAfee or CA
Tag More more...




Powered by WordPress.
Modded by Complete Solutions, LLC. Back to top ?		 Home | About Us | Contact Us
Web Design by EZ New Media