Top

Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Blog Index

Subscribe to our mailing list

* indicates required
Email Format

View previous campaigns.

Powered by MailChimp

Follow Us

Navigation
Sponsors

Entries in patch (19)

Wednesday
Apr152009

Mebroot becomes More Stealthier!!

Author: AuthorPaul Sylvester | Date: DateWednesday, April 15, 2009 at 4:31PM |
Well Here is something we should all be on the look out for:
[ad#cricket-right-ez]
Thousands of Web sites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.

Mebroot inserts program hooks into various functions of the kernel, or the operating system's core code. Once Mebroot has taken hold, the malware then makes it appear that the MBR hasn't been tampered with.

[Via Pcworld Magazine]

I will be updating my [intlink id="2205" type="page"]Malware Resource[/intlink] for the Prevx Software, but this looks to be a very bad root kit.  From my understanding most of the security related software.   It seems this little program will become even harder to detect and remove.   It also looks like this is ready to start infecting people with this root kit.   You should update every part of your system from [intlink id="3327" type="post"]Windows Patches[/intlink] to Browser. [intlink id="2229" type="post"] Securnia once said[/intlink] that most people are not patched fully!!  Just like the [intlink id="3301" type="post"]Conficker Worm[/intlink], if your not fully patched and keeping anti-virus and Firewalls on your system then you might as well be walking on nails.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , ,
Monday
Feb232009

And the Oscar goes to . . . Not these guys!

Author: AuthorPaul Sylvester | Date: DateMonday, February 23, 2009 at 12:12PM |
Sans Internet Storm is reporting on Anti-virus Scareware tactic. I'll quote from them:

[ad#ad2-right]
ISC reader Gary wrote in to let us know that searching for "oscar presenters" and "oscar winners" with Google brings up a prominently ranked result on a web server in Poland, on a subdomain of "beepl", which - surprise, surprise - includes a malicious JavaScript. The end result currently seems to reside on stabilitytracewebcom, and is yet another incarnation of the "Fake Anti-Virus Program" malware that we have covered repeatedly. Watch out, the EXE has a meager 6/39 on Virustotal.
[Via Sans]


I did my own research and it is true they are at least 3 sites with the .pl Domain that are used to send you to these fake sites. You should consider checking your system for possible viruses if you been to these sites and are worried. You should also report any site like this to Phishtank to fight this type of scare tactics. Please remember if you are worried about your system this is the best time to install software to prevent these types of scare tactics. Remember you don't always have to buy software to be safe. There are free anti-virus and Firewall solutions at your fingertips, use them well. It is also a good idea to make sure you have the latest updates from Microsoft while your at it.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Feb202009

PDF Zero Day Vulnerability in the Wild

Author: AuthorPaul Sylvester | Date: DateFriday, February 20, 2009 at 9:33AM |
From sources all over the internet, Adobe made a sent out a Security bulletin yesterday:
APSA09-01 (Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat)

[ad#ad2-right]A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

Adobe Plans on patching this March 11, 2009

and According to some other reports are saying:
Symantec Security Response has received several PDF files that actively exploit a vulnerability in Adobe Reader. We are continuing to remain in contact with Adobe on this vulnerability in order to ensure the security of our mutual customers.

[via Symantec]

With PDF files being used all over the business world, this will create undo problems with the IT Field.  This also could be used to make Botnets and make the network involved become sluggish.   It must be warned that there are a whole wide variety of possibilities that could be done with this exploit.  Shadowserver Foundation recommends disabling the Javascript in your Adobe Reader.  Until the patch comes out you will need to be careful on what you open up and possibly check each and every PDF with an Anti-virus.  This should help minimize the likely hood of getting a virus or Trojan, but is not going to be a 100%.  The only way you can prevent a 100% right now is not to use PDFS until they have Fixed this problem.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Jan302009

