Wednesday, September 30, 2009

Microsoft Security Essentials SEO Poisoning

Malware authors are hoping to cash in on the interest consumers have about the newly-released Microsoft Security Essentials (MSE) software from beta. As a result, they have used Search Engine Optimization (SEO) techniques to poison the search results for MSE. Websense Security Labs™ published the following alert:

“Microsoft Security Essentials SEO Poisoning
Date:09.30.2009
Threat Type: Malicious Web Site/Malicious Code

Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher's Web site and the British Travel Health Association.”

Play it safe. Carefully check the links in search results. Always go to the vendor source for software. MSE can be downloaded directly from the dedicated Microsoft web site at http://www.microsoft.com/security essentials

Use Protected Mode with IE7 and IE8. With protected Mode on both Windows Vista and Windows 7, neither user nor system files and settings can be modified without user consent. With Protected Mode any activity that tries to put something on your machine or start another program requires you to confirm.

Reference:

Websense Security Labs™: Microsoft Security Essentials SEO Poisoning


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Ready.Set.7 - Look for the Logo!

Is it time for you to upgrade your computer hardware? Are you in the market for software for Windows 7? To ensure compatibility of the new hardware and software with Windows 7, look for the Compatible with Windows 7 logo on the hardware packaging or software vendor website.

For Microsoft hardware products (i.e., keyboards, mice) software for Windows 7 is available at Microsoft Hardware Support for Windows®.

As described in the Windows 7 Blog by Mark Relph, Senior Director with the Windows Product Strategy Group. a number of changes were made to the Logo criteria as well as the process for granting Logo status.

“Our goal is to make the “Compatible with Windows 7 Logo” about the customer and ensuring them the best experience possible with Windows. A few of the changes we made include:

  • We focused on robust testing requirements to ensure optimal Windows 7 experience. Products that receive the Logo are checked for common issues to minimize the number of crashes, hangs, and reboots experienced by the user.
  • To be granted the Logo, products are tested to work with all versions of Windows 7 including 64-bit. This is an important change since 64 bit systems are becoming more mainstream.
  • We changed the testing process, reducing the amount of paperwork required and making it less expensive for our partners to achieve the logo.
  • We reached out to partners earlier giving them more time to test their products for use with Windows 7”

I am pleased to see the added requirement for 64-bit compatibility before vendors can earn the Logo. This will provide additional confidence to people considering upgrading to 64-bit.

Before you purchase either hardware or software, Look for the Logo! You can see some of the vendors who have already qualified to display the Logo at Ready.Set.7

References:


Clubhouse Tags: Clubhouse, family, Windows 7, reliability, story, logo,




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, September 29, 2009

Microsoft Security Essentials


After a period of successful beta testing, Microsoft Security Essentials (MSE) is final! MSE is independently certified by West Coast Labs and is backed by Microsoft's global security response team. Most importantly, MSE is built on the same core security technology used in Microsoft Forefront, the enterprise version for businesses.

MSE is free for personal use and can be downloaded directly from the dedicated Microsoft web site at http://www.microsoft.com/security essentials.

In the event you are replacing a security suite with Microsoft Security Essentials, it will be necessary to install a replacement software firewall or activate the Windows Vista or Windows 7 Firewall. Online Armor Free and Agnitum Outpost Firewall are free for personal use.

About Microsoft Security Essentials:

Simply stated: Microsoft Security Essentials (MSE) is an antivirus, anti-malware, anti-spyware software providing real-time protection for your home computer.

System Requirements:

  • Genuine Windows XP, (Service Pack 2 or Service Pack 3), CPU clock speed of 500 MHz or higher, and 1 GB RAM or higher (and Windows XP Mode in Windows 7).
  • Genuine Windows Vista (Gold, Service Pack 1, or Service Pack 2) and Genuine Windows 7, CPU clock speed of 1.0 GHz or higher, and 1 GB RAM or higher.
  • VGA display of 800 × 600 or higher.
  • 140 MB of available hard disk space.
  • Internet Browser:
    • Windows Internet Explorer 6.0 or later.
    • Mozilla Firefox 2.0 or later.

Installing Microsoft Security Essentials:

Note:

If you used the Beta version of MSE, upgrade to latest version of Microsoft Security Essentials

Installing MSE is essentially the same as installing any other software. There is a license agreement to accept:

MSE_InstallMSE_License

After accepting the license agreement, click the installer Validate button in order to validate your copy of Microsoft Windows. Following validation, MSE is ready to install.

