It’s that time of year again… School is starting up as I write this…

This means many people are buying notebook and desktop computers for their school-bound children and many are paying full retail price for Microsoft Office 2010.

It doesn’t have to be that way.  Microsoft has a special that lets students who purchase Microsoft Office 2010 Home & Student download Outlook, Publisher and Access free of charge, so basically, you get everything that is in the higher dollar version without the added expense.

But there are still other programs available. There is the Microsoft Academic Program that lets you purchase a steeply discounted version of Microsoft Office 2010 Academic, or Microsoft Windows 7.

Knowing about these opportunities can save you some big money, which is a blessing when sending your child off to college. (Our daughter Megan starts college in about a week! EEEP!).

If you would like more information, please call us at 864.990.4748 or email info@homelandsecureit.com – We have computer and software sales & specials for Greenville & Upstate SC students all the time, but Microsoft’s current special for free downloads are avilable only through September 25th, 2011.

Homeland Secure IT Alert

Homeland Secure IT Alert for Monday, April 11th, 2011

You’ve waited a whole month for this, and Microsoft has not let you down.  Updates galore are ‘a comin’ tomorrow, April 12th, 2011.

The Microsoft Security Bulletin Advance Notification states that this Patch Tuesday will be a big one. A total of 17 fixes, addressing 64 security vulnerabilities are there for your enjoyment and they cover just about everything, from current versions of Microsoft Windows Operating Systems to Microsoft Office and even Microsoft Windows Server PowerPoint web app.

There are  9 critical, 8 important and two which address information disclosure/privilege threats.

One important update is the cumulative fix for the Internet Explorer browser which will address every supported Windows OS and covers IE 6, IE 7 and IE 8.

Microsoft will be sponsoring a webcast on April 13th at 11AM Pacific here: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032455069&EventCategory=4

Should you have issues or concerns about these updates or any Microsoft Security or Support questions in the Greenville / Upstate, SC area, please call us at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert

If you own a smartphone, you know what your cellular provider does to the phone before you get it. With Android based phones, each phone is subjected to a custom install of carrier specific “tools” laid on top of the beautiful Android OS.

Verizon thought you didn’t need the Google browser by default, so they sent you to Bing, and Sprint, they thought navigation would be better handled elsewhere, etc. So you really don’t get a Google Android phone the way Google intended it to be, and in turn, phones run slower, lack the ability to perform certain functions, and it sure makes it difficult to compare a Samsung Galaxy phone on Verizon to one on Sprint or another carrier because they don’t have the same exact install. Most consider them crippled.

You will find a growing number of people have opted to “root” their phones and bypass the garbage, or install a pure Google Android OS on it. Creating phones that run much faster than their stock counterparts.

What about computers? For years, manufacturers of computers have been bundling software with computers. This preinstalled software could add a specific function, allowing you to access features of a notebook that are not supported by the stock Microsoft Windows Operating System, or they could just be junk.

The “junk” ranges from demos of games and applications, to browser search bars and other tools.

It’s easy to see why a manufacturer would bundle a trial of Norton Anti-Virus, because if you register it, they likely get a kickback from Symantec, but, could manufacturers be loading something malicious?

In one article, a man has claimed that Samsung has loaded a keystroke logger on new notebooks… Samsung is denying this, and it is possibly that VIPRE is producing a false positive, but, none-the-less, a cause for concern. Time will tell in this matter.

All these things taken into consideration, it is easy to see why some people buy a new computer and immediately wipe and reload a pure Microsoft Windows operating system.

One reason we love offering computers from Seneca Data, such as the Nexlink series that we offer businesses, is that they do NOT come loaded down with junk. Though, they have in recent years begun to install a tool to allow for easy restore disk creation, a trial of Norton and a pre-load of the Microsoft Office trial, we believe these to actually be tools a new computer needs.  We CAN order them with NO operating system, and we can provide them with our own build of the OS to preimage.

Should you be interested in computer for your business that you are SURE do not come pre-loaded with unwanted software, you might want to give our Seneca Data Nexlink computers a serious look!  Call us at 864.990.4748 or email info@homelandsecureit.com for more information. We offer computer & server sales, service and support to Greenville / Upstate businesses and individuals.