Microsoft released KB951847 out of Cycle For January

Author: AuthorPaul Sylvester | Date: DateFriday, January 30, 2009 at 4:05AM |
I woke up this morning and found this was released KB951847.  here is what it is:
kb925492 FIX: Error message when you add a Web reference to a project in Visual Studio 2005: "The custom tool 'MSDiscoCodeGenerator' failed"
kb928563 FIX: The System.Net.HttpWebRequest class may not maintain a persistent connection to a proxy in the .NET Framework 2.0
kb943175 FIX: The XmlSerializer class generates an unexpected result when you use the XmlSerializer class to serialize the numeration attribute in the .NET Framework 2.0
[ad#ad2-right]kb943412 FIX: You may experience delays when an operating system shuts down if the computer is running a managed service together with the .NET Framework 2.0
kb943804 FIX: Certain Unicode characters returned by the Application.ExecutablePath property in the .NET Framework 2.0 are displayed as "?"
kb944099 FIX: Error message when you use the SQL Native Client data provider to connect to an instance of SQL Server 2005 that is configured to use database mirroring: "Internal .Net Framework Data Provider error 6"
kb944100 FIX: You cannot access tables that are used in a SQL Server transaction if you end the thread that executes the transaction before the transaction is finished in the .NET Framework 2.0
kb944157 FIX: You may experience a significant delay when you make the first request to an ASP.NET Web application that is running on Windows Server 2003
kb946102 FIX: An ActiveX control will not receive keyboard navigation events when you use a System.Windows.Forms.WebBrowser control to host Web pages
kb946223 FIX: The input language in a text box on the Microsoft Expression Design surface does not function correctly when you change the input language to an East Asian language
kb946411 FIX: When you print an XPS file on a Windows XP Service Pack 2 or Service Pack 3-based computer, the characters in the XPS file print incorrectly
kb946503 FIX: Error message when you use the installer tool to install an assembly that is located on a remote computer: "An exception occurred during the Install phase"
kb946660 FIX: The headers attribute of a cell is rendered incorrectly when the cell is associated with multiple headers in an ASP.NET 2.0 Web application
kb946927 FIX: An installation may fail with error 1935 when an .msi file tries to install many policy files on a computer that has the .NET Framework 2.0 installed
kb947148 FIX: Incorrect methods are called when you call some COM APIs that are included in a .NET Framework 2.0-based 64-bit application
kb947317 FIX: In a Windows Forms application that was built by using the .NET Framework 2.0, the CurrencyManager object triggers additional instances of some events when you delete the last row from a table
kb947461 FIX: An update package is available for the .NET Framework 2.0 Service Pack 1
kb947581 FIX: The value of the "WsdlContractConversionContext.WsdlPortType" property is null in the .NET Framework 3.0 Service Pack 1
kb948233 You receive a System.InvalidOperationException exception error when you run a Microsoft .NET Framework 2.0-based application after you install security update MS 07-040 on a computer
kb948646 FIX: Objects are not serialized correctly when you serialize and deserialize the DataSet objects by using the SerializationFormat.Binary format parameter in a .NET Framework 2.0-based application
kb948815 Availability of the .NET Framework 2.0 post-Service Pack 1 hotfix rollup package for System.Data.dll and System.Data.OracleClient.dll
kb948873 FIX: You may receive a System.Xml.XmlException exception when you use one-way Web methods to communicate with Web services in a .NET Framework 3.0-based application
kb948887 FIX: An exception occurs when a Web application that is based on the .NET Framework 2.0 uses the HttpWebRequest class and receives an HTTP 1.0 response that contains the HTTP status code 401
kb949272 FIX: A Windows Forms application that uses ActiveX controls may crash, and a null reference exception occurs after you install the .NET Framework 2.0 Service Pack 1
kb949777 FIX: Error message if you deploy an executable application to a path that contains escape characters in the .NET Framework 2.0: "Absolute path information is required"
kb950230 FIX: You receive a System.ArgumentException exception error message when you use the Sgen.exe tool and the XmlSerializer JIT compiler to generate an XmlSerializer assembly for a Web service proxy in the .NET Framework 2.0
kb950986 FIX: In the .NET Framework 2.0 Service Pack 1, the ModuleBuilder.GetTypeToken method returns an incorrect token
kb951111 FIX: Warning message when you use the SvcUtil.exe tool to import service metadata in the .NET Framework 3.5: "The policy expression was not fully imported because it exceeded the maximum allowable complexity"
kb951113 FIX: The set of values returned from the row.GetColumnsInError method is empty when a client computer that has the .NET Framework 2.0 installed receives a DataSet object from a WCF service
kb952324 FIX: You cannot download the .application file when you deploy an application by using ClickOnce deployment in a secure environment