Important:

Because MSE is an antivirus software, it is necessary to first remove other antivirus software programs installed on the computer. Although the software should be completely removable through Control Panel -> Add/Remove Programs, see Antivirus Product Removal Tools for links to the removal tools for left-overs from incomplete uninstalls.

MSE_ValidateMSE_Ready

You are now ready to complete the installation:

MSE_InstallingMSE_InstallComplete

Using Microsoft Security Essentials:

MSE has a simple-to-use tabbed interface, starting with the Home tab, which allows you to select the scan options.

The Custom scan provides a list of the drives on the computer to select, with the ability to drill down to the folder level.

To scan a specific file, such as a newly downloaded program prior to installation, navigate to the file, right-click and select the option to Scan with Microsoft Security Essentials.

MSE



After installing MSE and prior to scanning, be sure you have the latest updates. Go to the Update tab and click Update. MSE will check for and install any available updates.



MSE_Updating


The latest MSE definitions are also available from the Malware Protection Center.

For additional information, or if you are unable to download the latest updates, refer to Microsoft Knowledge Base Article KB 971606, "How to manually download the latest definition updates for Microsoft Security Essentials".






The history tab provides information on all items that were detected, quarantined or that were detected but you allowed to run on your computer:

MSE_History

Microsoft Security Essentials Settings:

  • Scheduled scan: Here you schedule when you would like MSE to scan your PC for threats in addition to checking for virus and spyware definitions.

  • Default actions: Lets you decide how to handle detected threats, by letting you define the default action for each alert level such as Severe, High, Medium, or Low.

  • Real-time protection: Alerts you when viruses, spyware or other potentially unwanted software attempts to install itself or run your computer.

  • Excluded files and locations: When you run a scan or use real-time protection, you can exclude certain files and locations.

  • Excluded file types: You can exclude certain file types. Excluding certain file types can help speed up the scan, but may leave your computer less protected.

  • Excluded processes: Allows you to exclude certain processes that run on your PC, examples include .cmd, .bat, .pif, .scf, .exe, .com or .scr.

  • Advanced: Provides a wide grouping of options for scanning archived files such as .ZIP and .CAB.

    I am a firm believer in using System Restore before making any system changes, a particularly nice feature of Microsoft Security Essentials. This setting is the pre-checked option to "Create a system restore point before applying actions to detected items." In the event a false/positive should occur, using System Restore will quickly resolve the issue. I am not aware of any other antivirus software using that feature.

    Should you use USB flash drives on public computers, I strongly recommend checking the box to "Scan removable drives". This option is not pre-checked so it will be necessary to make that change.


  • Microsoft SpyNet: Just like Windows Defender, MSE includes support for Microsoft's online community for responding to potential threats.

More:

If you believe the files on your computer are viruses, spyware or other malicious software that should be detected by Microsoft Security Essentials, but have not been detected, you can send these files to Microsoft.

To submit potential virus or spyware to Microsoft

  1. Go to the Microsoft Malware Protection Center and follow the instructions to submit the potential virus or spyware
  2. Microsoft will analyze the submitted files and update the detection capabilities in Microsoft Security Essentials Beta as appropriate, based on the results of the file analysis.

Additional Help and How-to information, including an installation video are available at Microsoft Security Essentials.

MSE_Icon

It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.




PressPass: Microsoft’s New Tool in the Fight Against Malware Free to Consumers

Clubhouse Tags: Clubhouse, family, security, How-to, antivirus,




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, September 15, 2009

Zune HD and 4.0 Software Update Optimized for Windows 7


The long-awaited Zune HD goes on sale starting today. Included with Zune HD and available for earlier models is Zune 4.0 software. The software uses cloud computing to allow you to move back and forth from watching video and listening to music on your Zune HD, PC or TV.

The Zune HD device offers the first portable HD Radio receiver on a Wi-Fi-enabled device. As described at Press Pass,
"Zune HD also features new casual games and non-gaming functionality such as a calculator and an MSN Weather application. Later this year, Zune plans to release free applications such as Twitter for Zune and Facebook for Zune, in addition to fun 3-D games such as “Project Gotham Racing: Ferrari Edition,” “Vans Sk8: Pool Service,” and “Audiosurf Tilt. TM” Games can be added to Zune HD via Zune Marketplace over the Wi-Fi connection or when connected to the Zune PC software."