Homeland Secure IT Alert

Homeland Secure IT Alert for Wednesday, March 23, 2011

Adobe has released out-of-cycle updates earlier this week that affect Flash Player, Reader and Acrobat across many platforms such as Apple Mac OS X, Microsoft Windows, Android and Chrome… Here is the summary from the WatchGuard Security Center:

Severity: High

21 March, 2011

Summary:

• These vulnerabilities affects: Recent versions of Adobe Reader, Acrobat,  and Flash Player
• How an attacker exploits it: In various ways, but most commonly by enticing your users into visiting a website containing malicious Flash or Reader content
• Impact: In the worst case, an attacker can execute code on your computer, potentially gaining control of it
• What to do: If you use these popular Adobe products, you should download and install their various updates as soon as possible.

Exposure:

Typically, Adobe’s quarterly Patch Day falls on the same Tuesday as Microsoft Patch Day (the second Tuesday of the month). However, a recent zero day Flash exploit circulating in the wild has encouraged Adobe to release a few out-of-cycle patches early. Today, Adobe released two security bulletins that fix a  zero day Flash vulnerability in Reader, Acrobat, and Flash Player, running on all platforms (including Android).

Though the two bulletins affect different software, they both fix the same core Flash related vulnerability that we described in our earlier WatchGuard Security Center post. As usual, Adobe doesn’t describe this zero day flaw in any technical detail. However, they do mention that the flaw lies within the authplay.dll component, which all three vulnerable products use. By enticing one of your users to visit a web site or download a PDF file containing malicious flash content, an attacker could leverage this flaw to execute code with that users privileges. If your users have administrative or root privileges on the victim platform, the attacker would gain complete control.

As was the case during our first post, attackers have been exploiting this flaw in the wild (even before Adobe knew it existed). If you use the affected software (as most users do), we highly recommend you install Adobe’s updates immediately.

For more details about these update, see Adobe’s bulletins below:

• APSB11-05: March 2011 Flash Player Update
• APSB11-06 : March 2011 Reader and Acrobat Update

Solution Path:

Adobe has released Reader, Acrobat, and Flash Player updates to fix this flaw. If you use any of the software below, we recommend you download and deploy the corresponding updates as soon as possible, or let Adobe’s automatic updater do it for you. Note: Adobe has not yet released a Reader X update for this vulnerability, since Reader X’s default sand-boxing technology should protect you from this flaw by default.That said, we do expect a Reader X update at a later date.

• APSB11-05:
  • Flash Player 10.2.153.1
  • Flash Player 10.2.156.12 for Android <= (link only works from Android phone)
  • Google Chrome (w/Flash 10.2.154.25)
  • AIR 2.6
• APSB11-06:
  • Adobe Reader
  • For Windows
  • For Mac
    • Adobe Acrobat
    • Standard and Pro for Windows
    • Pro Extended for Windows
    • Pro for Mac

For All WatchGuard Users:

Some of WatchGuard’s Firebox models allow you to prevent your users from downloading certain types of files via the web (HTTP) or email (SMTP, POP3). If you like, you can temporarily mitigate the risk of some of these vulnerabilities by blocking various Adobe-related files using your Firebox’s proxy services. Such files include, .PDF, .SWF, .DIR, .DCR, and .FLV. That said, many websites rely on these files to display interactive content. Blocking them could prevent some sites from working properly. Furthermore, many businesses rely on PDF files to share documents. Blocking them would affect legitimate files as well. For that reason, we recommend the updates above instead.

Nonetheless, if you choose to block some Adobe files, follow the links below for video instructions on using your Firebox proxy’s content blocking features to block files by their file extensions:

• Firebox X Edge running 10.x
  • How do I block files with the FTP proxy?
  • How do I block files with the HTTP proxy?
  • How do I block files with the POP3 proxy?
  • How do I block files with the SMTP proxy
• Firebox X Core and X Peak running Fireware 10.x
  • How do I block files with the FTP proxy?
  • How do I block files with the HTTP proxy?
  • How do I block files with the POP3 proxy?
  • How do I block files with the SMTP proxy?

Status:

Adobe has released updates to fix these vulnerabilities.

References:

• Adobe Flash Player Security Bulletin
• Adobe Reader Security Bulletin

This alert was researched and written by Corey Nachreiner, CISSP. (@SecAdept)

—

If you require assistance with these or any other computer service related issues in Greenville or Upstate SC, please call 864.990.4748 or email info@homelandsecureit.com – We are WatchGuard partners and offer sales and support of their fine line of security appliances to help protect your network!

