Happy Easter from all of us at Homeland Secure IT

Happy Easter from Homeland Secure IT & The Hoyts

Happy Easter (c)2012 John M. Hoyt

For those of you reading our blog in email, you are receiving this a day late and a dollar short, but the sentiment is the same.

The staff at Homeland Secure IT want to wish you a very happy Easter. We hope you were able to spend time with your family, and that you know that the real meaning behind Easter has nothing to do with bunnies, eggs, or candy.

Have a great week, for He has risen!

(The graphic is something we did a few years ago with real chocolate bunnies.  They were good if I remember correctly)

SECURE IT ALERT: Microsoft to unleash updates for April that address 4 critical vulnerabilities

Secure IT Alert for Thrusday, April 05, 2012

Coming your way right after Easter – Security updates from Microsoft!

This information is from the Microsoft Security Advance Notification for April 2012:

********************************************************************

Microsoft Security Bulletin Advance Notification for April 2012

Issued: April 5, 2012

********************************************************************

 

This is an advance notification of security bulletins that Microsoft is intending to release on April 10, 2012.

 

The full version of the Microsoft Security Bulletin Advance Notification for April 2012 can be found at http://technet.microsoft.com/security/bulletin/ms12-apr.

 

This bulletin advance notification will be replaced with the April bulletin summary on April 10, 2012. For more information about the bulletin advance notification service, see http://technet.microsoft.com/security/bulletin/advance.

 

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.aspx.

 

Microsoft will host a webcast to address customer questions on these bulletins on April 11, 2012, at 11:00 AM Pacific Time (US & Canada). Register for the Security Bulletin Webcast at http://technet.microsoft.com/security/bulletin.

 

Microsoft also provides information to help customers prioritize monthly security updates with any non-security, high-priority updates that are being released on the same day as the monthly security updates. Please see the section, Other Information.

 

This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

 

 

Critical Security Bulletins

============================

 

Bulletin 1

 

– Affected Software:

– Windows XP Service Pack 3:

– Internet Explorer 6

– Internet Explorer 7

– Internet Explorer 8

– Windows XP Professional x64 Edition Service Pack 2:

– Internet Explorer 6

– Internet Explorer 7

– Internet Explorer 8

– Windows Server 2003 Service Pack 2:

– Internet Explorer 6

– Internet Explorer 7

– Internet Explorer 8

– Windows Server 2003 x64 Edition Service Pack 2:

– Internet Explorer 6

– Internet Explorer 7

– Internet Explorer 8

– Windows Server 2003 with SP2 for Itanium-based Systems:

– Internet Explorer 6

– Internet Explorer 7

– Windows Vista Service Pack 2:

– Internet Explorer 7

– Internet Explorer 8

– Internet Explorer 9

– Windows Vista x64 Edition Service Pack 2:

– Internet Explorer 7

– Internet Explorer 8

– Internet Explorer 9

– Windows Server 2008 for 32-bit Systems Service Pack 2:

– Internet Explorer 7

(Windows Server 2008 Server Core installation not affected)

– Internet Explorer 8

(Windows Server 2008 Server Core installation not affected)

– Internet Explorer 9

(Windows Server 2008 Server Core installation not affected)

– Windows Server 2008 for x64-based Systems Service Pack 2:

– Internet Explorer 7

(Windows Server 2008 Server Core installation not affected)

– Internet Explorer 8

(Windows Server 2008 Server Core installation not affected)

– Internet Explorer 9

(Windows Server 2008 Server Core installation not affected)

– Windows Server 2008 for Itanium-based Systems Service Pack 2:

– Internet Explorer 7

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1:

– Internet Explorer 8

– Internet Explorer 9

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1:

– Internet Explorer 8

– Internet Explorer 9

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

– Internet Explorer 8

(Windows Server 2008 R2 Server Core installation

not affected)

– Internet Explorer 9

(Windows Server 2008 R2 Server Core installation

not affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1:

– Internet Explorer 8

– Impact: Remote Code Execution

– Version Number: 1.0

 

Bulletin 2

 

– Affected Software:

– Windows XP Service Pack 3

– Windows XP Professional x64 Edition Service Pack 2

– Windows Server 2003 Service Pack 2

– Windows Server 2003 x64 Edition Service Pack 2

– Windows Server 2003 with SP2 for Itanium-based Systems

– Windows Vista Service Pack 2

– Windows Vista x64 Edition Service Pack 2

– Windows Server 2008 for 32-bit Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for x64-based Systems Service Pack 2

(Windows Server 2008 Server Core installation affected)

– Windows Server 2008 for Itanium-based Systems Service Pack 2

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Impact: Remote Code Execution

– Version Number: 1.0

 

Bulletin 3

 

– Affected Software:

