The document outlines that on May 16th US-CERT was informed that two websites www.federalnewsradio-dot-com and www.wtop-dot-com had been compromised and that redirects had been put in place that would send Internet Explorer users to a package that would install malicious software (an exploit kit). It also highlights the fact that as of May 17th, it was confirmed that this redirect and payload were both removed from those sites.

People who visited those sites while the redirect was in place could be potentially compromised themselves.

In order for the exploit to work to correctly, you would need multiples of the following:

• A computer running Microsoft Windows, presumably without OS updates in place
• Be using Microsoft Internet Explorer as your browser
• Have an older, unpatched version of Adobe Reader or Acrobat installed
• Have an older, unpatched version of Oracle Java installed
• Have inadequate or un-updated anti-virus in place

The more of those criteria that you meet, the higher the likelihood of your machine becoming exploited and in this particular case, having the ZeroAccess Trojan installed and potentially the FakeAV/Kazy malware piggybacked with that. ZeroAccess gets busy once in place, joining a command and control system, and downloading additional malicious applications such as a fake Flash installer.

Protecting yourself is easy to do. Install updates, use quality anti-virus, and a dash of common sense helps too!

Protecting an entire network with several computers and servers may be a more demanding task. You probably want to get a qualified service provider to assist in that endeavor.

If your business is in the Greenville, Spartanburg or Anderson SC, we would love to discuss security issues with you. Homeland Secure IT provides computer, server and network security, support and sales to the Upstate. We are partners with some of the biggest names in the business, such as Cisco, WatchGuard, Microsoft, Symantec, Trend Micro and more!  Please call us at 864-990-4748 or use our contact form on our website!

One other thing – if you feel for some reason that you may be infected, most of the time, you are. Don’t take a chance. We can help scan your machines or networks and clean them up should that be the case.

May 2013′s Patch Tuesday!

Brought to you by Microsoft.

Yes, Patch Tuesday is loaded with a plethora of updates that will keep you busy for a few moments. The rundown on the updates is listed below in the advance notification, but suffice it to say, you NEED to update your computers.

If you have any problems or questions, Homeland Secure IT would like to help you out. Please call us at 864-990-4748 or use the contact form on our website.

Stay safe out there!

—

Critical Security Bulletins

============================

Bulletin 1

- Affected Software:
- Windows XP Service Pack 3
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 6
- Internet Explorer 7
- Windows Vista Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Internet Explorer 7
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
(Windows Server 2008 R2 Server Core installation
not affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Internet Explorer 8
- Windows 8 for 32-bit Systems
- Internet Explorer 10
- Windows 8 for 64-bit Systems
- Internet Explorer 10
- Windows Server 2012
- Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
- Windows RT
- Internet Explorer 10
- Impact: Remote Code Execution
- Version Number: 1.0

Bulletin 2

- Affected Software:
- Windows XP Service Pack 3
- Internet Explorer 8
- Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 8
- Windows Server 2003 Service Pack 2
- Internet Explorer 8
- Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 8
- Windows Vista Service Pack 2:
- Internet Explorer 8
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 8
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 R2 Server Core installation
not affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Internet Explorer 8
- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

Bulletin 3

- Affected Software:
- Windows 8 for 32-bit Systems
- Windows 8 for 64-bit Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows RT
- Impact: Denial of Service
- Version Number: 1.0

Bulletin 4

- Affected Software:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for 64-bit Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows RT
- Impact: Spoofing
- Version Number: 1.0

Bulletin 5

- Affected Software:
- Microsoft Communicator 2007 R2
- Microsoft Lync 2010 (32-bit)
- Microsoft Lync 2010 (64-bit)
- Microsoft Lync 2010 Attendee (admin level install)
- Microsoft Lync 2010 Attendee (user level install)
- Microsoft Lync Server 2013
- Impact: Remote Code Execution
- Version Number: 1.0

Bulletin 6

- Affected Software:
- Microsoft Publisher 2003 Service Pack 3
- Microsoft Publisher 2007 Service Pack 3
- Microsoft Publisher 2010 Service Pack 1 (32-bit editions)
- Microsoft Publisher 2010 Service Pack 1 (64-bit editions)
- Impact: Remote Code Execution
- Version Number: 1.0

Bulletin 7

- Affected Software:
- Microsoft Word 2003 Service Pack 3
- Microsoft Word Viewer
- Impact: Remote Code Execution
- Version Number: 1.0

Bulletin 8

- Affected Software:
- Microsoft Visio 2003 Service Pack 3
- Microsoft Visio 2007 Service Pack 3
- Microsoft Visio 2010 Service Pack 1 (32-bit editions)
- Microsoft Visio 2010 Service Pack 1 (64-bit editions)
- Impact: Information Disclosure
- Version Number: 1.0

Bulletin 9

- Affected Software:
- Windows Essentials 2011
- Windows Essentials 2012
- Impact: Information Disclosure
- Version Number: 1.0

Bulletin 10

- Affected Software:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for 64-bit Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows RT
- Impact: Elevation of Privilege
- Version Number: 1.0

Let me just say… Update your Microsoft Windows based computers.

As you will see below, the biggest vulnerability is your Internet Explorer, which should be updated, even if you are using another browser.

Should you require assistance installing these or any other security updates, please call upon us in the Upstate of SC.

We can also provide patch management which will apply updates across your entire network and permit the ability to see the status of each machine without visiting them individually.