Homeland Secure IT Alert

In a conversation today, I heard how much someone had just paid for 18 full retail versions of Microsoft Office 2010 Professional which they purchased online because they were not aware of other ways in which you can obtain the product.

If you are in Greenville / Upstate, SC and need to buy Microsoft Office 2010, please consider giving us a call! We may be able to save you or your business some money on Microsoft products, such as Microsoft Office Home & Student,  Home & Business, Standard Professional, Professional Plus and Office for Office for Mac in addition to making administration of larger quantities much easier.

Different ways Microsoft Office 2010 can be purchased include:

• Microsoft FPP (Full Product Package) – This is the full retail package, includes media and product license and ability to load on a desktop AND  a notebook (restrictions apply). Versions available are Microsoft Office 2010 Home & Student, Home & Business and Professional.
• Microsoft PKC (Product Key Card) – If you buy a new PC with the Office Trial loaded on it you can purchase the PKC for Microsoft Office 2010 Home & Student, Home & Business and Professional (cheaper than buying the Full Product Package)
• Microsoft Volume Licensing – If you have a business or organization and need to purchase 5 or more copies at a time, this is the way to go! Open licensing is a downloadable product which saves on packaging and thus is better for our environment, and in turn, saves you money! You have only one product key to keep up with and can place the same installation package on a file server to install across machines on your domain. Microsoft Office 2010 Standard and Professional Plus are available via this method. We can help determine which is best for you!

In addition to those methods, non-profit organizations which we work with can obtain almost unreal pricing through some programs we have available!

If you would like more information on which version may be right for you or your business, click the more info banner to the left, or feel free to call 864.990.4748 or email info@homelandsecureit.com

We are a Microsoft Partner & Small Business Specialist and would love the opportunity to help you with any Microsoft purchase or support, whether it is Microsoft Office 2010, Microsoft Windows 7, Microsoft Server 2008 R2, Microsoft Small Business Server 2011, Microsoft Exchange 2010, Microsoft Link Server, Microsoft BPOS / Business Productivity Online Suite, Office 365, and more…  One seat or one thousand!

Those of you who are using a notebook computer or mobile device such as an iPad, iPhone, Android or Android tablet and connecting to those public free wifi access hotspots may want to just ditch the WiFi after what I heard about today…

In spite of what I said about safe browsing from public wi-fi hotspots using a VPN a while back, it sounds like a “proof of concept” is about to be published which states that the mere action of connecting to a public WiFi hotspot, then establishing the VPN can potentially give away the VPN credentials. This could potentially happen whether it is an open (unsecured) access point, or a rogue (man-in-the-middle) AP.

If this is true, which we should know in a few weeks, then it sounds to me like ditching WiFi all together is not a bad idea if your data is valuable. 3g and 4g connectivity through your wireless provider may well be the best bet.

Obviously, this is not platform specific (Mac would be just as vulnerable as a Windows PC), and it is not a bug in the operating systems or VPN software.

I will be posting more information should it be proven to be a legitimate threat. Until then, stay safe….

A computer security post on TGDaily.com entitled, “BlackHole RAT Trojan targets Mac OS X” discusses Mac’s very own variant of a Microsoft Windows Remote Access Tool (RAT) called darkComet.

The Mac version is known as “BlackHole RAT” and it is not quite ready for prime time, though it seems to offer a great stepping stone to be used to target the Mac OSX platform. While most Mac owners still believe they are impervious to exploits, blog articles and service requests tend to prove otherwise. The Mac has mainly been an unattractive target to the authors of malware because the rewards for their efforts would be low.

This is basically “security through obscurity” which certainly can work, but Mac sales have been increasing slowly, making the operating system a little more visible on the black hat radar.

Those of you reading this blog probably feel I am beating a dead horse, but now is the time for you Mac owners to get anti-virus on your systems. It actually may be too late, since the Mac is such a great multitasking system, you may be infected, and not even know it. Another thing to seriously consider is backup!

We recommend Trend Micro for your Mac, and offer it for sale. We can also help with Greenville / Upstate SC Mac virus removal and cleanup, as well as Servosity Online Backup for your Mac. Please call 864.990.4748 for more information, or email info@homelandsecureit.com

I am hearing that many people are opting to not install Microsoft Windows 7 SP1 which was released back in February 22, 2011.

The reasoning is that it is a large download (750MB or 1GB depending on whether you need 32bit or 64bit versions), a long install process, and there are no enhanced features.