– Windows XP Service Pack 3

– Windows XP Professional x64 Edition Service Pack 2

– Windows Server 2003 Service Pack 2

– Windows Server 2003 x64 Edition Service Pack 2

– Windows Server 2003 with SP2 for Itanium-based Systems

– Windows Vista Service Pack 2

– Windows Vista x64 Edition Service Pack 2

– Windows Server 2008 for 32-bit Systems Service Pack 2

– Windows Server 2008 for x64-based Systems Service Pack 2

– Windows Server 2008 for Itanium-based Systems Service Pack 2

– Windows 7 for 32-bit Systems and

Windows 7 for 32-bit Systems Service Pack 1

– Windows 7 for x64-based Systems and

Windows 7 for x64-based Systems Service Pack 1

– Windows Server 2008 R2 for x64-based Systems and

Windows Server 2008 R2 for x64-based Systems Service Pack 1

(Windows Server 2008 R2 Server Core installation affected)

– Windows Server 2008 R2 for Itanium-based Systems and

Windows Server 2008 R2 for Itanium-based Systems

Service Pack 1

– Impact: Remote Code Execution

– Version Number: 1.0

 

Bulletin 4

 

– Affected Software:

– Microsoft Office 2003 Service Pack 3

– Microsoft Office 2007 Service Pack 2

– Microsoft Office 2007 Service Pack 3

– Microsoft Office 2010 (32-bit editions)

– Microsoft Office 2010 Service Pack 1 (32-bit editions)

– Microsoft Office 2003 Web Components Service Pack 3

– Microsoft SQL Server 2000 Service Pack 4

– Microsoft SQL Server 2000 Analysis Services Service Pack 4

– Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4

– Microsoft SQL Server 2005 for Itanium-based Systems

Service Pack 4

– Microsoft SQL Server 2005 for x64-based Systems Service Pack 4

– Microsoft SQL Server 2005 Express Edition with

Advanced Services Service Pack 4

– Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2

– Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3

– Microsoft SQL Server 2008 for x64-based Systems Service Pack 2

– Microsoft SQL Server 2008 for x64-based Systems Service Pack 3

– Microsoft SQL Server 2008 for Itanium-based Systems

Service Pack 2

– Microsoft SQL Server 2008 for Itanium-based Systems

Service Pack 3

– Microsoft SQL Server 2008 R2 for 32-bit Systems

– Microsoft SQL Server 2008 R2 for x64-based Systems

– Microsoft SQL Server 2008 R2 for Itanium-based Systems

– Microsoft BizTalk Server 2002 Service Pack 1

– Microsoft Commerce Server 2002 Service Pack 4

– Microsoft Commerce Server 2007 Service Pack 2

– Microsoft Commerce Server 2009

– Microsoft Commerce Server 2009 R2

– Microsoft Visual FoxPro 8.0 Service Pack 1

– Microsoft Visual FoxPro 9.0 Service Pack 2

– Visual Basic 6.0 Runtime

– Impact: Remote Code Execution

– Version Number: 1.0

 

 

Important Security Bulletins

============================

 

Bulletin 5

 

– Affected Software:

– Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

– Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

Update 1

– Impact: Information Disclosure

– Version Number: 1.0

 

Bulletin 6

 

– Affected Software:

– Microsoft Office 2007 Service Pack 2

– Microsoft Works 9

– Microsoft Works 6-9 File Converter

– Impact: Remote Code Execution

– Version Number: 1.0

 

 

Other Information

=================

 

Follow us on Twitter for the latest information and updates:

http://twitter.com/msftsecresponse

 

Microsoft Windows Malicious Software Removal Tool:

==================================================

Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

 

Non-Security Updates on MU, WU, and WSUS:

========================================================

For information about non-security releases on Windows Update and Microsoft update, please see:

* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base

Article 894199, Description of Software Update Services and

Windows Server Update Services changes in content.

Includes all Windows content.

* http://technet.microsoft.com/en-us/wsus/bb456965.aspx: Updates

from Past Months for Windows Server Update Services. Displays all

new, revised, and rereleased updates for Microsoft products other

than Microsoft Windows.

 

Microsoft Active Protections Program (MAPP) ===========================================

To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. To determine whether active protections are available from security software providers, please visit the active protections websites provided by program partners, listed at http://www.microsoft.com/security/msrc/collaboration/mapp.aspx.

 

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

 

The Microsoft Security Response Center (MSRC) uses PGP to digitally sign all security notifications. However, PGP is not required for reading security notifications, reading security bulletins, or installing security updates. You can obtain the MSRC public PGP key at https://technet.microsoft.com/security/bulletin/pgp.

 

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications on http://technet.microsoft.com/security/dd252948.aspx.

