Windows 8.1 could make a lot of people happy

The number one complaint we have heard from purchasers of new machines that come with Microsoft Windows 8 is that the desktop experience is not what they expect. Especially if they do not have a touchscreen.

Typical mouse and keyboard users flip back and forth between the desktop.

Have no fear, Microsoft has had mercy on your soul and the upcoming update will address that issue and many others! Booting directly to the desktop, however, will be the one feature that causes most people to immediately update, and will likely boost new computer sales in our opinion.

Here’s the whole long list of upcoming Windows 8.1 changes as it looks currently:

What’s New in Windows 8.1

We built Windows 8 to bring a modern computing experience to businesses and to help professionals stay connected to their colleagues and clients from anywhere, anytime. Windows 8.1 advances this vision and introduces new manageability, mobility, security, user experience and networking capabilities that will be available later this year – with the goal of offering customers the best business tablets and versatile modern business PCs driven by the most powerful operating system designed for today’s modern businesses.

Below is a list of some of the new and updated features that we invite to you test out when the Windows 8.1 experience becomes available later this month.

Bring Your Own Device (BYOD) Enhancements

Workplace Join

A Windows 8 PC was either domain joined or not.  If it was a member of the domain, the user could access corporate resources (if permissioned) and IT could control the PC through group policy and other mechanisms.  This feature allows a middle ground between all or nothing access, allowing a user to work on the device of their choice and still have access to corporate resources With Workplace Join, IT administrators now have the ability to offer finer-grained control to corporate resources.  If a user registers their device, IT can grant some access while still enforcing some governance parameters on the device.

Work Folders

Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system.  Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices needed to be domain joined (or required domain credentials) for access to file shares.  Syncing could be done with third-party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place.

Open MDM

While many organizations have investments with System Center and will continue to leverage these investments we also know that many organizations want to manage certain classes of devices, like tablets and BYOD devices, as mobile devices. With Windows 8.1, you can use an OMA-DM API agent to allow management of Windows 8.1 devices with mobile device management products, like Mobile Iron or Air Watch.

Mobile Device Management

When a user enrolls their device, they are joining the device to the Windows Intune management service.  They get access to the Company Portal which provides a consistent experience for access to their applications, data and to manage their own devices.  This allows a deeper management experience with existing tools like Windows Intune. IT administrators now have deeper policy management for Windows RT devices, and can manage Windows 8.1 PCs as mobile devices without having deploy a full management client.

Web Application Proxy

The Web Application Proxy is a new role service in the Windows Server Remote Access role. It provides the ability to publish access to corporate resources, and enforce multi-factor authentication as well as apply conditional access policies to verify both the user’s identity and the device they are using resources, and enforce multi-factor authentication as well as verify the device being used before access is granted.

RDS Enhancements

Enhanced Virtual Desktop Infrastructure (VDI) in Windows Server 2012 R2 with improvements in management, value, and user experience. Session Shadowing allows administrators to view and remotely control active user sessions in an RDSH server. Disk dedupe and storage tiering allow for lower cost storage options. User experience for RemoteApps, network connectivity and multiple displays has been improved. Administrators can now easily support users with session desktops to provide helpdesk style support. Administrators now have even more flexible storage options to support a VDI environment without expensive SAN investments. End users will find RemoteApp behavior is more like local apps, and the experience in low-bandwidth is better, with faster reconnects and improved compression, and support for multiple monitors.

NFC Tap-to-pair Printing

Tap your Windows 8.1 device against an enterprise NFC-enabled printer and you’re all set to print. No more hunting on your network for the correct printer and no need to buy a special printer to take advantage of this functionality. Simply attach an NFC tag to your existing printers to enable this functionality.

Wi-Fi Direct Printing

Connect to Wi-Fi Direct printers without adding additional drivers or software on your Windows 8.1 device, forming a peer-to-peer network between your device and the printer.

Native Miracast Wireless Display

Present your work wirelessly with no connection cords needed; just pair with a Miracast-enabled projector via NFC and Miracast will use Wi-Fi to let you project wire-free.

Mobility Enhancements

VPN

We have added support for a wider range of VPN clients in both Windows and Windows RT devices. We have also added the ability to have an app automatically trigger VPN connections.

Mobile Broadband

At Windows 8 launch, the devices had embedded radios that were separate components within the devices.  Windows 8.1 supports embedded wireless radio, which gives you increased power savings, longer battery life, also enables thinner form factors and lower cost devices.