There much more to the Zune HD, which is at the top of my wish list. The brief video below (Silverlight required) demonstrates the highlights of the new Zune HD. In the meantime, I'm off to update my old Zune software to 4.0.

Zune HD Demonstration (Silverlight Required)


References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, September 09, 2009

Mozilla Firefox 3.5.3 Security Update

Mozilla released version 3.5.3 which includes the security updates referenced below as well as several stability issues. To get the update now, click Help -> Check for Updates.

Security Updates

MFSA 2009-51 -- Chrome privilege escalation with FeedWriter
MFSA 2009-50 -- Location bar spoofing via tall line-height Unicode characters
MFSA 2009-49 -- TreeColumns dangling pointer vulnerability
MFSA 2009-47 -- Crashes with evidence of memory corruption (rv:1.9.1.3/1.9.0.14)






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, September 08, 2009

Microsoft Security Bulletins 08Sep09

Following is an overview of the five new security bulletins being released today, each identified as Critical and having a Vulnerability Impact identified as Remote Code Execution.

Note that MS09-048and MS09-049 require a restart. The other updates may require a restart, depending upon what programs are open at the time of update. The best practice is to restart the computer after applying any updates.

At the MSRC Blog, Jerry Bryant has provided an outstanding explanation of the updates with slides illustrating the Severity and Exploitability Index as well as Deployment Priority, in which he advised:
". . . we give MS09-045 and MS09-047 the highest deployment priority mainly due to these being browse and own attack scenarios and a high exploitability index rating. Exploits for MS09-047 can also be created through specially crafted files such as ASF and MP3 audio files. These files could then be sent via email."
New Bulletins:

MS09-045
  • Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)
  • Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-046
  • Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)
  • Affected Software: Microsoft Windows 2000, Windows XP, and Windows Server 2003
MS09-047
  • Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)
  • Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-048
  • Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)
  • Affected Software: Microsoft Windows 2000, Windows Server 2003, Windows Vista, and Windows Server 2008
MS09-049
  • Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710)
  • Affected Software: Microsoft Windows Vista and Windows Server 2008

Revised Security Bulletin:

Microsoft has revised Security Bulletin MS09-037 - Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) - on September 08, 2009.



References:

MSRC: September 2009 Security Bulletin Release
TechNet: Microsoft security bulletin summary for September 2009




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, September 03, 2009

Advance Notice: September 2009 Microsoft Security Bulletin Release

On September 08, 2009, Microsoft is planning to release five new security bulletins, each identified as having a maximum severity rating of Critical. The full version of the Microsoft Security Bulletin Advance Notification for this month can be found at the TechNet link below.

It was announced at the MSRC Blog that the Microsoft Security Update Guide has been re-written for IT professionals:
"to better understand and use Microsoft security update release information, processes, communications, and tools – and how to manage organizational risk and develop a repeatable, effective deployment mechanism for security updates."
New Security Bulletin Overview:
  • Bulletin ID: Bulletin 1
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
  • Bulletin ID: Bulletin 2
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Windows Vista and Windows Server 2008
  • Bulletin ID: Bulletin 3
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
  • Bulletin ID: Bulletin 4
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows 2000, Windows Server 2003, Windows Vista, and Windows Server 2008
  • Bulletin ID: Bulletin 5
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows 2000, Windows XP, and Windows Server 2003
References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

The Windows Blog Gets Genuine!


I am pleased to see the Genuine Windows Blog added as the newest member of the Windows Blog community. Software piracy is a major contributing factor to the high cost of licensed software. The Genuine Windows Team does not restrict their activities to piracy. They also provide helpful information on product activation.

Reproduced below are links to helpful documents from the former location of the Genuine Windows Blog that were included in the introductory post by Alex Kochis, Director, Genuine Windows. Windows XP users who are moving to Windows 7 will find the information on activation helpful.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, September 02, 2009

Microsoft Security Advisory 975191 Released

Microsoft is investigating new public reports of a vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, and Microsoft Internet Information Services (IIS) 6.0. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet.

According to the summary information provided, Microsoft is aware that detailed exploit code has been published on the Internet for this vulnerability but is not currently aware of active attacks that use this exploit code or of customer impact at this time. Active monitoring continues.

Windows Vista, Windows 7 and Windows Server 2008 are not affected. However, Microsoft Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are impacted.

For additional details and workarounds, see the following:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...