864-990-4748 or use the contact link on our website for more information…

Here’s the full Security Bulletin from Microsoft:

********************************************************************
Microsoft Security Bulletin Summary for April 2013
Issued: April 9, 2013
********************************************************************

This bulletin summary lists security bulletins released for April 2013.

The full version of the Microsoft Security Bulletin Summary for April 2013 can be found at http://technet.microsoft.com/security/bulletin/ms13-apr.

With the release of the bulletins for April 2013, this bulletin summary replaces the bulletin advance notification originally issued on April 4, 2013. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications at http://technet.microsoft.com/security/dd252948.

Microsoft is hosting a webcast to address customer questions on these bulletins on April 10, 2013, at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://technet.microsoft.com/security/bulletin.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

Critical Security Bulletins
============================

MS13-028

- Affected Software:
- Windows XP Service Pack 3
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 6
- Internet Explorer 7
- Windows Vista Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Vista x64 Edition Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Windows Server 2008 for 32-bit Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2:
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Internet Explorer 7
- Windows 7 for 32-bit Systems:
- Internet Explorer 8
- Internet Explorer 9
- Windows 7 for 32-bit Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Windows 7 for x64-based Systems:
- Internet Explorer 8
- Internet Explorer 9
- Windows 7 for x64-based Systems Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Windows Server 2008 R2 for x64-based Systems:
- Internet Explorer 8
- Internet Explorer 9
(Windows Server 2008 R2 Server Core installation
not affected)
- Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
(Windows Server 2008 R2 Server Core installation
not affected)
- Windows Server 2008 R2 for Itanium-based Systems and
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Internet Explorer 8
- Windows 8 for 32-bit Systems
- Internet Explorer 10
- Windows 8 for 64-bit Systems
- Internet Explorer 10
- Windows Server 2012
- Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
- Windows RT
- Internet Explorer 10
- Impact: Remote Code Execution
- Version Number: 1.0

MS13-029

- Affected Software:
- Windows XP Service Pack 3
- Remote Desktop Connection 6.1 Client
- Remote Desktop Connection 7.0 Client
- Windows XP Professional x64 Edition Service Pack 2
- Remote Desktop Connection 6.1 Client
- Windows Server 2003 Service Pack 2
- Remote Desktop Connection 6.1 Client
- Windows Server 2003 x64 Edition Service Pack 2
- Remote Desktop Connection 6.1 Client
- Windows Vista Service Pack 2
- Remote Desktop Connection 6.1 Client
- Remote Desktop Connection 7.0 Client
- Windows Vista x64 Edition Service Pack 2
- Remote Desktop Connection 6.1 Client
- Remote Desktop Connection 7.0 Client
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Remote Desktop Connection 6.1 Client
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
- Remote Desktop Connection 6.1 Client
(Windows Server 2008 Server Core installation not affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Remote Desktop Connection 6.1 Client
- Windows 7 for 32-bit Systems and
Windows 7 for 32-bit Systems Service Pack 1
- Remote Desktop Connection 7.0 Client
- Windows 7 for x64-based Systems and
Windows 7 for x64-based Systems Service Pack 1
- Remote Desktop Connection 7.0 Client
- Windows Server 2008 R2 for x64-based Systems and
Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Remote Desktop Connection 7.0 Client
(Windows Server 2008 R2 Server Core installation not affected)
- Windows Server 2008 R2 for Itanium-based Systems and
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Remote Desktop Connection 7.0 Client
- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

MS13-030

- Affected Software:
- Microsoft SharePoint Server 2013
- Impact: Information Disclosure
- Version Number: 1.0

MS13-031

- Affected Software:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems and
Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems and
Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems and
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems and
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for 64-bit Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows RT
- Impact: Elevation of Privilege
- Version Number: 1.0

MS13-032

- Affected Software:
- Windows XP Service Pack 3
- Active Directory Application Mode (ADAM)
- Windows XP Professional x64 Edition Service Pack 2
- Active Directory Application Mode (ADAM)
- Windows Server 2003 Service Pack 2
- Active Directory
- Active Directory Application Mode (ADAM)
- Windows Server 2003 x64 Edition Service Pack 2
- Active Directory
- Active Directory Application Mode (ADAM)
- Windows Server 2003 with SP2 for Itanium-based Systems
- Active Directory
- Windows Vista Service Pack 2
- Active Directory Lightweight Directory Service (AD LDS)
- Windows Vista x64 Edition Service Pack 2
- Active Directory Lightweight Directory Service (AD LDS)
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Active Directory Services
- Active Directory Lightweight Directory Service (AD LDS)
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
- Active Directory Services
- Active Directory Lightweight Directory Service (AD LDS)
(Windows Server 2008 Server Core installation affected)
- Windows 7 for 32-bit Systems and
Windows 7 for 32-bit Systems Service Pack 1
- Active Directory Lightweight Directory Service (AD LDS)
- Windows 7 for x64-based Systems and
Windows 7 for x64-based Systems Service Pack 1
- Active Directory Lightweight Directory Service (AD LDS)
- Windows Server 2008 R2 for x64-based Systems and
Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Active Directory Services
- Active Directory Lightweight Directory Service (AD LDS)
(Windows Server 2008 R2 Server Core installation affected)
- Windows 8 for 32-bit Systems
- Active Directory Lightweight Directory Service (AD LDS)
- Windows 8 for 64-bit Systems
- Active Directory Lightweight Directory Service (AD LDS)
- Windows Server 2012
- Active Directory Services
(Windows Server 2012 Server Core installation affected)
- Impact: Denial of Service
- Version Number: 1.0