Windows To Go

With Windows To Go in Windows 8.1, the Windows Store is enabled by default. Windows To Go users may roam to any number of machines and access the Windows Store and use Windows Store apps.

Broadband Tethering

Turn your Windows 8.1 mobile broadband-enabled PC or tablet into a personal Wi-Fi hotspot, allowing other devices to connect and access the internet.

Auto-triggered VPN

When you select an app or resource that needs access through the inbox VPN – like a company’s intranet site – Windows 8.1 will automatically prompt you to sign in with one click. This feature will be available with Microsoft and third-party inbox VPN clients.

Security Enhancements

Remote Business Data Removal

Corporations now have more control over corporate content which can be marked as corporate, encrypted, and then be wiped when the relationship between the corporation and user has ended. Corporate data can now be identified as corporate vs. user, encrypted, and wiped on command using EAS or EAS + OMA-DM protocol. This capability is requires implementation in the client application and in the server application (Mail + Exchange Server). The client application determines if the wipe simply makes the data inaccessible or actually deletes it.

Improved Biometrics

All SKUs will include end to end biometric capabilities that enable authenticating with your biometric identity anywhere in Windows (Windows sign-in, remote access, User Account Control, etc.). Windows 8.1 will also be optimized for fingerprint based biometrics and will include a common fingerprint enrollment experience that will work with a variety of readers (touch, swipe). Modern readers are touch based rather than swipe and include liveliness detection that prevents spoofing (e.g.: silicon emulated fingerprints). Access to Windows Store Apps, functions within them, and certificate release can be gated based on verification of a user’s biometric identity.

Pervasive Device Encryption

Device encryption previously found on Windows RT and Windows Phone 8 is now available in all editions of Windows. It is enabled out of the box and can be configured with additional BitLocker protection and management capability on the Pro and Enterprise SKUs. Consumer devices are automatically encrypted and protected when using a Microsoft account. Data on any Windows connected standby device is automatically protected (encrypted) with device encryption. Organizations that need to manage encryption can easily take add additional BitLocker protection options and manageability to these devices.

Improved Internet Explorer

Internet Explorer 11 improvements include faster page load times, side-by-side browsing of your sites, enhanced pinned site notifications, and app settings like favorites, tabs and settings sync across all your Windows 8.1 PCs. Internet Explorer 11 now includes capability that enables an antimalware solution to scan the input for a binary extension before it’s passed onto the extension for execution

Malware Resistance

Windows Defender, Microsoft’s free antivirus solution in Windows 8, will include network behavior monitoring to help detect and stop the execution of known and unknown malware. Internet Explorer will scan binary extensions (e.g. ActiveX) using the antimalware solution before potentially harmful code is executed.

Device Lockdown

With Assigned Access, a new feature offered in Windows 8.1 RT, Windows 8.1 Pro, and Windows 8.1 Enterprise, you can enable a single Windows Store application experience on the device. This can be things like a learning application for kids in an educational setting or a customer service application at a boutique, Assigned Access can ensure the device is delivering the intended experience. In our Windows Embedded 8.1 industry product, we deliver additional lockdown capabilities to meet the needs of industry devices like point of sale systems, ATMs, and digital signs.

Modern UI experience

Variable, Continuous Size of Snap Views

You have more ways to see multiple apps on the screen at once. You can resize apps to nearly infinite sized windows, share the screen between two apps, or have up to three apps on each monitor.

Boot to Desktop

We have made configuration options available which will allow you to boot directly to the desktop in Windows 8.1.

Desktop and Start Screen

Improvements have been made to better support users who prefer a mouse and keyboard experience to access applications.

These are just some of the key features available in Windows 8.1 We encourage you to test out and try these features when you evaluate Windows 8.1 for use both in your work environment as well as at home in your personal life. Please note that Windows Server 2012 R2 may be required in order for some of these features to be available.

Microsoft Office 2003 and Office for Mac 2011 Document Handling Vulnerability

This comes straight from our partners over at WatchGuard Security Center blog and may affect you if you are using Office 2003 for Windows or Office for Mac 2011. We happen to concur with the author’s thoughts that this is probably much more severe than Microsoft’s own rating of “important”.

If you need assistance with this, or any other computer security issue in the Greenville, Spartanburg or Anderson SC area, please call us at 864-990-4748. We are ready to help you!

