MCS Tips and Tricks

Microsoft (NSDQ:MSFT) issued an emergency critical update Thursday addressing a malicious Internet worm that could allow attackers to infiltrate systems remotely and take control over users’ computers without any user interaction.The critical update is one of a handful of out-of-band patches released in the past few years, experts say. Microsoft issues regularly scheduled updates on the second Tuesday of every month, which has become known in IT security circles as “Patch Tuesday.” 

The fact that Microsoft has released what is known as an “out-of-band” patch indicates that the vulnerability is pretty severe, experts say.

“They are not afraid to go out of band if this is something extremely important. This is something that couldn’t wait,” said Jason Miller, security and data team manager for Shavlik Technologies.

The vulnerability, which affects almost every Windows operating system, is rated critical for multiple versions of Windows 2000, XP and Server 2003, but is given the less severe rating of “important” for Vista and Server 2008.

The error, if left unpatched, allows remote attackers to infiltrate systems in order to take control of users’ computers and steal data without any user interaction or social engineering lures. What makes this bug particularly nasty is that it has the ability to rapidly spread to other vulnerable computers within the network, experts say.

“You’re talking about the ability to take full control of the system without any user interaction,” said Miller. “You don’t have to put in login credentials and you don’t have to ‘trick’ somebody.”

Security experts maintain that an exploit is loose in the wild, meaning that there is evidence that an attacker has already used the exploit code to conduct attacks on unsuspecting users. Miller said that Microsoft suspects that the code has been used in targeted attacks.

“Somebody in the world knows about this vulnerability. They know how to exploit the vulnerability,” said Miller. “This (exploit code) is a money generator. People look to buy this stuff.”

While Microsoft has provided possible workarounds for the vulnerability, experts advise users to simply apply the patch as soon as possible. 

“Typically you want to test these updates because you don’t want to break anything,” said Miller. “I just want to get this thing and deploy it.” 

Security updates are available on the Microsoft Update, Windows Update and office Update sections of the Microsoft Download Center.

from  Kevin McLaughlin, ChannelWeb
2:53 PM EDT Tue. Mar. 18, 2008 The cloak-and-dagger game over Microsoft (NSDQ:MSFT)’s planned release of Windows Vista service pack 1 came to a close Tuesday, as Microsoft reported that Vista SP1 can now be downloaded manually from Windows Update.
For users who’ve chosen the automatic update option in Windows Update, SP1 will start downloading to PCs automatically beginning in mid-April, according to a Tuesday blog post by Windows Vista product manager Nick White. English, French, Spanish, German, and Japanese are available now, with the additional 31 language versions due in mid-April.

White noted that users running previous test releases of Vista SP1 will need to uninstall them before being able to download the final code from Windows Update. Additionally, users whose machines have any of the problematic device drivers that caused Microsoft to delay Vista SP1’s public release last month won’t be able to download the service pack until an update has been installed, White said.

These include certain Intel (NSDQ:INTC) display drivers and a Symantec (NSDQ:SYMC) software driver for Symantec Endpoint Protection and for Symantec Network Access Control clients, which Microsoft said Symantec is aware of and is in the process of updating.

Other problematic drivers include audio drivers from Realtek AC ‘97, SigmaTel, Creative Audigy, and Contexant HD Audio; biometric fingerprint sensors from AuthenTec and UPEK; and a Texas Instruments (NYSE:TXN) Smart Card Controller and Sierra Wireless AirCard 580 driver.

Although the news is a breath of fresh air for users who’ve been waiting diligently for Vista SP1, it wouldn’t be a genuine Vista SP1 story without at least a little bit of Redmond-style subterfuge, and it’s still unclear whether Vista SP1 will be available through the retail channel this week.

On Monday, Amazon (NSDQ:AMZN).com listed all four versions of Vista with SP1 as being available Wednesday, March 19, and indicated customers could buy Vista and then upgrade to Vista SP1 when it was scheduled to be made available online today. However, as has been the case with just about every aspect of Vista SP1’s slow march to public availability, Microsoft’s official stance doesn’t match the perceived reality of the situation.

A Microsoft spokesperson late Monday offered the following head-scratching explanation for the Amazon listing:

“The Windows Vista SP1 listing on Amazon.com is a pre-order listing for customers who want to purchase Windows Vista with SP1 to install on new PCs or to upgrade PCs running Windows XP,” the spokesperson said in an email to Everything Channel.

“Some retailers are accepting pre-orders of Windows Vista with SP1 once it’s available. As a result, when looking at Amazon’s site, you will see separate listings — one for pre-orders of Windows Vista with SP1 integrated, and the current version of Windows Vista, which does not include SP1, and can be purchased now and easily updated with SP1 online beginning March 18,” the spokesperson said.

Be wary when opening e-mail greeting cards this Valentine’s Day if you don’t know the sender. As Switched.com has been warning all its readers for a few weeks now, the message could turn out to be a computer virus, in this case known as a “botnet,” which can take over your computer to send more viruses out, link to other computers doing the same, or even steal your personal information.

