SECURE IT ALERT: Vulnerabilities & Patches in Apple, Adobe, & Microsoft products

Secure IT Alert Header

Homeland Secure IT Alert

Homeland Secure IT Alert for Wednesday, June 09, 2010

Greetings and salutations!

A number of vulnerabilities have been announced this week which may affect your network and computer systems. In most cases the solution is provided in the form of a link.

MICROSOFT WINDOWS, INTERNET EXPLORER, OFFICE, SHAREPOINT SERVICES & .NET FRAMEWORK:

-CRITICAL-

Microsoft has released updates for Windows OS, Internet Explorer, Office, SharePoint Services and the .NET Framework. These vulnerabilities may allow an attacker to execute arbitrary code.

The solution – Update, update, update.

Microsoft instructions for applying the patches to prevent this are located here:

http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx

ADOBE FLASH PLAYER, READER & ACROBAT:  -CRITICAL-

Adobe announced that critical vulnerabilities have been identified in Adobe Flash Player 10.0.45.2 and earlier 10.x versions, Flash Player 9.0.262 and earlier 9.x versions, Adobe Reader 9.3.2 and earlier 9.x versions and Adobe Acrobat 9.3.2 and earlier 9.x versions Other products that support Flash may also be vulnerable, including Photoshop, Photoshop Lightroom, Freehand MX and Fireworks.

These vulnerabilities could allow an attacker to run malicious code on the affected systems.

Adobe recommends users to update to the latest versions of their products and apply the latest update patches. Primarily upgrading to the release candidate of Flash Player 10.1 or optionally uninstall Flash or restrict which sites are allowed to run Flash.

This affects the Microsoft Windows and Mac OS X platforms, as well as GNU/Linux distributions.

Adobe instructions can be located here:

http://www.adobe.com/support/security/advisories/apsa10-01.html

APPLE SAFARI VULNERABILITIES PATCHED: -CRITICAL-

Apple has plugged 48 security holes in the Safari browser. Some of these vulnerabilities could allow an attacker to execute arbitrary code by convincing a user to open a specially crafted web page. Exploit code is publicly available, so please do not hesitate in updating.

Apple Safari update information is available here:

http://support.apple.com/kb/HT4196

As always, keep your operating systems, applications and Anti-Virus up to date, and you will avoid most problems.

If we can be of any assistance at all, please do not hesitate to contact us…

Enjoy your hump day!

Homeland Secure IT Alert Footer

Homeland Secure IT Alert - Contact Info

1

SECURE IT ALERT: 48 Holes Plugged in Apple Safari Browser! Looks like Microsoft IE has some competition!

Apple Safari Browser

Apple's Safari browser offers MS IE some stiff competition for security vulnerabilities!

The headline says it all – Apple just patched 48 vulnerabilities in their Safari internet browser, making it appear that the highly revered browser is now more of a threat to society than Microsoft’s Internet Explorer! Imagine that!?!?

Apple considers the updates to be “highly critical” and they are available for both v4.1 and v5.0, on both the Mac and the Windows operating system platforms..

What kind of vulnerabilities you ask? A number of them involve what is known as “remote code execution”, where a person browsing with a vulnerable version of the Safari browser could happen upon a malicious website, and code on that site could take ownership of the browsing computer by exploiting the security holes. The list is available HERE.

The solution is to get your browser updated ASAP, either to the latest version of the browser, which will get the latest updates, or, to update your current version. Should you require help with that, reply and I will try to give a step-by-step. Of course, there are alternate browsers you can use too, such as Mozilla Firefox, Google’s Chrome and Microsoft Internet Explorer to name a few.

Homeland Secure IT offers computer, server and network support, service and repair to Greenville and Upstate SC based businesses and individuals, so should you question your computer’s security, please don’t hesitate to give us a call at 864-990-4748, respond here or email johnh@homelandsecureit.com

Scareware is spreading like wildfire – Trend Micro can help protect you and your business computers

Trend Micro Worry Free Business Security Anti Virus Promotion

Trend Micro is offering 3 years for the price of two on Worry Free Business Security products!

Surely you have read about it, or maybe even been infected by it… Scareware, or software which is installed when visiting a malicious website, opening an email or installed as part of a payload of another piece of malware can look quite realistic. You are presented with a window that says, “You computer is infected with XXX viruses – clean now?”, and should you opt to clean it, you are told for only 49.00 dollars, the software that found the viruses will clean up your computer. What a deal!

Here’s where the average user will pony up the money by entering their billing information, account information, credit card number, etc… Then the software cleans up their computer. Or so it appears, for a while. What is actually going on is multi-faceted. In many cases, the malicious software that prompted the user for their information has just sent private and financial information to some centralized collection point (often controlled by organized crime in foreign countries), where people may work to steal their identity, or possibly make additional purchases on the credit card provided. Sometimes the software will give remote users full control of the infected computer, or join the computer to a botnet where it is used to attack others and/or send tons of SPAM… Most of the time, the software will wait a while, then say it has found more infections and prompt them to pay for removal again. And the user will do so. We had one man tell us he had done it twice, and wondered why it never cleaned his computer.