[ad#ad2-left]As you can see this fixes 30 things in this one service pack.  I see one or t wo things that might be exploitable and that is why they released this out early.  The ones that I see are Like the ActiveX controls.   I don't know why but this is for all systems on windows or at least it doesn't say anything other wise.  This is .net frame work and should be installed quickly as possible.   You should also consider making a new Autopatch ISO to install into all the necessary computers.  Also if you haven't installed a Free Anti-virus or goodFree  Firewall now is a good time to install them also.  I would expect this to Service Pack to have to reboot your system but other than that you should be fine.

*UPDATE*

After installing this service pack, I couldn't web browse.  It is one of 8 updates that were installed in the service pack that will need to be resolved so I will be having to install the service pack again and then start uninstalling until I get my web browsing back.  You May need to reboot each time to clear it out of the system before you get your internet browsing back.   The recommended procedure is to write the ones you remove so you can go back in install them later once you find the main update that is causing the problem.  I'll update when I find out the one that is causing the problem!!

*Update #2*

I did a system restore for Thursday night just before I upgraded my AVG program. (It also needs to be restarted to update the core of AVG).  I installed the Service Pack and it seems to be running.  I am thinking there is a conflict with AVG and The Service Pack now.  I am updating AVG to the current version and rebooting.  I'll see after that!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Wednesday
Dec172008

Microsoft released KB960714 to fix THE IE Problem

Author: AuthorPaul Sylvester | Date: DateWednesday, December 17, 2008 at 1:23PM |
windowsupdate121708


[ad#ad2-right]This is the update to fix the IE Vulnerability and if you have any questions please make sure to check my other post about this little update.   This was sent out today and should be patch ASAP, on all systems.  If you want to patch the easy way, I suggest downloading Clone to Autopatcher.  This seems to help make an ISO file on a DVD so you don't have to update a system the old way.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , ,
Tuesday
Dec162008

Microsoft to Release KB961051 on the Dec 17, 2008

Author: AuthorPaul Sylvester | Date: DateTuesday, December 16, 2008 at 8:01PM |
According to McAfee and I will quote:
December 16, 2008: Microsoft has announced an out-of-cycle patch release for a critical, remote-code-execution, vulnerability in Microsoft Internet Explorer (CVE-2008-4844). The patch, to be released on December 17, will address the vulnerability across multiple versions on Internet Explorer running on supported Windows platforms.

[via McAfee Threat Center]

[ad#ad2-right]From what I am understanding it will be KB961051 and will be a critical update on all Windows platforms.  Microsoft issued a security advisory for this on there Technet support website.   This will probably be put online sometime tomorrow and will be available to download after 10am PST although this is just a rumor because when I go to that article they talk about the work around and how to fix it temporary until they release the patch.  This is releated to the IE Vulnerability that is in the wild and has been causing havok on the internet.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Dec122008

Inside understanding of win32.netsky.q

Author: AuthorPaul Sylvester | Date: DateFriday, December 12, 2008 at 4:02AM |
Netsky.Q is a worm that spreads through e-mail. It is distributed as a 28,008 byte Win32 executable, compressed with PEtite, which drops a 23,040 byte DLL file. It also distributes itself inside ZIP archives.