Office 2003 Document Handling Code Execution Vulnerability

by Corey Nachreiner

Severity: Medium

Summary:

  • These vulnerabilities affect: Office 2003 and Office for Mac 2011
  • How an attacker exploits them: By enticing you to open maliciously crafted Office documents
  • Impact: An attacker can execute code, potentially gaining complete control of your computer
  • What to do: Install the appropriate Office patches as soon as possible, or let Windows Update do it for you.

Exposure:

As part of part of Patch Day, Microsoft released a security bulletin describing a vulnerability in Office 2003 and Office for Mac 2011. Specifically, the Office components used to parse PNG image files suffer from a buffer overflow vulnerability involving the way they handle specially crafted images. By embedding a malicious PNG image into an Office document, and tricking one of your users into downloading and opening or previewing it, an attacker can exploit this vulnerability to execute code on that user’s computer, inheriting that user’s privileges. If your user has local administrative privileges, the attacker gains full control of the user’s machine.

Though Microsoft only rates this security update as Important, since the attack requires user interaction to succeed, we believe it poses a significant risk because many normal users trust Microsoft Office documents. You should patch this flaw as soon as you can.

Solution Path

Microsoft has released an update for Office to fix this flaw. If you use Office 2003 or Office for Mac 2011 you should download, test, and deploy the update as soon as possible, or let Windows Update do it for you. See the “Affected and Non-Affected Software” section of Microsoft’s bulletin for more details on where to find the updates.

For All WatchGuard Users:

Though you can use WatchGuard’s XTM and XCS appliances to block certain files and content, such as Office documents, most organizations share these types of documents as part of normal business. Instead, we recommend you install Microsoft’s updates to completely protect yourself from this flaw.

Status:

Microsoft has released an Office update to fix this flaw.

References:

This alert was researched and written by Corey Nachreiner, CISSP (@SecAdept).

Apple owners rejoice! Security updates are available for you – apply them please!

Article HT5784 over on the Apple Support page, indicates that there’s something fun waiting for you in OS X Mountain Lion v10.8.4 and Security Update 2013-002

It would be wise to get yourself up to date so you can sleep better at night. Well, at least I will sleep better at night with the knowledge that you are safe and secure!

Here’s the link: http://support.apple.com/kb/HT5784

And here’s the article in its entirety for those of you just too tired to click on the link….

 

About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002

Summary

This document describes the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002, which can be downloaded and installed via Software Updatepreferences, or from Apple Downloads.

Products Affected

OS X LionOS X Mountain Lion, Product Security

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.”

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see “Apple Security Updates.”

OS X Mountain Lion v10.8.4 and Security Update 2013-002

Note: OS X Mountain Lion v10.8.4 includes the content of Safari 6.0.5. For further details see About the security content of Safari 6.0.5.

  • CFNetwork

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: An attacker with access to a user’s session may be able to log into previously accessed sites, even if Private Browsing was used

    Description: Permanent cookies were saved after quitting Safari, even when Private Browsing was enabled. This issue was addressed by improved handling of cookies.

    CVE-ID

    CVE-2013-0982 : Alexander Traud of www.traud.de

  • CoreAnimation

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: Visiting a maliciously crafted site may lead to an unexpected application termination or arbitrary code execution

    Description: An unbounded stack allocation issue existed in the handling of text glyphs. This could be triggered by maliciously crafted URLs in Safari. The issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0983 : David Fifield of Stanford University, Ben Syverson

  • CoreMedia Playback

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

    Description: An uninitialized memory access issue existed in the handling of text tracks. This issue was addressed by additional validation of text tracks.

    CVE-ID

    CVE-2013-1024 : Richard Kuo and Billy Suguitan of Triemt Corporation

  • CUPS

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: A local user in the lpadmin group may be able to read or write arbitrary files with system privileges

    Description: A privilege escalation issue existed in the handling of CUPS configuration via the CUPS web interface. A local user in the lpadmin group may be able to read or write arbitrary files with system privileges. This issue was addressed by moving certain configuration directives to cups-files.conf, which can not be modified from the CUPS web interface.

    CVE-ID

    CVE-2012-5519

  • Directory Service

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8

    Impact: A remote attacker may execute arbitrary code with system privileges on systems with Directory Service enabled

    Description: An issue existed in the directory server’s handling of messages from the network. By sending a maliciously crafted message, a remote attacker could cause the directory server to terminate or execute arbitrary code with system privileges. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion or OS X Mountain Lion systems.

    CVE-ID

    CVE-2013-0984 : Nicolas Economou of Core Security

  • Disk Management

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: A local user may disable FileVault

    Description: A local user who is not an administrator may disable FileVault using the command-line. This issue was addressed by adding additional authentication.