The FBI suggests not opening e-mail if you don’t know the sender.
This particular e-mail baddy is known as the Storm Worm virus, and saw activity around several holidays last year. It takes advantage of people who let down their guard because an e-mail greeting card is often entertaining and seen as non-threatening.
Typically, the e-card arrives in a user’s in-box, the e-mail is opened, and the user is directed to click on a link within the text to retrieve the full card. That’s when the virus download occurs. The Storm Worm will be downloaded to that computer and begin its bad work, which ultimately is to deny service to a large network.
Storm Worm (so named because the subject line of the e-mail messages originally contained the line “Many Dead As Storm Batters Europe”) was the most pervasive Internet attack last year.
Here are Switched.com’s quick three tips to avoid Storm Worm and other viruses, trojans and malwares from being downloaded to your computer:
Don’t click on a link in an e-mail message from someone you don’t know.
Turn on your e-mail reader’s spam prevention.
If an advertisement you find on a Web page looks suspicious, type in the company Web address yourself instead of clicking directly on the ad (Sometimes Web ads are another way viruses and trojans get distributed.)

Many, many times we are asked to remove viruses from computers. What we find in addition to viruses is typically a conglomeration of Malware, Spyware, and Adware that has slowed the affected computer to a crawl. Now we have another … Ware. Just thought you might want to know. Here is a link that you may find helpful before you install a program. http://www.stopbadware.org/

The following article was written by Brian Krebs on Computer Security. I found it informative and helpful and I hope you do too. 

An industry-academia group designed to raise public awareness about software that violates fair information and privacy practices has labeled recent versions of RealPlayer video streaming software as “badware,” charging that the software surreptitiously installs pop-up ad serving software as well as the Rhapsody media player engine.

Stopbadware.org issued an alert about two software titles from RealNetworks - RealPlayer 10.5 and RealPlayer 11, saying each violated the group’s badware guidelines.

RP10.5 fails to alert the user that its “Message Center” feature — which is pitched as a way to keep the user up-to-date on security patches — will pop up ads from the system tray if the user doesn’t register the application.

RealPlayer 11 earned the badware mark because it installs (as an ActiveX control) the Rhapsody Player Engine without notifying the user, the report notes. In addition, when the user uninstalls RealPlayer, the Rhapsody player is left behind.

Stopbadware is a collaboration between Harvard Law School’s Berkman Center for Internet & Society and Oxford University’s Oxford Internet Institute, with support from companies like Google, Lenovo, and Sun Microsystems.
Typically, Google will flag Web sites that serve applications labeled as badware, placing a link below every badware site returned in a Google search that reads: “This site may harm your computer.” But they have not yet done so with RealNetwork, despite the kinds of marketing tactics described in this Stop Badware alert.
John Palfrey, executive director of the Berkman Center and a professor of Internet law at Harvard, said the RealNetworks company has a history of operating at the margins of consumer privacy issues. “What was clear to us was that [RealPlayer] 10.5 and 11 went over what was, to us, a clear line.”
Palfrey said Google was unlikely to list RealMedia’s site as badware, however: that classification, he noted, was generally reserved for sites that try to install unwanted or malicious software when a person merely visits the site.
Ryan Luckin, public relations manager for RealNetworks, took issue with portions of the report, saying while the company still supports 10.5, it no longer distributes it. Further, Luckin said, RP11 disables the Message Center by default. He said that RealMedia would consider changing its uninstaller to remove Rhapsody in future versions of RealPlayer, though he added that RP11 was likely to remain the default player available on its site for “a good chunk of time.”
All of this may come as little surprise to anyone who has installed RealPlayer on account of some video they needed to watch that wouldn’t render in any other media player, only to be pestered with constant pop-up ads that gobble up system resources.
But there are alternatives. If you just need to hear streaming Real audio, the free and excellent VLC Media Player can take care of that for you. For Windows users looking for a free alternative to render Real video content, a package called “Real Alternative” should do the trick. Real Alternative includes the codec needed to play Real video content, as well as the lightweight Media Player Classic. I have relied on this latter package to be my DVD player of choice on my main PC for the past several years now, and it works great.

Well,  I’m still not holding my breath, but let’s hope this is true and we can get on with computing as we know it.

Kevin McLaughlin writes Aug. 29, 2007:

Putting to rest months of rampant rumors and speculation, Microsoft on Wednesday said it plans to launch the first service pack for Windows Vista during the first quarter of 2008. Microsoft will release the beta version of Vista service pack 1 “in a few weeks,” said David Zipkin, senior product manager in the Windows Client group at Microsoft.

Many organizations have put off upgrading to Vista until Microsoft works out the kinks that have cropped up since its release in January, which include driver support, performance, and application incompatibility issues. Many VARs have been ripping and replacing Vista from desktops and laptops they sell because of the problems that come with moving their clients to the OS.

Unlike Windows XP service pack 2, Vista SP1 won’t include a raft of new features, notes Zipkin. “Windows XP SP2 was a departure from what we like service packs to be. Vista SP1 is about improvements to the user experience and enhancing existing capabilities,” he said.