MS13-033

- Affected Software:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Impact: Elevation of Privilege
- Version Number: 1.0

MS13-034

- Affected Software:
- Windows Defender for Windows 8 and Windows RT
- Impact: Elevation of Privilege
- Version Number: 1.0

MS13-035

- Affected Software:
- Microsoft InfoPath 2010 Service Pack 1 (32-bit editions)
- Microsoft InfoPath 2010 Service Pack 1 (64-bit editions)
- Microsoft SharePoint Server 2010 Service Pack 1
- Microsoft Groove Server 2010 Service Pack 1
- Microsoft SharePoint Foundation 2010 Service Pack 1
- Microsoft Office Web Apps 2010 Service Pack 1
- Impact: Elevation of Privilege
- Version Number: 1.0

MS13-036

- Affected Software:
- Windows XP Service Pack 3
- Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems and
Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems and
Windows 7 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems and
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
- Windows Server 2008 R2 for Itanium-based Systems and
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for 64-bit Systems
- Windows Server 2012
(Windows Server 2012 Server Core installation affected)
- Windows RT
- Impact: Elevation of Privilege
- Version Number: 1.0

Once you get past that totally different interface, and the login if you are on a domain, one annoying trait that may tweak your shorts is the forced automatic restart after updates are applied. You would notice that where Windows keeps saying that your machine is going to reboot and actually starts to count down. How annoying, right?

Even though this behavior is annoying, it has a purpose! When “Patch Tuesday” comes around, and these updates are pushed to your computer and installed, it needs to reboot in order to close out the vulnerable components and patch them so you are protected from nasty exploits.

Failure to apply and activate updates can (and does) lead to machines which are in a vulnerable state, and visiting malicious websites, or opening malicious documents, even though the updates have been installed, but the machine is not rebooted, may result in viruses, trojans, worms and other malware being installed.

I think that was redundant, but I really want you to understand just how important these updates are!

That being said… Should you get too annoyed by the forced reboots, there’s a potential way around this by using the Group Policy Editor.   That setting is found under Local Computer Policy, Computer Configuration, Administrative Templates, Windows Components, Windows Update…    Just set “No auto-restart with logged on users for scheduled automatic updates installation” to “Enabled”.

But don’t do it, unless you have another means for maintaining your patch management.  Really, don’t do it.

If you would like to talk with someone about patch management, windows security, network security or anything computer support related for you or your business in the Upstate SC area, please call us at 864-990-4748 or use our contact form on our website.

It is important that you apply these updates to your computers and servers in order to keep your network secure.

Let’s start with Adobe – Four Flash security holes have been plugged in Flash Player 11.6.602.171 and earlier across all platforms.  Yes, that means you Apple Mac and Linux users need to get the updated Player version 11.6.602.180 or newer. Failure to do so could result in code being executed on your computer that could give a remote user complete control over it.

Next up…. Microsoft!

Products with updates include Microsoft Internet Explorer, Microsoft Office Suite (Visio Viewer 2010, SharePoint Server 2010, OneNote 2010, Office Outlook for Mac) and Silverlight 5 for both PC and Mac computers have a multitude of issues, with four critical bulletins.

Again, these updates should be installed as soon as possible.

If you or your organization requires assistance, please let us know. We can assist here in Upstate & Greenville SC with all your desktop, server and network security needs. We are an authorized Microsoft Partner and provide sales, service and support of their entire line of offerings. We can keep your computers secure, and in the event they need a virus cleaned off or removed, we can assist with that too!

Businesses wanting to employ the use of a patch management system, which will collect information about desktops, notebooks and other devices on their network, and push out updates from an easy to monitor server should contact us for more information!

864-990-4748 or use the contact link on our website.

We’re happy to announce that Homeland Secure IT has renewed our Microsoft Education Reseller status and are good for another year.

What does that mean?  Besides having to demonstrate that we know what we are doing through taking an exam, we have to actually have a clue about the sales of Microsoft products specifically available to the academic organizations we serve.

By maintaining our relationship as an AER (Authorized Education Reseller), we can offer Academic Volume Licensing which is not only convenient, but more affordable than retail, or standard open licensing.

It is available in as subscription model or even perpetual licenses.

If you are interested in this type of product, give us a call at 864-990-4748 in the Upstate / Greenville SC area.  We not only offer the sales, but also consultation, installation and maintenance of Microsoft software!

Yesterday, Apple Inc announced that computers within their own network have been exploited.  Mac computers in other companies have also been exploited.

It’s always a heated subject whenever I mention that more and more Apple Macs are becoming compromised. Very passionate people will argue with me until they are blue in the face about how Microsoft Windows machines are more vulnerable, and that their Mac never gets infected. However, I must add this in – as a provider of business computer service and support. We have seen a steady decline in malware on Windows 7 computers, and no infections as of this date on Windows 8. While, Mac issues are increasing.

Here’s a link to the Reuters story.