Cleaning this type of mess up is sometimes an easy fix, which any competent computer technician should be able to repair in a reasonable amount of time, and tech savvy users can do themselves. Other times, the computer is so badly infected by the mal-ware the user is seeing, and the other pieces of software that were delivered and installed that it may be better to simply backup the data, then wipe and reload the PC to insure ALL the malicious software is removed. Of course, we can assist with this should you find yourself in this unfortunate situation… Just call us or drop the PC by if you need a virus clean up and are in the Greenville or Upstate SC area.

I think it goes without saying that the best way to avoid this type of inconvenience is to always use the latest anti-virus software, and make sure it is enabled and downloading the most current virus definitions. Here at Homeland Secure IT, we recommend as well as offer sales and installation of Trend Micro Anti-Virus products. Our clients report that Trend Micro AV does not slow down their computers like other Anti-Virus packages they have used, and we see fewer compromised PCs as well! If you would like more information about what Trend Micro can do for you or your business, please give us a call at 864-990-4748 or email johnh@homelandsecureit.com.

There is currently a special on Trend Micro Worry Free Business Security anti-virus products that can save you money on a 3 year purchase! You get three years of coverage for your business for the price of two!

We offer clean-up of viruses, trojans, worms, spyware, grayware, scareware and all forms of malware at reasonable rates and with quick response to Greenville and surrounding areas. Let us know what we can do for you. If you are unsure what your company is doing to protect against malicious software, call us for a free evaluation.

1

Internet Problem Solving Contest 2010

This is just too slick….  This weekend brings IPSC 2010, the Internet Problem Solving Contest 2010.  What is it? Teams of up to 3 people will compete on the 6th of June to win cash prizes by working together to solve a series of problems. Go here for the information http://ipsc.ksp.sk/

If you are competing, let me know how you do!

1

Your Apple Mac Needs a Backup too! Try our FREE Online Backup Trial of Servosity!

Safe and Secure Online Backup

Backup your Mac using our online backup solution!

Not a week goes by that I am not reminded of how devastating it can be for someone to lose their data. Yesterday a nice guy called about his Macbook that had a drive failure and he took it all the way to Charlotte to have the Mac Store look at it. They are replacing the drive under warranty, however, the data was lost. The fella had a backup – from February – on an external USB drive, but unfortunately, he had run out of space on the drive during the backup and it had corrupted the data that was on there. I had him leave the USB drive with us and we ran our data recovery software on it and was able to recover ~104k files (about 100gb) but probably not nearly all of his data because the original backup did not complete.

This story repeats itself all too frequently. Then we hear the inevitable comment, “If only I had…” just about every single time it happens….    You know, “If only I had backed up”, “If only the drive didn’t fail”, “If only the external USB drive worked” and “If only I had 1000 dollars to recover my data from the shredded hard drive”….

As sad as it is, there are ways to avoid this and far too many of us are aware of them and STILL don’t do anything about it. WHY? Because it is too much trouble, too complicated, too costly, too time consuming, etc.

We have the answer to all those excuses! We offer an awesome online backup solution that can help you protect your data with absolutely no interaction at all. You set it, and forget it (I bet that is a trademarked term and some lawyer will now call me)…. Yes, you install it, configure it, and stop worrying about your data because it is stored “in the cloud”. Not on a fragile USB drive. Or heck, you can double-up and backup to USB drives and this great online backup both. You simply can not have too much insurance against data loss!

This online backup solution is called Servosity, and we provide a free trial to let you see if you like it, and if so, we will bill you monthly for only the data you are backing up. It is not just for Microsoft Windows, as Servosity is designed for multiple operating systems, including Apple Mac OS X! Other operating systems are: RedHat Linux, Novell Netware, Sun Solaris, IBM AIX, most every Linux and Unix distribution and platforms that support Java2 SDK standard edition v1.3.1 or later. Of course it works with Microsoft Windows (Just about every flavor) and can backup Microsoft Exchange, Microsoft SQL, MySQL, Oracle, etc, etc, etc!

It runs unattended, in the background, without consuming all your resources, and the only requirement is that your machine be online during the backup window…  The backup window can be set to any time of day you wish…  The Pro version of this offering can also provide a continuous backup if so configured and desired.

My wife and our clients love getting an email every day that says their data has been backed up successfully. It gives them peace of mind, and in some cases, it can save a job, because if you are in charge of important data and it becomes lost or damaged, your employer may find a way to help you become lost, or damaged…

If you want to experience peace of mind with your data, give us a call at 990-4748 or email johnh@homelandsecureit.com and I’ll be glad to tell you all about the benefits of Servosity and set you up for a free trial! If you are in the Greenville / Upstate, SC area and would like a free evaluation of your computer network service and backup needs, just let us know!

The FCC Wants You Signup to Shape the Future of Broadband in America

Federal Communications Commission Logo

The FCC wants you to signup to shape the future of broadband in America

The FCC is looking for about 10,000 good men and women to help test their broadband connections in certain markets and from certain providers by installing a piece of equipment to meter the throughput at their home.