I saw this on on the net and through we should talk about and let people know how you could get that the worm off your computer. It seems to be a self-replicating worm, it will continue to send out fake messages to people with the subject lines Like:
[ad#ad2-left]

  • Delivery Error

  • Delivery Failure

  • Delivery

  • Mail Delivery failure

  • Mail Delivery System

  • Mail System

  • Delivery

  • Delivered Message

  • Error

  • Status

  • Failure

  • Failed

  • Unknown Exception

  • Delivery Failed

  • Deliver Mail

  • Server Error

  • Delivery Bot


And with each message there is the reciepts email address at the end.  This worm seems to be spreading like wildfire today.   It is because people have not install

Microsoft Security Bulletin (MS01-020)




[ad#ad2-right]Now how do you get rid of it.  It seems that most of Anti-Virus software would get it done.  All you would need to do is scan for this virus with the latest updated virus databases and will go away.   According E-Trust Anti-Virus they say they can remove it.   This is a really old virus, according to my sources this was first seen in 2004.   In order to prevent this in the future I'd suggest installing a free anti-virus and using it.    This is one smart little worm according to CA IT.



If you have quite a few Desktops in your Office and want to update all of them to the newest patch all in one swoop, I'd suggest downloading Clone of Autopatcher and making an ISO image so you can go around to each computer and install the patches quickly and easily.  Prevent yourself from getting that virus and some others in the future.   This is a friendly tip for all those hard working IT workers.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Thursday
Dec112008

Internet Explorer still has a Vulnerability after Tuesday Patch!!

Author: AuthorPaul Sylvester | Date: DateThursday, December 11, 2008 at 12:43PM |
I just read this on several blogs and thought I'd share the details with you, it seems that Microsoft didn't know there was a problem with this Bug/Vulnerability.   Computer world has a great article and  says this:
[ad#ad2-right]"The updates Microsoft released yesterday do not address this possible vulnerability," a Microsoft spokesman said today in an e-mail reply to questions, "but I can tell you that Microsoft is investigating these new public claims of a possible vulnerability in Internet Explorer."




[Via ComputerWorld]


I can only hope that Microsoft fixes this Vulnerability soon, I would take a guess that they will try to get this out on the patch cycle if not they will push it out after.   Some things to remember with IE(Internet Explorer) is only use it with Microsoft Updates.   I also Suggest downloading FireFox and checking out my Anti-virus and Anti-Spyrware Page for ways to prevent from getting a virus.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Wednesday
Dec102008

Fix Shutdown Problems in Vista!

Author: AuthorPaul Sylvester | Date: DateWednesday, December 10, 2008 at 9:43AM |
[ad]
In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility.  One thing it seemed to fix on my system has been the shutdown time.  It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute.   So if you've not installed this update please install it soon.   I would like to know if people are seeing the same thing I am.   I've found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs.  This should fix most of the problem with older programs.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Tuesday
Dec092008

The Important Windows patches Released Today

Author: AuthorPaul Sylvester | Date: DateTuesday, December 9, 2008 at 12:25PM |
As many of you know we talked about the Non-critical patches that Microsoft will release today.  IF you want to read those please go and check it out.   I'll be talking about the REALLY important ones that Microsoft has kept tight until now.    These are the more important ones but I will list the ones that I previous talked about to better help people recognize the non-important ones:



[ad#ad2-right]
  • KB955839

  • KB957388

  • KB890830

  • KB905866

    • These are just the tip of the iceberg. although this list are not A lot.  I'd wanted to let people know about what people coin "Exploit Wednesday".  I really don't know if this is a Myth or actually does exist but I'd figure we discuss the problems associated with installing the critical updates and try to tell you which ones should be installed As soon as possible.  Though people have in the past used a Virtual Machine to see if there is any problem, that should be your first step if you don't want to have any problems with these updates.  I don't suggest testing it more than a couple days.  Here are some good Virtual Machine software to try out yourself:




    Here is the list of updates that are critical that Microsoft released today.   Each one of these are quite important and should be considered installed when you get a chance.


    [ad#ad2-left]Microsoft Security Bulletin MS08-073 - Critical
    Cumulative Security Update for Internet Explorer (KB958215)

    This security update resolves four privately reported vulnerabilities. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.