As always, regardless of whether you own a Windows based computer or a Mac, please take these simple steps at the very least to help insure the security of your computer:

• Keep your machine’s operating system up to date with patches!
• Keep all applications, such as Microsoft Office, Adobe Reader up to date with patches
• Support applications such as JAVA should be kept up to date (and some feel disabled or uninstalled
• Use current COMMERCIAL anti-virus which permits the scanning of websites in real time (We suggest Trend Micro)
• Avoid sketchy websites, don’t open emails (You didn’t win the Microsoft Lotto, trust me)
• If you feel you have been exposed, seek a professional immediately
• Watch those public hot spots if using a notebook (man-in-the-middle)
• Do not give permission for anything to install that you didn’t initiate
• Go straight to Adobe or other software provider for your updates
• Don’t initiate a scan for malware if prompted while visiting a website

Should you need assistance with any computer or network security issue for your home or business in the Greenville or Upstate SC area, please do not hesitate to call upon us at 864-990-4748 or use our contact form.

If you have purchased, or plan to purchase, a new computer with the OEM version of Microsoft Office 2013 on it, please understand that the installation of that Office 2013 can only be done on the computer it was first installed on.

In other words, let’s assume you buy a new computer from Homeland Secure IT along with Microsoft Office 2013 OEM / PKC, and 2 years later, you replace the computer. Previous versions of Microsoft Office would permit you to reinstall the OEM office that you originally purchased on a new computer, but, 2013 will NOT.

This is not anything new, as OEM / PKC versions of Microsoft Office have always been licensed for use with a new computer only. The license agreement expressly forbid you from installing it again on another computer.  Just like the OEM version of the Microsoft Windows Operating System. It was meant for one computer only. Without question, people have purchased the OEM version and then (against the license agreement) installed it on their next new computer too.

What IS new is that the RETAIL version of Microsoft Office will only allow you to load it on the first computer you install it on, then it is forever locked to that computer. That’s not just part of the EULA, it is apparently part of the registration mechanism.

Computer World and other computer news outlets have been obtaining more information, but it appears that this is true for the OEM, Academic, and the retail Home & Business versions.

You can read the Microsoft EULAs here: http://www.microsoft.com/en-us/legal/intellectualproperty/UseTerms/default.aspx

Homeland Secure IT is an authorized Microsoft reseller and partner… Offering the complete line of Microsoft products for sale in the Greenville / Upstate area. We can provide Office, Office 356 or Windows for one computer or one thousand.

Please call us if you have any questions or would like to purchase a Microsoft product. 864-990-4748

You should insure that updates are installed!

Should you require assistance applying these critical security updates to your computer or your entire network of computers, please call us at 864-990-4748. We specialize in providing computer and network service and support in Greenville, Spartanburg and Anderson South Carolina.

—

Here’s some reading for you regarding the Flash Windows and Mac Attacks:

http://securitywatch.pcmag.com/none/307887-adobe-patches-flash-windows-mac-users-under-attack

And the latest bulletin from MS:

********************************************************************
Title: Microsoft Security Advisory Notification
Issued: February 12, 2013
********************************************************************

Security Advisories Updated or Released Today ==============================================

* Microsoft Security Advisory (2755801)
  – Title: Update for Vulnerabilities in Adobe Flash Player in
    Internet Explorer 10
  – http://technet.microsoft.com/security/advisory/2755801
  – Revision Note: V8.0 (February 12, 2013): Added KB2805940 to
    the Current update section. 

Strap in….  Patches are ‘a comin’ to your Microsoft Windows based computer or Server on February 12, 2013, just in time for Valentine’s Day.

See, Microsoft DOES love you.  Never doubt.

That’s right! For the low, low price of only zero dollars, you will be receiving a number of feature loaded patches, the Microsoft Advance Notification for February 2013 says that you will be eligible for up to a dozen fun-packed bulletins worth of heart-felt updates.

There are five CRITICAL bulletins that affect Microsoft Windows, Internet Explorer and Microsoft Server Software. One absolutely requires a reboot, and it is suggested that you apply it and reboot afterwards. The penalties for avoiding these? Remote Code Execution! In layman’s terms, it means, your machine could be owned by the bad guys and they could have their way with it, scouring it for content, watching for you to log into your bank, or enter a credit card online.

The other bulletins are just as important, hence the label of “Important”, allowing remote code execution, denial of service and elevation of privilege to potentially ruin your day. The affected products are Windows Server Software, Microsoft Windows, Microsoft Office and the Microsoft .NET Framework.

Don’t delay, update today. Errrrrrm, well, after Patch Tuesday anyway!

While you are at it, you need to get the JAVA and Adobe Flash/Reader/Acrobat updates installed too, even if you are using an Apple Mac!

If you have questions, or need assistance with these or any other updates or security concerns in the Greenville or Upstate SC area, please call upon us at 864-990-4748 or use our contact links.

If you are using Java on your system… Please make sure it is up to date, or consider disabling it all together if you can live without it to decrease the likelihood you could become exploited.

A large number of the machines that we are aware of being infected with malicious software recently, have been as a direct result of Java and Adobe products, not the operating systems themselves.

This goes for Microsoft Windows XP and 7, and Apple Mac.

Should you need help with any virus or malware related issue, for your business or your personal computer in the Upstate SC area, please do not hesitate to call upon us at 864-990-4748.

Homeland Secure IT Alert

Microsoft didn’t forget you, in fact, they already have your Christmas present, which will be delivered in the form of patches on the infamous “Patch Tuesday”…

So, whether you have been naughty or nice… Please update your computers!