To improve the Vista experience before the release of SP1, Microsoft has fixed earlier problems with device drivers and ironed out application compatibility issues, according to Zipkin.

“We’re aware that people are having some variety in their experiences with Windows Vista,” Zipkin said.

Vista SP1 also expands the coverage of Bitlocker drive encryption from just the system drive to all local drives, Zipkin said.

With Vista SP1, Microsoft has also made changes to Patchguard, the controversial security technology that’s included with the 64-bit version of Vista that’s designed to stop malicious code from operating at the kernel level.

Microsoft incurred the wrath of security software vendors last year when it became clear that Patchguard would also prevent third party applications from functioning correctly in Vista.

Microsoft has worked with third party vendors over the past year to develop a set of APIs that allows them to build software that accesses the Vista kernel, Zipkin said.

Microsoft plans to make updates available for Vista SP1 and beyond through Windows Update, Windows Server Update Services (WSUS), through a standalone, one-gigabyte software package, or through OEMs, Zipkin said.

The idea behind this is to let customers know that they don’t have to wait until Vista SP1 is officially released before migrating to Vista, said Zipkin.

Last month, Microsoft released a pair of update packs for the 32-bit and and 64-bit versions of Vista to a select group of software testers in its Connect program, which subsequently found their way onto the Internet.

However, some of the fixes in those unofficial update packs that leaked have been removed from the Vista SP1 beta because they were found to have problems, Zipkin said.

I have enjoyed watching as VoIP has transitioned into Ready for Prime Time technology. The only cavet I have is not to rely on it exclusively. Always have a back up (read cell phone or standard land line). This is why.

From Marie Boran: For the past 24 hours users of Voice over Internet Protocol (VoIP) service Skype have been experiencing problems logging in to the service to make calls, affecting many of the 220 million user base amid fears of a complete system crash or cyber attack.

On their official blog, the Skype team has reassured users that this is not the case, and that the problem occurred “because of a deficiency in an algorithm within Skype networking software”.

Skype is currently working on fixing the problem across Europe, saying that it is seeing signs of improvement in the ability to log in, adding that it will be updating its customers constantly on the situation.

When the problem first occurred early yesterday Skype had promised customers that the issue would be resolved within “12 to 24 hours”, leaving many home and business users aggravated as the window of time has come and gone. Some of those able to log in to the Skype service are finding that it crashes at regular intervals. Some users are speculating that a package of Microsoft updates which were released at roughly the same time might be related to the peer-to-peer networking problem. Downloads of the Skype program have also been disabled while the company is working on fixing the login problem.

U.S. scientists have developed a technology using tiny “ionic  
wind engines” that might dramatically improve future computer  
chip cooling. Purdue University researchers, in work funded  
by the Intel Corp., said their new technology increased the  
“heat-transfer coefficient,” which describes the cooling rate,  
by as much as 250 percent. “Other experimental cooling-  
enhancement approaches might give you a 40 percent or a 50  
percent improvement,” said Professor Suresh Garimella. “A 250  
percent improvement is quite unusual.” When used in combination  
with a conventional fan, the experimental device enhanced the  
fan’s effectiveness by increasing airflow to the surface of a  
mock computer chip. Garimella said the new technology could  
help engineers design thinner laptop computers that run cooler  
than today’s machines. The findings by Garimella, Professor  
Timothy Fisher, doctoral student David Go and Intel engineer  
Rajiv Mongia are detailed in a paper accepted for publication  
in the Journal of Applied Physics and tentatively scheduled to  
appear in the journal’s Sept. 1 issue.  

From CRN today:

By Kevin McLaughlin, CMP Channel
7:52 PM EDT Tue. Aug. 07, 2007 
Microsoft Tuesday officially released a pair of updates for Windows Vista that address several performance and hardware issues that have cropped up since the operating system was released in January.
Last week, Microsoft released two update packs for Windows Vista to a select group of software testers in its Connect program, which subsequently found their way onto the Internet.

One update fixes several Vista compatibility issues, including problems with upgrading video drivers, poor visual performance when playing graphics-intensive games, conflicts with NVIDIA G80 series graphic drivers, and the loss of Internet Connection Sharing after upgrading a PC from Windows XP to Vista.

The other update fixes performance related issues, including being unable to install a network printer if User Account Control is disabled; inaccurate “estimated time remaining” calculation when downloading large files; and delays when resuming a PC from hibernation.

Microsoft, which last month announced that Vista sales have topped the 60 million mark, has been vague about its timetable for releasing the first Vista service pack, although industry experts expect it to come out around the end of the year.

Microsoft executives have said they don’t think Vista service pack 1 will have a much of an effect on Vista uptake when it’s released.

Sam called this morninn wondering if he might be able to recover data that seems unreadable on several cd’s. I didn’t have a good answer for him, but here is what I found out. Discs are created in an interesting manner (note that this is a basic description). Plastic is laid down, then metal reflective foil, then dyes are poured onto the foil. Another plastic is laid on top, then the disc is spun at high speed to spread out the dye, hopefully evenly. It even sounds like an unstable method!