 

********************************************************************

THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

********************************************************************

To manage or cancel your subscription to this newsletter, visit the Microsoft.com Profile Center at <http://go.microsoft.com/fwlink/?LinkId=245953> and then click Manage Communications under My Subscriptions in the Quicklinks section.

 

For more information, see the Communications Preferences section of the Microsoft Online Privacy Statement at:

<http://go.microsoft.com/fwlink/?LinkId=92781>.

 

For the complete Microsoft Online Privacy Statement, see:

<http://go.microsoft.com/fwlink/?LinkId=81184>.

 

For legal Information, see:

<http://www.microsoft.com/info/legalinfo/default.mspx>.

 

This newsletter was sent by:

Microsoft Corporation

1 Microsoft Way

Redmond, Washington, USA

98052

If you require assistance with these or any other updates, please do not hesitate to call upon us at 864.990.4748.

 

SECURE IT ALERT: Update OS X Java to Avoid Spreading Mac Malware

Secure IT Alert for Thursday, April 05, 2012

This is courtesy of the WatchGuard Security Center.  We are happy to partner with WatchGuard to provide firewall and security solutions. Call us at 864.990.4748 if we can be of service!

 

Update OS X Java to Avoid Spreading Mac Malware

by Corey Nachreiner

Summary:

  • This vulnerability affects: OS X 10.7.x (Lion) and 10.6.x (Snow Leopard)
  • How an attacker exploits it: By enticing you to a website containing maliciously crafted Java
  • Impact: In the worst case, an attacker executes code on your user’s computer, with that user’s privileges
  • What to do: Install Java for OS X Lion 2012-001 or Java for OS X 10.6 Update 7 immediately, or let Apple’s updater do it for you.

Exposure:

Yesterday, Apple released an advisory describing a Java security update for OS X 10.6.x and 10.7.x. The update fixes 12 vulnerabilities in OS X’s Java components (number based on CVE-IDs).

Apple doesn’t describe each flaw in technical detail, but they do share the worst case impact. If an attacker can lure you to a website containing specially crafted Java code, he can exploit many of these vulnerabilities to execute code on your OS X computer, with your privileges.

This Apple update finally brings the Java updates Oracle released in February to OS X users. Unfortunately, attackers have already been exploiting one of these Java vulnerabilities against Mac users in the wild. A Mac trojan called Flashback has reportedly infected over 600,000 Macs, by leveraging one of these Java flaws (as well as a Flash vulnerability in the past). If you have any Mac computers in your organization, we highly recommend you install Apple’s OS X Java update immediately. You can also find instructions for checking your Mac for the Flashback malware here.

Solution Path:

Apple has issued Java for OS X Lion 2012-001 [dmg file] and Java for OS X 10.6 Update 7 [dmg file] to correct these flaws. If you manage OS X 10.6.x or 10.7.x computers, we recommend you download and deploy these updates immediately, or let OS X’s automatic Software Update utility install it for you.

For All WatchGuard Users:

Some of these attacks rely on one of your users visiting a web page containing malicious Java bytecode. The HTTP-Proxy policy that ships with most WatchGuard appliances automatically blocks Java bytecode by default, which somewhat mitigates the risk posed by some of these vulnerabilities.

Status:

Apple has released Java updates to fix these issues.

References:

This alert was researched and written by Corey Nachreiner, CISSP.

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

D-Link Silver VIP Partner

D-Link is a maker of high quality business and home network equipment, from IP security cameras to switches and wireless access points. We are happy to be a D-Link VIP Partner providing sales and support of all D-Link products here in Greenville and Upstate SC!

Homeland Secure IT will be closed on Good Friday!

Our technicians will be on-call, but our offices will be closed.

Please do not hesitate to call our cells or email us, or even leave a voice mail message on the main 864-990-4748 number (we will all get it) if you require priority computer service or repair.

We sure don’t want to see your entire network be down because your server is experiencing problems and we are away from the office, but we do want to have a day off to spend with our families, hopefully you will have the same opportunity!

Happy Easter & God bless!

Cisco Select Certified SMB Partner

Cisco is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Since the company’s inception in 1984, Cisco engineers have been leaders in the development of Internet Protocol (IP)-based networking technologies. Today, with more than 67,647 employees worldwide, this tradition of innovation continues with industry-leading products and solutions.

We are a Cisco SMB Select Partner, offering sales and support for the entire line of small & medium business products, from switches, to routers, firewalls, video surveillance, wireless access points and VoIP phones and systems.

We also offer sales of SmartNET licensing, for one device or thousands!

Our service area is the Upstate of SC, but we offer sales of licensing nationwide.

Need more information?

Cisco VoIP Solutions
Cisco Security Solutions

Or please call us at 864.990.4748 or utilize our CONTACT form!