If you require assistance with managing updates for your personal computer, your server, or your entire business network in the Greenville and Upstate SC area, please call us at 864-990-4748.

Here’s the Microsoft Bulletin for your reading enjoyment:

********************************************************************

Microsoft Security Bulletin Advance Notification for December 2012

Issued: December 6, 2012

********************************************************************

This is an advance notification of security bulletins that Microsoft is intending to release on December 11, 2012.

The full version of the Microsoft Security Bulletin Advance Notification for December 2012 can be found at http://technet.microsoft.com/security/bulletin/ms12-dec.

This bulletin advance notification will be replaced with the December bulletin summary on December 11, 2012. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.

Microsoft will host a webcast to address customer questions on these bulletins on December 12, 2012, at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://technet.microsoft.com/security/bulletin.

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

Critical Security Bulletins

============================

Bulletin 1

- Affected Software:

- Windows XP Service Pack 3

- Internet Explorer 6

- Internet Explorer 7

- Internet Explorer 8

- Windows XP Professional x64 Edition Service Pack 2

- Internet Explorer 6

- Internet Explorer 7

- Internet Explorer 8

- Windows Server 2003 Service Pack 2

- Internet Explorer 6

- Internet Explorer 7

- Internet Explorer 8

- Windows Server 2003 x64 Edition Service Pack 2

- Internet Explorer 6

- Internet Explorer 7

- Internet Explorer 8

- Windows Server 2003 with SP2 for Itanium-based Systems

- Internet Explorer 6

- Internet Explorer 7

- Windows Vista Service Pack 2:

- Internet Explorer 7

- Internet Explorer 8

- Internet Explorer 9

- Windows Vista x64 Edition Service Pack 2:

- Internet Explorer 7

- Internet Explorer 8

- Internet Explorer 9

- Windows Server 2008 for 32-bit Systems Service Pack 2:

- Internet Explorer 7

- Internet Explorer 8

- Internet Explorer 9

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for x64-based Systems Service Pack 2:

- Internet Explorer 7

- Internet Explorer 8

- Internet Explorer 9

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for Itanium-based Systems Service Pack 2

- Internet Explorer 7

- Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1:

- Internet Explorer 8

- Internet Explorer 9

- Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1:

- Internet Explorer 8

- Internet Explorer 9

- Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

- Internet Explorer 8

- Internet Explorer 9

(Windows Server 2008 R2 Server Core installation

not affected)

- Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems Service

Pack 1

- Internet Explorer 8

- Windows 8 for 32-bit Systems

- Internet Explorer 10

- Windows 8 for 64-bit Systems

- Internet Explorer 10

- Windows Server 2012

- Internet Explorer 10

(Windows Server 2012 Server Core installation not affected)

Windows RT

- Internet Explorer 10

- Impact: Remote Code Execution

- Version Number: 1.0

Bulletin 2

- Affected Software:

- Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista Service Pack 2

- Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

- Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

- Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems Service

Pack 1

- Windows 8 for 32-bit Systems

- Windows 8 for 64-bit Systems

- Windows Server 2012

(Windows Server 2012 Server Core installation affected)

Windows RT

- Impact: Remote Code Execution

- Version Number: 1.0

Bulletin 3

- Affected Software:

- Microsoft Word 2003 Service Pack 3

- Microsoft Word 2007 Service Pack 2 and

Microsoft Word 2007 Service Pack 3

- Microsoft Word 2010 Service Pack 1 (32-bit editions)

- Microsoft Word 2010 Service Pack 1 (64-bit editions)

- Microsoft Word Viewer

- Microsoft Office Compatibility Pack Service Pack 2 and

Microsoft Office Compatibility Pack Service Pack 3

- Microsoft SharePoint Server 2010 Service Pack 1

- Word Automation Services

- Microsoft Office Web Apps 2010 Service Pack 1

- Impact: Remote Code Execution

- Version Number: 1.0

Bulletin 4

- Affected Software:

- Microsoft Exchange Server 2007 Service Pack 3

- Microsoft Exchange Server 2010 Service Pack 1

- Microsoft Exchange Server 2010 Service Pack 2

- Impact: Remote Code Execution

- Version Number: 1.0

Bulletin 5

- Affected Software:

- Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista Service Pack 2

- Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

- Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

- Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems Service

Pack 1

- Impact: Remote Code Execution

- Version Number: 1.0

Important Security Bulletins

============================

Bulletin 6

- Affected Software:

- Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista Service Pack 2

- Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

- Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

- Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation not affected)

- Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems Service

Pack 1

- Windows 8 for 32-bit Systems

- Windows 8 for 64-bit Systems

- Windows Server 2012

(Windows Server 2012 Server Core installation not affected)

- Impact: Remote Code Execution

- Version Number: 1.0

Bulletin 7

- Affected Software:

- Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems Service

Pack 1

- Windows Server 2012

(Windows Server 2012 Server Core installation affected)

- Impact: Security Feature Bypass

- Version Number: 1.0

Other Information

=================

Follow us on Twitter for the latest information and updates:

http://twitter.com/msftsecresponse

Microsoft Windows Malicious Software Removal Tool:

==================================================

Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Non-Security Updates on MU, WU, and WSUS:

========================================================

For information about non-security releases on Windows Update and Microsoft update, please see:

* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base

Article 894199, Description of Software Update Services and

Windows Server Update Services changes in content.