    CVE-ID

    CVE-2013-0985

  • OpenSSL

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: An attacker may be able to decrypt data protected by SSL

    Description: There were known attacks on the confidentiality of TLS 1.0 when compression was enabled. This issue was addressed by disabling compression in OpenSSL.

    CVE-ID

    CVE-2012-4929 : Juliano Rizzo and Thai Duong

  • OpenSSL

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Multiple vulnerabilities in OpenSSL

    Description: OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website athttp://www.openssl.org/news/

    CVE-ID

    CVE-2011-1945

    CVE-2011-3207

    CVE-2011-3210

    CVE-2011-4108

    CVE-2011-4109

    CVE-2011-4576

    CVE-2011-4577

    CVE-2011-4619

    CVE-2012-0050

    CVE-2012-2110

    CVE-2012-2131

    CVE-2012-2333

  • QuickDraw Manager

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2

    Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of PICT images. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0975 : Tobias Klein working with HP’s Zero Day Initiative

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of ‘enof’ atoms. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0986 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP’s Zero Day Initiative

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted QTIF file may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue existed in the handling of QTIF files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0987 : roob working with iDefense VCP

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted FPX file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of FPX files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0988 : G. Geshev working with HP’s Zero Day Initiative

  • QuickTime

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: Playing a maliciously crafted MP3 file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of MP3 files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0989 : G. Geshev working with HP’s Zero Day Initiative

  • Ruby

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8

    Impact: Multiple vulnerabilities in Ruby on Rails

    Description: Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.

    CVE-ID

    CVE-2013-0155

    CVE-2013-0276

    CVE-2013-0277

    CVE-2013-0333

    CVE-2013-1854

    CVE-2013-1855

    CVE-2013-1856

    CVE-2013-1857

  • SMB

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: An authenticated user may be able to write files outside the shared directory

    Description: If SMB file sharing is enabled, an authenticated user may be able to write files outside the shared directory. This issue was addressed through improved access control.

    CVE-ID

    CVE-2013-0990 : Ward van Wanrooij

  • Note: Starting with OS X v10.8.4, Java Web Start (i.e. JNLP) applications downloaded from the Internet need to be signed with a Developer ID certificate. Gatekeeper will check downloaded Java Web Start applications for a signature and block such applications from launching if they are not properly signed.

If you need assistance with these or any other updates or security issues, regardless of whether you run Apple products or Microsoft Windows, please call us at 864-990-4748, we are happy to help in the Upstate of SC!

Sign up for @copyapp with this link, and we’ll both get 5 GB of free cloud storage in addition to the usual 15 GB: https://copy.com?r=OAdJxy

Do you store files online with something like Dropbox?  Well, drop Dropbox and check out Copy.

Dropbox gives you 2GB of free storage which you can access from your Windows or Mac computer, iPad, iPhone, Android, etc.

That’s great and all, except that Copy gives you *15* GB of free storage.  Actually, they give you 20 GB if you use this link:

https://copy.com?r=OAdJxy

All you have to do is visit there, sign up, and install their app on your phone or desktop and your account will receive 20 GB of storage, and you will also receive my appreciation too, as your actions will result in me getting another 5 GB for referring you! As a photographer who wants to share photos with the victims of my shutter finger and as I take more and more photos, Dropbox’ free 2 GB has been limiting and paying for storage for something I make little money off of is not attractive, so I have been using my own FTP server.

BTW: Once you are setup, you can refer your friends and get 5 GB for each one that signs up too. One person I know of has 90 GB of free storage in return for the referrals he has given. Some people have TERABYTES!

But what about a business? Does Copy work for organizations who have multiple users and need permissions for each person accessing the data? Absolutely. They provide a business account at a very reasonable fee which allows finite control of your assets.  If an employee leaves, you can lock down their access.

Give it a try and respond here with your thoughts, especially if you are comparing it to Dropbox

 

Radio Station Website Compromise Leads to Visitor Infection Threat

The US-CERT National Cyber Awareness System sent out a notification yesterday and revised it today, May 21st entitled “TA13-141A: Washington, DC Radio Station Web Site Compromises”.

The document outlines that on May 16th US-CERT was informed that two websites www.federalnewsradio-dot-com and www.wtop-dot-com had been compromised and that redirects had been put in place that would send Internet Explorer users to a package that would install malicious software (an exploit kit). It also highlights the fact that as of May 17th, it was confirmed that this redirect and payload were both removed from those sites.