2

Are you creative? I need a new name for this blog… Inquire within =)

Alrighty…  If you would like to help name this blog, please reply here, send me a note on facebook, twitter, or email, or catch me in person.

The “Blog-o-Rama” name was something to fill the space, but now that we have been here a while, and are getting hundreds, sometimes thousands of hits a day with subscribers, and regular visitors, it is time we had a proper name.

What is this blog about? Welllll, it is for the purpose of communicating with friends of mine, and clients of Homeland Secure IT, and just about anyone else who will listen.

We post everything from the mundane to the informative, from humor to music, technology to theatre.

Here are a few subjects we have covered:

  • Technology in general
  • Reviews of IT and electronic gadgets from computers to servers to storage to server room monitoring
  • Security patches, updates, vulnerabilities for operating systems, firewalls, and even a printer once
  • Promotional stuff for Homeland Secure IT, such as a special price on something
  • Theatre – We’ve covered reviews of several shows at The Warehouse Theatre in Greenville, SC
  • The Upstate – Events and happenings in the Greenville and Upstate SC area
  • Personal and family issues, from birthday and anniversary wishes to accomplishments in school
  • Ham radio, radio controlled vehicles and other hobbies
  • Cars – From an auto accident I was in to stuff for cars
  • Videos – Things posted from YouTube related to IT or computers, etc
  • Humor – The random joke, funny video will get posted
  • The Dockside Band – My band is covered here when we do something awesome, like play a great gig.
  • Topics related to Microsoft, Cisco, Lenovo, Toshiba, Symantec, Trend Micro, Nexlink, and a slew of our partners

The majority of posts involve IT, Computers, Servers, Networks, The Upstate & Greenville, SC, Technology, Gadgets and fun geeky stuff.

So what should we call the blog?  Let me know!

Thanks!

2

Computer Crash! The Worst Kind…

Computers and More crash2-040312.JPGThis is a picture taken just a couple hours ago of the front of “Computers and More”, a computer repair, service and sales place in Holland Michigan….

Thankfully nobody was injured!

I guess the driver needs to learn about BACKUP.  Oh my, I crack me up.

The original article is over HERE.

PSA: International Internet Spring Cleaning Day is TODAY!

It’s that time of year again when ISPs (Internet Service Providers)  all around the world perform their yearly maintenance, call it “Spring Cleaning” if you will.If you have been living under a rock and missed the stories on the news and the countless emails flying around for the last week or so, then this may come as a total surprise to you.

 

In the past, Internet Cleaning Day has taken place during a 24hr period, but due to new techniques, ISPs have managed to narrow it down to only 1 hour which they have conveniently scheduled for 12pm to 1pm in each time zone.

So today, at noon, before you leave your office for lunch, you should take some precautions to protect your electronics and fine furnishings from the chemicals that are blown through the lines. We have found that simply unplugging the CAT-5 cable from the back of your computer and placing it into a trashcan with a liner is best, but you can use an empty water bottle or even a coffee cup in a pinch. If using a coffee cup, or bottle though, you may want to put a layer of newspaper or other papers under it in case of any splashes or spills.

While normal analog phone systems are not going to be affected, VoIP systems WILL be… This is often overlooked! You should follow the same procedure if your business is using Voice over IP technology. If you are unsure, it is best to disconnect the cables and place in the same container as your network cables.

If you are using wireless devices, simply turning off the radio or disconnecting from all access points should work, but to be on the safe side, it never hurts to turn it off completely.
As always, if you require assistance with computer, server, network or even your internet spring cleaning in the Greenville, SC or Upstate, SC area, please call us at 864.990.4748

No work today… I’ll be attending TEDx Greenville again this year #TEDxGVL #Greenville

I was rather concerned that today would come and I would have work piled up to my ears and unable to attend the TEDx event I’ve been waiting paitently for since last year.

Up until 3:30 yesterday, I was reasonbly sure that I wouldn’t make it. I had even spoken with a couple people who needed tickets (this is a sold out event again this year) and told them that if I could not make it, they could have mine. Heck, I probably could have sold them for 100 bucks and made some money, but I think that could be illegal.

So here it is, 7:00 AM the day of the event and I’m all giddy with excitement. If you are reading this, then maybe you are not there. Your loss, really.

You can find out all about it over on www.tedxgreenville.org, or follow the twitter feed of #TEDxGVL – I think there is a live video feed today too.

Then tomorrow, our band, The Dockside Band (http://facebook.com/DocksideBand) is playing the grand opening of Palmetto Moonshine down in Anderson, starting about 11:15 AM and going as late as 8:00 PM.  Palmetto Moonshine is South Carolina’s first legal distillery. They will be having free tastings and giveaways throughout the day in addition to the groovy party tunes laid down by Dockside.

Have a super weekend!