Includes all Windows content.

* http://technet.microsoft.com/wsus/bb456965: Updates

from Past Months for Windows Server Update Services. Displays all

new, revised, and rereleased updates for Microsoft products other

than Microsoft Windows.

Microsoft Active Protections Program (MAPP) ===========================================

To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners, listed at http://www.microsoft.com/security/msrc/collaboration/mapp.aspx.

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at https://technet.microsoft.com/security/bulletin/pgp.

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.

********************************************************************

THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

********************************************************************

To manage or cancel your subscription to this newsletter, visit the Microsoft.com Profile Center at <http://go.microsoft.com/fwlink/?LinkId=245953> and then click Manage Communications under My Subscriptions in the Quicklinks section.

For more information, see the Communications Preferences section of the Microsoft Online Privacy Statement at:

<http://go.microsoft.com/fwlink/?LinkId=92781>.

For the complete Microsoft Online Privacy Statement, see:

<http://go.microsoft.com/fwlink/?LinkId=81184>.

For legal Information, see:

<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:

Microsoft Corporation

1 Microsoft Way

Redmond, Washington, USA

98052

Here’s the breakdown of pricing changes:

Enterprise USER CAL will increase by 15%.

Enterprise DEVICE CAL will remain the same.

There are many changes to the Microsoft pricing structure besides these, so if you have any questions regarding a Microsoft product or licensing in general, please let us know. We offer complete sales and licensing services as a Microsoft partner in Greenville and the Upstate of SC!   864-990-4748 for more information.

It looks like the Microsoft has a total of six bulletins with four of those being CRITICAL. In all, 19 vulnerabilities will be corrected and they will affect the .NET Framework, Internet Explorer and Office, in addition to Windows itself.

But wait, that’s not all! You also get important updates from Adobe for their Adobe Flash Player, Adobe Air and all versions of Adobe Reader….   These updates affect multiple platforms, so Apple Mac users need to apply them too!

The Adobe patches are likely more critical than Microsoft. The Flash Player is a “0 day” and corrects seven vulnerabilities that affect every platform.

If you need any assistance installing these patches, or would like to discuss a patch management system for your Greenville, Spartanburg or Anderson based business, please call us at 864-990-4748

You can read about the attack timeline and response here and the WSPA news article here.

If the State’s server can be exploited, what about you?

Do you host data on your company server and feel it is totally safe?

For instance, you have a Microsoft Exchange Server, which resides behind a firewall, and it does not host anything but email, so you feel it is safe?

Not so fast – An Exchange Server might be behind a firewall, but is that firewall up to date? It might be so old that the latest firmware and software cannot even be applied to it. More importantly, if your Exchange Server does not have all the latest patches to it, it might be vulnerable to attack, even though a firewall is present.

A large number of servers at businesses go unpatched, and unprotected, yet are exposed to the internet. It might be an FTP server, a web server, SQL database server, or Remote Desktop server.  They all require updates, patches and evaluation, to assure their continued security.

Should you have a question about the status of your Greenville or Upstate network’s security, please call us at 864-990-4748 and arrange for a consultation. We specialize in small and medium business networks, servers and computers and would be happy to work with you to discover what can be done to protect your business.  We’re also partners with some of the most respected security industry leaders, such as Cisco, Symantec, Trend Micro, WatchGuard, SonicWALL, and more!

The release of Microsoft Windows 8 is now just a few days away!

When you buy a desktop or notebook computer from us with Windows 8 on it, why not add Microsoft Office 2010?

Not only will you have the latest and greatest software and operating system, customers who purchase any qualifying version of Microsoft Office product between now and April 30, 2013 can download the next version of Office as soon as it is available!

Want more information about the new Windows 8 and the upcoming Microsoft Office release? Call us at 864-990-4748 or use our contact form on the website.

We are your Microsoft Small Business Specialist in Greenville / Upstate SC, offering sales and support of computers & servers from most manufacturers, powered by Microsoft!

Help – I need somebody….

Microsoft’s Security Intelligence Report, Volume 13 is full of information that will cause your eyes to bleed, but one tidbit that is important to take note of is that Windows 7 malware infection rates are on the rise.

Computer World has a great article on the subject at this link, and a spiffy graph that looks like this:

From the graph, you will notice that Windows 7  has experienced a sharp increase (as high as 182%) in malware infection rate in 2012.

What the graph doesn’t show is that in that same time period, Windows 7 has taken over as the leading Microsoft Operating System, nor does it show that Apple and Linux related malware has increased at the same rates or higher in the same time period.

An important take away from the Computer World article is that “Even with that drastic increase, Windows 7 remained two to three times less likely to fall to hacker attack than the aged Windows XP”.

It still comes down to this one thing: KEEP YOUR SYSTEMS UPDATED!  This action alone will not entirely protect you, but when combined with some common sense, and the use of quality anti-virus / anti-malware, such as Trend Micro Titanium, your chances of being exploited are reduced dramatically over those who don’t follow suit. Oh, and if you are running Windows XP, please upgrade!

If you would like to discuss computer or network security issues concerning your Greenville, Spartanburg or Anderson area business, please call Homeland Secure IT at 864-990-4748 or use our handy contact link.