    Microsoft Security Bulletin MS08-071 – Critical
    Vulnerabilities in GDI Could Allow Remote Code Execution (KB956802)

    This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.



    [ad#ad2-right]Microsoft Security Bulletin MS08-075 – Critical
    Vulnerabilities in Windows Search Could Allow Remote Code Execution (KB959349)

    This security update resolves two privately reported vulnerabilities in Windows Search. These vulnerabilities could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.



    KB952069
    (not quite sure what this one is, when I go do a Google search this is what pops up. It was in German but Google translated it for me)

    In the Windows Media Runtime to the default in Windows XP SP3 contains Windows Media Player (WMP) 9 were discovered vulnerabilities that could allow an attacker to compromise your Windows-based system and gain control over it. See Security Bulletin MS08-076 ( englisch bzw. deutsch ) See Security Bulletin MS08-076 (English or German)


    These are just ones that I found and wanted to let you know, the others have been explained on the other article.  So check them all out and I suggest installing them quickly as possible.

    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Monday
    Dec082008

    Rumor is that Itunes will Remove DRM!

    Author: AuthorPaul Sylvester | Date: DateMonday, December 8, 2008 at 7:24PM |
    [ad#ad2-right]A report from last week brought to AppleInsider's attention by French technology site ElectronLibre asserts that it's now "clear" Apple will spark new interest in its music store by removing DRM from tracks published by Sony, Universal and Warner on December 9th.

    [Via Apple Insider]

    Although, this is somewhat unlikely I've got my own theories on this.  You see If Apple did this tomorrow that would be a BIG deal, due to the fact that Microsoft will be releasing there patches on the same day.  I find it would be a momentous occasion.

    [ad#ad2-left]I can only guess why and the guess is just a guess.  If Itune's did remove there DRM the same time as Microsoft Patch Tuesday, I'd have to guess they will co-inside because of the difficulty of using the DRM, Digital Rights Management, on other products.  For example, Windows Media Player .  If Apple decided to approach Microsoft and come up with a way to make sure all DRM is stripped this would be the ideal situation.   Although this is highly unlikely, I'd have to think Apple wouldn't wait till tomorrow to strip the DRM.  They know Microsoft schedule.  We will have to find out in the coming days.
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Sunday
    Dec072008

    Upcoming Patch Tuesday

    Author: AuthorPaul Sylvester | Date: DateSunday, December 7, 2008 at 8:22PM |
    [ad#ad2-right]I wanted to get prepared for the updates for this Tuesday and I thought I'd go through them and list what Microsoft said about each.   These are what's been said on Technet and I am sure there will be more.   Each one of these don't look to serious but I will post Tuesday if there is anything I've missed on this post.   As you might know this is not set in stone but just the direction of Microsoft for this Months Release.


    KB955839

    Update for Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP

    Install this update to resolve an issue that is caused by revised daylight saving time laws in many countries. This update enables your computer to automatically adjust the computer clock on the correct date in 2008. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Server 2008 License Terms.

    [ad#ad2-left]KB957388

    Update for Windows Server 2008 and Windows Vista

    Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

    KB890830

    Windows Malicious Software Removal Tool

    Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. After you download the Microsoft Malicious Software Removal Tool, it runs one time to check your computer for inflection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month.

    [ad#ad2-right]KB905866

    Update for Windows Mail Junk E-mail Filter [November 2008] (KB905866)
    Install this update for Windows Mail to revise the definition files that are used to detect e-mail messages that should be considered junk e-mail or that may contain phishing content. After you install this item, you may have to restart your computer. This update is provided to you and licensed under the Windows Vista License Terms.


    I am sure there are going to be others but right now this looks like the normal things Microsoft sends out.  I am sure they are keeping a tight lid on the really serious stuff until last second so I'll have to report the really important stuff Tuesday.
    VPN4ALL best privacy&encryption
    Comment1 Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Wednesday
    Nov262008

    Microsoft issues Vista patches out of Monthly Patch Cycle!