People who visited those sites while the redirect was in place could be potentially compromised themselves.

In order for the exploit to work to correctly, you would need multiples of the following:

  • A computer running Microsoft Windows, presumably without OS updates in place
  • Be using Microsoft Internet Explorer as your browser
  • Have an older, unpatched version of Adobe Reader or Acrobat installed
  • Have an older, unpatched version of Oracle Java installed
  • Have inadequate or un-updated anti-virus in place

The more of those criteria that you meet, the higher the likelihood of your machine becoming exploited and in this particular case, having the ZeroAccess Trojan installed and potentially the FakeAV/Kazy malware piggybacked with that. ZeroAccess gets busy once in place, joining a command and control system, and downloading additional malicious applications such as a fake Flash installer.

Protecting yourself is easy to do. Install updates, use quality anti-virus, and a dash of common sense helps too!

Protecting an entire network with several computers and servers may be a more demanding task. You probably want to get a qualified service provider to assist in that endeavor.

If your business is in the Greenville, Spartanburg or Anderson SC, we would love to discuss security issues with you. Homeland Secure IT provides computer, server and network security, support and sales to the Upstate. We are partners with some of the biggest names in the business, such as Cisco, WatchGuard, Microsoft, Symantec, Trend Micro and more!  Please call us at 864-990-4748 or use our contact form on our website!

One other thing – if you feel for some reason that you may be infected, most of the time, you are. Don’t take a chance. We can help scan your machines or networks and clean them up should that be the case.

 

Cisco Voice over IP phone systems don’t have to break the bank #VoIP #Cisco

DSC_6514

Cisco SPA509 phones ready for deployment

Q: Why is it that just about every corporation you walk into has Cisco phones on their desks?

A: Because they have become the standard by which almost every other VoIP solution is measured.

People in business have grown to expect a certain level of quality. From feel of the handset and how heavy it is and whether it fits their hand nicely, to the responsiveness of buttons, and without a doubt, the audio quality of the handset and the speakerphone. Other important aspects of the user experience are the bells and whistles, such ringer selection, headset interfaces and the display.

Almost every VoIP manufacturer tries to mimic the look and feel of Cisco because it is familiar to so many already.

We have a small business, can we afford a Cisco system?

That’s a pretty common question… The answer is “YES!”. In addition to making their world-class enterprise phone systems, they also make a line of affordable products designed specifically for small and medium businesses.

The entry level UC500 series (UC = Unified Communications) offering is the UC540 which comes with support for up to 24 phones but can expand to 32 phones. This system can use inexpensive SIP trunking to save you money on the monthly phone bill, and be perfect for most small law firms, doctors offices, dentist offices, realtors and churches. The Cisco UC540’s feature list is vast! Automated Attendant, Voice Mail to Email, Caller ID, SIP, paging, multi-site support, full support of just about any Cisco handset you could possibly want to use, including the affordable and feature packed SPA series.

Though I cannot give you a price in this blog post as there are a number of factors to consider, suffice it to say, the UC540 and a dozen phones competes nicely against any brand of VoIP, key or PBX offering.

When it comes down to providing a quality solution, it will be hard to beat the Cisco.

Homeland Secure IT is a Cisco Select Small Business certified vendor /partner in Greenville, SC. We would love to talk with you and determine if this is the solution for you!  Give us a call at 864-990-4748 or use the contact form on our website.

 

 

Remote tech support installs malware on server?

I received a phone call from a client last night who said that they could not browse the internet at their organization and that mail was down as well.

Here are the initial observations:

  • Their Cisco VoIP phone system was able to make calls and internal machines could ping outside servers by IP, but not by name, indicating that the internet connection was functional.
  • I could ping their firewall IP address and I could get into resources on their network other than the server remotely. Remote Desktop (RDP) didn’t respond, I could not telnet to the Exchange mail server (port 25) either.
  • The client had already rebooted the server once, and was logged into themselves and reported nothing strange.  They confirmed that on the server they could also ping outside IP addresses but the DNS server was not responding.

Okay, so this sounded like maybe the DNS server was the issue, but it was running okay, and the server itself could resolve hostnames. I was starting to lean towards firewall (on server or desktops) or switch issues at this point, but not being there and not having the ability to see the devices on the network with my own two eyes was hindering my progress. They opted to have us come out first thing in the morning and check it out.