Adobe Flash Player Updates for October 8, 2012

Adobe Security Bulletin APSB12-22 for October 8th, 2012 details vulnerabilities that exist in versions of the Adobe Flash Player and Adobe Air that run on:

• Microsoft Windows
• Apple Macintosh
• Linux
• Android 2.x – 4.x

These updates address CRITICAL vulnerabilities and installation should not be delayed in order to protect your computer, tablet or smart phone.

Should you have questions about how these updates might affect you or your business, please call us at 864-990-4748.

Not a pumpkin patch, but a Microsoft Patch!

Here we are, another Patch Tuesday, where Microsoft makes updates available to their products.

The Microsoft Security Bulletin Advance Notification for October 2012 indicates there are seven bulletins that will be addressed today.  They include:

1. Critical – Remote code execution – Affecting Microsoft Office and Microsoft Server
2. Important – Remote code execution – Affecting Microsoft Office
3. Important – Elevation of privilege – Affecting Microsoft Office, Microsoft Server Software, Microsoft Lync
4. Important – Remote code execution – Affecting Microsoft Office, Microsoft Server Software
5. Important – Elevation of privilege – Affecting Microsoft Windows
6. Important – Denial of Service – Affecting Microsoft Windows
7. Important – Elevation of privilege – Affecting Microsoft SQL Server

As always, we highly recommend these and *every* Microsoft related update be applied to your servers and workstations, without delay.

Please remember that failure to do so, leaves unpatched “holes” that can be leveraged to gain control of or access to your desktops and servers.

A network security evaluation should be performed frequently on your business network, and Homeland Secure IT will be happy to undertake this duty in the Greenville / Upstate SC area. Please give us a call at 864-990-4748 or use our contact form. We are Microsoft Small Business Specialists!

If you are like most people, when everything is running well, you get comfortable and begin to do the job you were hired to do, so if you are the accounts manager and pull double duty as company IT administrator, chances are, you get back to doing what you do best – taking care of the accounts.  That is, until something comes along and throws a wrench in the works and your networking is not working.

But what about all those updates? Do you back-burner those until there is a good time to reboot the server? After all, rebooting the server takes everyone down, and causes your phone to light up with questions like, “When will I be able to access the X drive again?”.

During the time between updates, your server and other systems are vulnerable. It honestly may not be a matter of IF your network is compromised, but rather, WHEN.

Many non-dedicated IT admins will apply the updates but not reboot the server, or will wait until there are so many updates it may take 2 or three reboots to get everything applied. This is a very bad practice. Especially for servers facing the internet (Mail, SQL, Web).

What about backups?  You ARE backing up, and it does work properly, right?

Don’t get caught with your pants down.  Bring in an IT support company who can help you determine where you stand. Are you overworked and just unable to do it all? Consider an IT company who will provide you with a statement to that affect which you can provide to your manager or superior to document that there is additional work to be done.  Sure, you’ve told them time and time again, but maybe, just maybe, they might listen to an outside source.

Let Homeland Secure IT be that source of information. We’ll come in and take a look at the state of your network, provide suggested course of action, and can even quote the labor or upgrade of components (if required). Simply don’t have time to maintain all this gear and want to source it to someone who will be on top of it?  Then we’re on IT! Give us a call at 864-990-4748 or use the contact link above.

We provide complete IT service, sales and consultation to the entire Upstate of South Carolina. We’re your Microsoft, Cisco, Symantec, Trend Micro, Lenovo, HP partner, specializing in small and medium businesses (SMBs) just like yours!

“My computer is locked and a screen is displaying a message from the FBI saying I have to pay a fine in order to use it again”

“A window says I am in violation of the law for downloading media or port and says it is from the FBI”

One user in the know says, “I am infected with the Reveton FBI virus, can you remove it?”

Without question, this has been one of the more popular exploits we have seen so far this year.  It is called the Reveton virus, and is part of a Citadel malware payload that distributes a number of malicious software.

This is so popular that the FBI has had a “new internet scam” page up since August and this is an excerpt from that page that goes back to May 2012. (This is not new by any means):

The IC3 suggests the following if you become a victim of the Reveton virus:

• Do not pay any money or provide any personal information.
• Contact a computer professional to remove Reveton and Citadel from your computer.
• Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain types of malware have been known to capture personal information such as user names, passwords, and credit card numbers through embedded keystroke logging programs.
• File a complaint and look for updates about the Reveton virus on the IC3 website.

In addition to patching your systems, we recommend a bit of common sense, such as not visiting links which are sent to you in email that look suspicious. If it looks strange, it probably is.

—

National Cyber Awareness System
US-CERT Alert TA12-265A
Microsoft Releases Patch for Internet Explorer Exploit

Original release date: September 21, 2012 Last revised: –

Systems Affected 

* Microsoft Internet Explorer 6
* Microsoft Internet Explorer 7
* Microsoft Internet Explorer 8
* Microsoft Internet Explorer 9

Overview

Microsoft has released Security Bulletin MS12-063 to address the  use-after-free vulnerability that has been actively exploited this  past week.

Description

Microsoft Internet Explorer versions 6, 7, 8, and 9 are susceptible  to a use-after-free vulnerability. This vulnerability is being  actively exploited in the wild. Microsoft has released Security Bulletin MS12-063 to patch this vulnerability and four others.

This vulnerability was previously mentioned in US-CERT Alert  TA12-262A. Additional information is available in US-CERT  Vulnerability Note VU#480095.

Impact

A remote, unauthenticated attacker could execute arbitrary code,  cause a denial of service, or gain unauthorized access to your files or system.