    Author: AuthorPaul Sylvester | Date: DateWednesday, November 26, 2008 at 4:53AM |
    KB957321,KB959108,KB959130


    Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:
    [ad#ad2-right-1]

    Kb957321


    An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:
    954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

    945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP
    KB959108

    The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.



    This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.
    KB959130

    On a Windows Vista-based computer or on a Windows Server 2008-based computer, you install a third-party Web browser. You set the third-party Web browser as the default Web browser. Then, you run the Connect to the Internet Wizard. However, if you select the Browse the Internet now option, Windows Internet Explorer starts instead of the third-party Web browser that you set as the default Web browser.


    [ad#ad2-right]This seems to be not so important.  All of these are not really security related but it does surprise me that Microsoft wanted to release these out of Cycle.   If your planning on using your Vista laptop during the holidays you might want to update your vista machine before you go.  I don't think there is going to be any major issues with this but if there is, you can always remove these updates later.
    VPN4ALL best privacy&encryption
    Comment3 Comments | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Thursday
    Nov202008

    Vista has a new Vulnebility!

    Author: AuthorPaul Sylvester | Date: DateThursday, November 20, 2008 at 11:41AM |
    According to Techworld.com,  Vista has a new Vulnerability that could let a hacker infect a Vista machine with a rootkit.  The talk from them is quite intriguing.   I will quote it to better let you know what the Vulnerability is:
    The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

    [ad#ad2-left]Phion notified Microsoft about the problem on 22 October. Microsoft indicated to Phion that it would issue a patch with Vista's next service pack. Microsoft released a beta version of Vista's second service pack to testers last month. Vista's Service Pack 2 is due for release by June 2009.
    [via Techworld.com]

    The way they could do this is through the Device IO Control which in turn could corrupt the Kernel of Windows Vista.  Now we all know that Microsoft will release a patch quicker than 6 months away.  According to this article, people are already looking for the exploit and want to know more about it.  I would be willing to bet they will have a patch out sooner than later.  Probably January or Febuary, which will be a big deal because no one will expect it.  I would also imagine hackers will start trying to figure out how they could install software as quick as possible before Microsoft pushes out the patch.   So what can you do to protect yourself, Get a firewall, a Antivirus and learn how to protect yourself to prevent yourself from getting a computer virus.
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Sunday
    Nov022008

    Windows update is getting a revision!

    Author: AuthorPaul Sylvester | Date: DateSunday, November 2, 2008 at 2:09PM |
    [ad#ad2-right]According to Computer World, dated Oct 31, 2008 and I'll quote:
    "Over the next couple of months, we'll be rolling out another infrastructure update to the Windows Update agent (client code)," said an unidentified Microsoft employee on the Windows Update team's official blog. "This update makes it possible for users to install more than 80 updates at the same time."

    [via Computer World]

    Now if your like me and have several computers who need to be updated at a given schedule, you sometimes worry about these updates that come along that might just break your system. I have been using a program call Offline Updater, which does what Autopatcher does really nicely. So why is Microsoft sending out this patch? Two reasons, one they want you to be able to update your operating System without hurting your system integrity.

    Now lets talk about the integrity of having to reboot your system. You see, every time you reboot the system, it causes the system hardware some strain.  It is something like having starting up a car, sooner or later you will have the starter go out, because of to much start up.

    [ad#ad2-left]Second reason for this is, basically the update software needs to be update yet again for any security flaws or features that might be exploitable.  I am sure there are some and Microsoft probably knows about that we do not.   So that is the second reason, which it is the most obvious reason yet to push out another revision of the Windows update.

    What about stopping the update from effecting your system.  The only way that I know of is to prevent Windows from checking for updates.  Which is simple:

    Windows XP Version:

    [Category View and Classic View]


    <Start> / Control Panel / Security / Click Windows Updates

    For Windows Vista:

    <Orb> / Control Panel/ Security Center/ Windows Update / click "change Settings"

    With both ways, you will be able to control four ways to handle Windows updating and they are:

    • Automatic - Will download all necessary updates and install them without your permission or knowledge.  Note some of the updates will automatically reboot your system.  Most commonly they are set to do this every day in the 12am to 4 am period of time.   So when you wake up you would see an log in screen.