When our tech arrived at start of business, he immediately realized that the server was unreachable from machines on their network and began looked over system logs, firewall & system settings and did the typical diagnostic in an attempt to restore connectivity.

Then he found it…

There were suspicious changes to the registry and upon running malware scanning tools, he quickly discovered the culprit. Malicious software of some sort had had its way with the machine.

The only thing that had happened leading up to this issue was that the client had been in touch with Intuit for a Quickbooks upgrade. The Intuit technician had performed a remote session and updated the QB install and the in turn the database files.

There are other potential ways that malware was put on the server, but the timing is suspicious as nobody else had accessed this machine remotely in many weeks, so we are going to assume that it came from the technician remotely accessing it, as we have no exact logging information that would indicate the time the changes were made.

Why am I blogging about this? In the event anyone else has an issue, they may find this post and confirm that they had a similar incident leading up to the event.

This could potentially happen if the installer of the software had become infected / exploited themselves, and it could be entirely accidental. Then again, some might want to speculate that people providing support to US based companies from foreign countries might intentionally wish to gain access to a server.

What can you do to protect yourself? Instead of using a software vendors foreign based technicians or engineers to update your software, you might fare better by using the services of a local based IT company. Also, having backups of your system files and system images will insure that you can “go back in time” and restore a system to a functional state should something of this nature happen.

Want to discuss this further? Feel free to add your two cents to our blog!

Should you desire computer or server support in the Greenville, Spartanburg or Anderson South Carolina area for your business, please call us at 864-990-4748 or use the contact form on our website. We would love to assist you!

Microsoft Security Bulletin for May 14 Patch Tuesday

Here it is ladies and gentlemen, the moment you have been anxiously awaiting.

May 2013’s Patch Tuesday!

Brought to you by Microsoft.

Yes, Patch Tuesday is loaded with a plethora of updates that will keep you busy for a few moments. The rundown on the updates is listed below in the advance notification, but suffice it to say, you NEED to update your computers.

If you have any problems or questions, Homeland Secure IT would like to help you out. Please call us at 864-990-4748 or use the contact form on our website.

Stay safe out there!

Critical Security Bulletins

============================

Bulletin 1

– Affected Software:
– Windows XP Service Pack 3
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
– Windows XP Professional x64 Edition Service Pack 2
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
– Windows Server 2003 Service Pack 2
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
– Windows Server 2003 x64 Edition Service Pack 2
– Internet Explorer 6
– Internet Explorer 7
– Internet Explorer 8
– Windows Server 2003 with SP2 for Itanium-based Systems
– Internet Explorer 6
– Internet Explorer 7
– Windows Vista Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
– Windows Vista x64 Edition Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
– Windows Server 2008 for 32-bit Systems Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for x64-based Systems Service Pack 2:
– Internet Explorer 7
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
– Internet Explorer 7
– Windows 7 for 32-bit Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
– Windows 7 for x64-based Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
– Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Internet Explorer 10
(Windows Server 2008 R2 Server Core installation
not affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
– Internet Explorer 8
– Windows 8 for 32-bit Systems
– Internet Explorer 10
– Windows 8 for 64-bit Systems
– Internet Explorer 10
– Windows Server 2012
– Internet Explorer 10
(Windows Server 2012 Server Core installation not affected)
– Windows RT
– Internet Explorer 10
– Impact: Remote Code Execution
– Version Number: 1.0

Bulletin 2

– Affected Software:
– Windows XP Service Pack 3
– Internet Explorer 8
– Windows XP Professional x64 Edition Service Pack 2
– Internet Explorer 8
– Windows Server 2003 Service Pack 2
– Internet Explorer 8
– Windows Server 2003 x64 Edition Service Pack 2
– Internet Explorer 8
– Windows Vista Service Pack 2:
– Internet Explorer 8
– Internet Explorer 9
– Windows Vista x64 Edition Service Pack 2:
– Internet Explorer 8
– Internet Explorer 9
– Windows Server 2008 for 32-bit Systems Service Pack 2:
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for x64-based Systems Service Pack 2:
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 Server Core installation not affected)
– Windows 7 for 32-bit Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Windows 7 for x64-based Systems Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
– Windows Server 2008 R2 for x64-based Systems
Service Pack 1:
– Internet Explorer 8
– Internet Explorer 9
(Windows Server 2008 R2 Server Core installation
not affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
– Internet Explorer 8
– Impact: Remote Code Execution
– Version Number: 1.0