If you are interested in participating, you can go to https://www.testmyisp.com/ and fill out the application. You must meet certain requirements, such as having a high speed / broadband connection like cable or DSL from prividers such as Charter, AT&T, Cable One, Cablevision, CenturyLink, Cincinnati Bell, Clearwire, Comcast, Cox,  Fairpoint, Frontier, Hughes, Insight, Mediacom, Qwest, RCN, Time Warner Cable (Roadrunner), Verizon, WildBlue/ViaSat, Windstream, or “other”, which will allow you to write in your broadband provider.

Apparently, they will place a simple device onto your LAN, and you must agree to the terms of usage, such as leaving it on 24/7, not trying to reverse engineer the device, etc.

Conspiracy theories are already out there that this device will be doing more than watching your throughput, such as watching your browsing habits. Possible, but unlikely. The company that has partnered with the FCC would probably not want to get that kind of bad press if this were found to be true.

I signed up our home and will let you know if we are selected…

1

And the winner of the Cisco Flip MinoHD camera giveaway at Homeland Secure IT is…

And the Winner of the Cisco Flip MinoHD camcorder is

And the Winner of the Cisco Flip MinoHD camcorder is

Now for the moment you have been waiting for…   Drum roll please…..

Well first I will explain what we were doing for those who don’t have a clue.

A few months ago, Homeland Secure IT entered a contest on Brickfish.com that was put on by Cisco…  It was called “Heros of the Human Network”, which had businesses and organizations put up a reason why they should win something from Cisco. We entered, and then posted that we had entered on Facebook, Twitter and MySpace, and a few websites… We asked that everyone go vote for us, and they did.  Not only did they vote, they reposted our request, and though we didn’t win the 5 thousand dollars from Cisco, we won a Cisco Flip MinoHD  camcorder!!!!

We decided that since we already have a Flip, we would give it away to the same people who had supported us and helped us win it!

These are cool little cameras. Full 720p digital camcorder that you can slip in your pocket with built-in software to allow you to make quick edits and upload to your favorite site like YouTube.com. I have a lot of fun with mine, and the winner will also have fun with theirs I am sure!

To determine a winner, I took the list of people who are on our mailing list, and those who subscribe to this blog, and ran a random number generator to pick a number that corresponded to the list of subscribers. 15 was the lucky number!

Andrea Bennett was lucky number 15 and she has been notified via email.  Should Andrea not respond, we will just give it to someone else, but my money is on a quick response from her!

Thank you to everyone for playing along in our little game! Who knows, maybe we can do it again sometime soon!!!!   Have a great week…

2

The Homeland Secure IT office is closed today in honor of those who made the ultimate sacrifice for our country

United States of America Flag

God bless America and those who protect her!

Like the title says – our office is closed in honor of Memorial Day and those who have fought for the many freedoms we have in the USA!

We ARE available via phone (864-990-4748) and email (johnh@homelandsecureit.com)… Should the need arise, do not hesitate to call or email us!

America is an amazing country, with a rich (though short) history, where individuals of any race, sex, religion or belief have more freedom than in any other country in the world. That didn’t just “happen”… Many wars have been fought to protect our way of life, and in those wars, unimaginable numbers of soldiers who fought in the countless battles died. We should never forget those soldiers and their loved ones who made that sacrifice so that we can continue to live the American dream.

I urge you to take a few moments today to give honor to the people who have given YOU and ME so much.

All of you who have served in the US Armed Forces or have family who have served, or maybe are currently serving, have my respect and appreciation!  God bless you and this country!

Finally, Microsoft IE6 is scheduled for euthanasia!

Microsoft Internet Explorer 6 IE 6

Microsoft Internet Explorer 6 finally going to die!

Internet Explorer 6 has served us well. So well that people are still using it instead of the updated versions or the alternative browsers that are available. Estimates are that IE6 has a share of the browser market of around 20-25%, but a review of our own web logs which keep tabs on which browsers are used to view our site indicate that of the Explorer users only 6.69% viewing our site are using IE6. ( 18.4% are using IE 7 and 74.91 are using IE 8 )

That said, IE6 is also full of holes that cannot be easily fixed, nor is it worth it to MS to try to maintain IE6 when IE8 addresses these issues. So upgrade your browser…  Upgrade to IE8, or try an alternative browser like Mozilla Firefox, Google Chrome, etc…  Just dump IE6! Need more incentive? Many websites have planned for the demise of IE6. They will no longer offer support for it soon. And Microsoft has pledged to kill off IE6 themselves just this week.

Here is an entertaining link from Microsoft Australia about IE6, which says “You wouldn’t drink milk that was past its expiration date” – Gotta admit, that’s a great point!

If you require help in installing a new browser or want to discuss this further, email me at johnh@homelandsecureit.com or call us at 864-990-4748 – Or optionally, reply to this post.

Have a great Memorial Day Weekend with your family. Please remember that if you are an American, many people have fought and died for your freedom!