      • [ad#ad2-right]
    • Download updates but let me choice which ones to install and when -  This is most commonly used by people who don't want to bother having to check manually.  It will check and download, then it will let you know.



    • Check for updates but don't Download them -  This is like the previous one but this will only tell you.  The rest of the decision is in your hands not the computer.  This is good for people who have limited system resources, like Hard drive space.  It still reminds you like the previous one but won't download any updates.



    • Never check for updates -  This is used for people who don't want to be bothered with updates and have a way to update manually.  This is commonly used by businesses who have several systems on and don't want to risk an update causing trouble or weigh down the companies internet by downloading updates un-necessarily.   This option is not to be messed with because it leaves your system with quite a lot of vulnerabilities.  You do this one if you have a set schedule to update each and everyone system. (Extremely Dangerous to do)


    With what I talked about, I am hoping you find this useful and to share your discoveries with other people who might want to be able to change how Windows updates are handled on other systems.  If you have comments or questions, please post them in the comment section and someone will be more than glad to help you out.
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Wednesday
    Oct292008

    Microsoft Releases MS08-062 to the Public a Month Early!

    Author: AuthorPaul Sylvester | Date: DateWednesday, October 29, 2008 at 5:49AM |

    Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (KB953155)



    This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.



    [ad]





    This update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.



    The security update addresses this vulnerability by changing the way that memory is allocated within the Internet Printing Protocol (IPP) service. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

    [via Microsoft Bulletin]

    Now from what I understand, if you have a Network attached printer on your system this would make you more vulnerable to someone taking control over your system. So this patch is supposed to fix that. I am recommending to all to update this and fix this update ASAP. I do not know if you don't have one what that would do so just install this update, because you will undoubtedly still be runing the Internet Printer Protocol even if you don't have a printer.
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Thursday
    Oct232008

    Microsoft Windows Server Service Vulnerability (MS08-067)

    Author: AuthorPaul Sylvester | Date: DateThursday, October 23, 2008 at 2:27PM |
    A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.

    On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.

    Note: This vulnerability is being exploited in targeted attacks.

    [via FrSirt]


    [ad]


    This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!

    *UPDATE*
    According to Microsoft:
    This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
    [Via Microsoft Security Bulletin]
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
    Wednesday
    Sep102008

    Is Spore Worth 49.99?

    Author: AuthorPaul Sylvester | Date: DateWednesday, September 10, 2008 at 5:26PM |
    So I been doing a little digging and trying to find out what the heck people are complaining about and I found some great reviews telling me exactly why people hate EA.  They don't necessarily hate Spore or Will Wright, but the Security around The Spore game.

    So In a couple of these comments.  These reviews talk about Creating the creatures and All.  I'll submit some of the reviews that I thought was relevant and let you decide for yourself.  I would however wonder the one big question?  Is Spore Worth the Money?   Here's the details that I know of right now:

    [ad]



    1. You can only install it 3 times before you have to call EA to get an override code.  (Although I heard rumors that if you unistall it, you will get a credit for an Install)

    2. You can not Install new hardware or upgrade your hardware because if you do, it'll count as an install, According to this one person.

    3. The game only allows 1 login per Install.  So you can't have more than one character and one universe according to this person.

    4. Part of the Copy Protection prevents you from taking your saved games off your computer and taking it over to your friends house, according to this Person.

    5. On the Mac Version, it tends to breaks subsequent versions of the system services according to this one person.


    According to Amazon the reviews aren't pleasant.  I tend to agree does this mean there are going to be even more people pirating it because they don't want the DRM or Is EA going to send out a patch to fix this.  I am curious as to see how EA responds to all this NONE TOLERANCE to DRM.

    After seeing all these reviews of Spore, I tend to agree with everyone.  I'll probably wait and see before I buy my copy.  All the reviews however don't look promising or even makes the games look like it wouldn't be fun.
    VPN4ALL best privacy&encryption
    CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,