Important Security Bulletins
============================

Bulletin 3

– Affected Software:
– Windows 8 for 32-bit Systems
– Windows 8 for 64-bit Systems
– Windows Server 2012
(Windows Server 2012 Server Core installation affected)
– Windows RT
– Impact: Denial of Service
– Version Number: 1.0

Bulletin 4

– Affected Software:
– Windows XP Service Pack 3
– Windows XP Professional x64 Edition Service Pack 2
– Windows Server 2003 Service Pack 2
– Windows Server 2003 x64 Edition Service Pack 2
– Windows Server 2003 with SP2 for Itanium-based Systems
– Windows Vista Service Pack 2
– Windows Vista x64 Edition Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation not affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
– Windows 8 for 32-bit Systems
– Windows 8 for 64-bit Systems
– Windows Server 2012
(Windows Server 2012 Server Core installation affected)
– Windows RT
– Impact: Spoofing
– Version Number: 1.0

Bulletin 5

– Affected Software:
– Microsoft Communicator 2007 R2
– Microsoft Lync 2010 (32-bit)
– Microsoft Lync 2010 (64-bit)
– Microsoft Lync 2010 Attendee (admin level install)
– Microsoft Lync 2010 Attendee (user level install)
– Microsoft Lync Server 2013
– Impact: Remote Code Execution
– Version Number: 1.0

Bulletin 6

– Affected Software:
– Microsoft Publisher 2003 Service Pack 3
– Microsoft Publisher 2007 Service Pack 3
– Microsoft Publisher 2010 Service Pack 1 (32-bit editions)
– Microsoft Publisher 2010 Service Pack 1 (64-bit editions)
– Impact: Remote Code Execution
– Version Number: 1.0

Bulletin 7

– Affected Software:
– Microsoft Word 2003 Service Pack 3
– Microsoft Word Viewer
– Impact: Remote Code Execution
– Version Number: 1.0

Bulletin 8

– Affected Software:
– Microsoft Visio 2003 Service Pack 3
– Microsoft Visio 2007 Service Pack 3
– Microsoft Visio 2010 Service Pack 1 (32-bit editions)
– Microsoft Visio 2010 Service Pack 1 (64-bit editions)
– Impact: Information Disclosure
– Version Number: 1.0

Bulletin 9

– Affected Software:
– Windows Essentials 2011
– Windows Essentials 2012
– Impact: Information Disclosure
– Version Number: 1.0

Bulletin 10

– Affected Software:
– Windows XP Service Pack 3
– Windows XP Professional x64 Edition Service Pack 2
– Windows Server 2003 Service Pack 2
– Windows Server 2003 x64 Edition Service Pack 2
– Windows Server 2003 with SP2 for Itanium-based Systems
– Windows Vista Service Pack 2
– Windows Vista x64 Edition Service Pack 2
– Windows Server 2008 for 32-bit Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for x64-based Systems Service Pack 2
(Windows Server 2008 Server Core installation affected)
– Windows Server 2008 for Itanium-based Systems Service Pack 2
– Windows 7 for 32-bit Systems Service Pack 1
– Windows 7 for x64-based Systems Service Pack 1
– Windows Server 2008 R2 for x64-based Systems Service Pack 1
(Windows Server 2008 R2 Server Core installation affected)
– Windows Server 2008 R2 for Itanium-based Systems Service
Pack 1
– Windows 8 for 32-bit Systems
– Windows 8 for 64-bit Systems
– Windows Server 2012
(Windows Server 2012 Server Core installation affected)
– Windows RT
– Impact: Elevation of Privilege
– Version Number: 1.0

Video surveillance for your business may pay for itself immediately

VideoSurveillance

When you hear the term “video surveillance”, you might have visions of high tech government agencies watching the masses, or you might think about a prime time TV show set in a Las Vegas casino with a whole team watching as the “eye in the sky”, or it could be the large department store chain that has cameras hanging from the ceiling.

While those are all amazing uses of video security technology, lets focus on a smaller, but equally important scale – the small and medium business.

What are the basic essentials required in order to provide a secure environment and to protect the assets of your small or medium business?

  • For one, you have to secure your premise with locks so that when you are not present, people cannot access your facility and carry anything out the door they wish.
  • You should have a burglar alarm for intrusion detection should someone breach the door locks and gain access.
  • A clear line of site to your building and bright outside lighting could deter someone from snooping about after hours.
  • Having good communication with alert business neighbors might let you know when someone is lurking around
  • Personnel trained to lock doors properly and arm the security system is a must

Those are the steps most of us take in securing our property.