Solution

US-CERT recommends that Internet Explorer users run Windows Update  as soon as possible to apply the MS12-063 patch.

References

* Microsoft Security Bulletin MS12-063
<http://technet.microsoft.com/en-us/security/Bulletin/MS12-063>

* US-CERT Alert: Microsoft Security Advisory for Internet Explorer Exploit
<http://www.us-cert.gov/cas/techalerts/TA12-262A.html>

* Microsoft Windows Update
<http://go.microsoft.com/fwlink/?LinkID=40747>

* US-CERT Vulnerability Note VU#480095
<http://www.kb.cert.org/vuls/id/480095>

Revision History

September 21, 2012: Initial release

—

As always, if you require assistance applying these security patches or have questions about your Greenville / Upstate, SC business computer and network security, please call us at 864.990.4748 or use the contact link in the menu above.

Title: Microsoft Security Advisory Notification
Issued: September 19, 2012
********************************************************************

Security Advisories Updated or Released Today ==============================================

* Microsoft Security Advisory (2757760)
- Title: Vulnerability in Internet Explorer Could Allow
Remote Code Execution
- http://technet.microsoft.com/security/advisory/2757760
  – Revision Note: V1.2 (September 19, 2012): Added link to
Microsoft Fix it solution, “Prevent Memory Corruption via
ExecCommand in Internet Explorer,” that prevents exploitation of
this issue.

If you have questions regarding this vulnerability, please contact us and we will be happy to assist.

How are you backing up your Microsoft Exchange server?

Many businesses are using the Microsoft provided NTBackup, which can backup the entire store, while others may be using another backup package that backs up the entire store. The super-budget minded may be using scripts to shut down the Exchange and then copy the store to an external hard drive.

Still others use a cloud backup solution that doesn’t support Exchange backup, so they do an NT Backup or something similar to a drive, THEN let the cloud software backup the backup to the remove servers.

Of course, the ideal way to backup your mail server is a combination of methods, from a full DR (disaster recovery) backup which can restore a downed machine in minutes, to an OS, file and backup solution like Backup Exec 2012 backing up to a tape library…   If you ARE using Backup Exec and have the BEWS Exchange Agent, then you can do some additional magic.

While an Exchange Store backup can return your Exchange database to a functional state should there be major corruption, or if your CEO loses his mail, you could go back in time and return everyone in the business to a point in time where the CEO’s mail was indeed working well.

Mailbox level backup, just like it sounds, lets you backup individual mailboxes, which can be restored without affecting others in the organization.  In the above scenario, the CEO has lost his mail, and if you are using mailbox level backup, you can have it back in minutes! This comes at a cost. Backup Exec with the necessary license to backup Exchange is a hefty amount of coin, though totally worth it.  Then you must configure various jobs to handle this, and have some place to put all this data (usually a tape drive or RDX or even a NAS / SAN, and sometimes just a USB external hard drive).

Should you be backing up your systems using file backup or image backup technology, and wish to add mailbox level backups, there’s yet another way to do this, and it is very affordable!

Servosity, our online backup partner, has mailbox level backup that can be deployed in minutes, and it’s only a couple dollars (plus the cost of the storage) per mailbox you wish to backup.  You don’t even have to backup EVERY mailbox, you could backup just important ones!

Of course you are interested now that you heard it is both available and affordable, so use the contact link from our navigation menu above or call us at 864.990.4748 for more information or to arrange a FREE 14 day trial of this product. We have been working with Servosity in the Greenville area for a number of years and the user satisfaction has been stellar!

According to an article on cnet.net, entitled “Windows 7 overtakes XP as Mac OS X passes Vista“, Microsoft Windows 7 has finally surpassed Microsoft XP as the most dominant operating system!  Predictions were all over the place, from 2013 to as far out as 2016, with a few people thinking it should have happened already.

As businesses and individuals have made the transition from XP to Windows 7, computer service and repair professionals have seen a sharp decrease in the number of machines that have been infected with viruses, worms and trojans. Well, a sharp decrease in Microsoft based computers. We’ve seen an increase in Apple Mac malware infections that is right in line with their increasing numbers.

In 2011, upwards of 30 percent of our computer service and support revenue was comprised of malware related repairs. So far, in 2012, with over half of the year behind us, we’ve seen a decline of over fifty percent in virus cleanup! It’s rare for Windows 7 machines to come through our door infected like we used to see with XP! (Though we still do see them).

You’ve probably heard already, but Microsoft is unleashing a new operating system on us, Windows 8, and though it is not even officially released, just the pre-release has a 0.23 market share!  How long will it be before it has the same kind of impact that Windows 7 has? WILL it have that kind of impact?

Here’s the numbers for those of you who don’t want to click the cnet link above:

Market Share:

Visualization of OS Market Share

42.76% Microsoft Windows 7
6.66% Apple Mac OS X 10.4 / 10.5 / 10.6 / 10.7 / 10.8
6.15% Microsoft Windows Vista
5.95% Apple iPhone, iPod & iPad
1.84% Android 2.2 / 2.3 / 3.2/ 4.0 & Kindle Fire
1.05% Linux

The percentage of Apple Market Share could be considered evil.

These stats are from NetMarketShare.com and can be found here.

For those who want to see all versions of Windows compared to Mac OS X:

Visualization – All Windows Versions Combined