So what does the Service Pack provide? A compilation of security patches and non-security related fixes which have already been addressed and released via Windows Update. So basically, if you have kept up to date with updates as they have been released, SP1 is not going to give you additional security.

SP1 would certainly be handy for those installing a new version of the operating system, especially computer repair and computer service techs who generally have to install a slew of updates after a fresh install. With the release of SP1, a fresh install, followed by SP1 and a few other patches, brings the computer fully up to date. The SP1 install can be downloaded and stored on a DVD for later install, or optionally it could be slip streamed into a full install for computer techs who do LOTS of installs of the OS.

There are two enhancements that are included in the Service Pack, and that is an updated Remote Desktop client that functions with RemoteFX, a new technology that is included in the Windows Server 2008 R2 SP1, released in concert with Windows 7 SP1… Dynamic Memory was also implemented into the Service Pack, which allows virtual machine memory to be adjusted in real-time.

If you would like more information about Microsoft Windows 7 SP1 or Windows Server 2008 R2 SP1, or if you require computer service or repair for your Microsoft Windows based workstation or server, please call 864.990.4748 or email info@homelandsecureit.com – We are your Greenville / Upstate Microsoft Small Business Specialists!

Homeland Secure IT Alert

Homeland Secure IT Alert for Thursday, February 23, 2011

Microsoft has released Security Advisory 967940, titled “Update for Windows Autorun”, and it covers an issue that has long plagued Microsoft Windows Operating Systems. When you insert a USB flash drive, or USB hard drive, Windows has attempted to treat them like CD/DVD material and perform an autorun on it. While most IT professionals and tech savvy individuals have disabled that feature, and anti-virus developers such as Trend Micro have provided an option to disable that function, as gaping hole has been there for everyone else.

How has it affected people? Many ways, from a person inserting their USB flash drive from home into a business computer and the autorun functionality automatically installing the malware that was on the home system directly onto a network computer, creating a huge network security issue, down to malicious people dropping a flash drive containing malicious software on it in the parking lot of a large company they wanted access to. This resulted in workers at said company picking up the flash drive and inserting it into a computer on the corporate network in an attempt to see what was on it or find the owner to return it, and unknowingly permit software that would allow remote access to the network.

So, finally, after years of this, Microsoft has addressed it!

Microsoft has also published MS10-077, a revision to a bulletin posted in 2010 for a change to the Microsoft .NET Framework 4.0 update package. And MS10-070, which is yet another revision to .NET Framework 4.0. These are labeled “Critical” and “Important”, respectively.

Keep your systems up to date, and be sure you have current anti-virus… We recommend and sell Trend Micro Worry-Free Business Security and Titanium. In Greenville / Upstate, SC please call 864.990.4748 or email info@homelandsecureit.com for more information…

Homeland Secure IT Alert

Homeland Secure IT Alert

Secure IT Alert for Wednesday, February 9th, 2011

The February 2011 Patch Tuesday was not boring…   Updates include something for everyone.  Basically every current Microsoft Windows OS version was addressed.

The big one was the IE Update that fixed four code execution holes in the popular web browser.

In addition to fixing thumbnail and font vulnerabilities which mainly affect desktop users, several updates are very important for your servers.

Windows Server has an Active Directory DoS potential, elevation of privileges vulnerabilities from Client/Server Run-time SubSystem (CSRSS), LSASS, Kerberos  & multiple kernel related issues and an Information Disclosure Vulnerability from scripting engines… Most of these are for XP & Windows Server 2003 but the scripting issue affects Windows 7 & Server 2008 R2 only.

As with most of these, Server Core is not affected.

Please apply the appropriate patches ASAP.  Windows Update should be run, or if you are using WSUS, it should handle this for you.

But wait, there’s more!

Microsoft Visio 2002, 2003 and 2007 are vulnerable to code execution… More information is available in the MS11-008 Security Bulletin. This does not affect Visio 2010 or Visio 2007/2010 Viewer.

The Windows IIS FTP service running on Windows Vista, Windows 7, Server 2008 and Server 2008 R2 suffers from a buffer overflow vulnerability which if exploited could cause a DoS (Denial of Service) or worse, allow an attacker to obtain full control of the server. This one is likely the most severe of the updates and should be addressed immediately!

Should you require assistance, or have questions, please call us at 864.990.4748 or email info@homelandsecureit.com. We offer Microsoft Support in Greenville and Upstate, SC.

Homeland Secure IT Alert