But what about having eyes on your property when you are not there? It could be the cheapest insurance you might ever buy.

What would a basic video surveillance system look like?

In the most simplistic form, you might have a camera on the front parking lot, one on the main entrance to your building, one on the outside looking at the rear entrance, and potentially a camera in a common area inside your building. This would provide views of most of the areas where people come and go and could protect you in the following situation:

  • Someone breaks into a car in the parking lot – you might see the people who did it and have a good description.
  • A courier could back into a vehicle and leave and upon reviewing the recorded video, you could find out which courier it was.
  • Slip and fall type accidents could be reviewed and footage used in court to show what really happened.

As a bonus, you also know when your employees arrive and leave, so if you have suspicions of “buddy punching” where an employee leaves early and gets a coworker to clock them out on time, you can quickly pinpoint that.

If employees are horsing around behind the building, you also can easily determine that and footage can be used so they cannot say you terminated them wrongfully.

Rear entrances can remain locked, and a buzzer installed – a receptionist could see who was outside the door before heading to unlock it (or hitting the release button).

If you are an absentee business owner, where you find yourself away, you can use a mobile app or a web browser to watch your cameras in real-time. A camera can be configured to email you a snapshot whenever anyone walks into a specific area it can see.

A camera on a back entrance could also potentially catch an air conditioner thief, as they back their vehicle right up to the unit to steal it, you might get their license.

More elaborate systems might employ 8, 16, or more cameras, and watch specific assets, such as a vending machine, cash register or HVAC system.

If you are interested in this type of technology, it is more affordable than ever! Homeland Secure IT is happy to offer the biggest names in video surveillance! Our most recent partnership is with AXIS, the originator of IP camera systems.

Obviously, it is easy to see that having a video surveillance solution in place is not only a deterrent to would-be criminals and employees who might be tempted in your absence, but it also may protect your legally, assist in the apprehension of criminals after the fact, and most importantly, give you peace of mind while you are away!

We offer both sales and installation, as well as consultation.  Please call us at 864-990-4748 or use our contact form on our website for additional information!

Want to see some footage from a video security system used at a remote location? Check THIS LINK…   And watch for the follow up, as the people featured will surely be caught soon now that the video has been released.

 

Microsoft Office 365 Free Trial

Microsoft Office 365 Enterprise Free Trail

 

As I sit in a webinar this morning regarding a product we offer, I realize that I have done a poor job of increasing awareness of it to our customers!

Microsoft has been offering a hosted email solution for a while now, allowing even the smallest of businesses to have a full Microsoft Exchange experience just like a large fortune 500 business would have.

If you do not have Microsoft Exchange currently then you are missing out on some of these features – If you DO have Exchange, you get all of the features you have now, and some added benefits:

  • Mail hosted on reliable, redundant and backed up servers, which you do not have to pay to maintain.
  • When you leave your office, you can still access every single email, calendar entry and contact from your mobile device or notebook. When you send email from out of your office, it can appear you sent it as though you were sitting at your desk. It doesn’t matter if you have a Microsoft Windows PC, Android, iPhone, iPad, or an Apple Mac – you can still get all of your email anywhere, as long as you have an internet connection!
  • You can share your data (collaborate) with others. Meaning, you can give your receptionist access to view your calendar for planning purposes.
  • Create a distribution group, so one email from a client goes to multiple people within your organization without the need for you to forward the email.
  • Never worry about storage again… If you need more, you can expand, without paying for a new server.
  • Zero maintenance on the server, upgrades to new versions of the software do not require a day or more of downtime.
  • Backups are handled for you…. You don’t have to manage tapes or cartridges.
  • You can use your own version of Outlook, or you can use a web based client, or in some packages, you can get the latest version of Office in a downloadable subscription format
  • Whether you need email for five people or for 5000, Microsoft Office 365 can work for you. You can start with a small number and add “seats” as your company grows.

Want to give it a test drive? Here’s a link that allows you to try out all of the features of the flagship Microsoft Office 365 Enterprise E3 product absolutely free!

FREE MICROSOFT OFFICE 365 TRIAL

We’ve added a syndicated “mini site” that will give you more information as well, and it can be found here:

http://www.homelandsecureit.com/microsoft-office-365/

Confused as to whether a hosted / cloud based solution is right for your business? Give us a call at 864-990-4748 and we will be happy to evaluate your needs. We’re both a Microsoft partner and a Microsoft Small Business Specialist and we know what it takes to keep your mail flowing.