New Windows XP Vulnerability – How To Fix It

There’s a new vulnerability in Windows XP concerning parts of the Help and Support system. It was found by a Google researcher who posted the flaw just five days after talking with Microsoft about it. Evidently Microsoft wasn’t addressing the issue fast enough for him, raising a bit of a backlash from the community for not giving Microsoft time to respond.

Whatever the case, the exploit is now in the wild and XP machines are vulnerable to drive-by attacks on evil web sites.

It affects Windows XP’s Help and Support functions. Anything using the HCP protocol (hcp:// URI’s) is subject to unauthorized commands.

The easiest way to fix it is to go to Microsoft’s ‘Fix it’ page. You can fix it and, if you don’t like what happens, unfix it from the same site. Pretty cool.

This can also be manually done by following these simple directions:

1. Click Start, and then Run.
2. Enter regedit, and click OK.
3. Expand HKEY_CLASSES_ROOT, and then highlight the HCP key.
4. Right-click and Export the ‘Selected Branch’ to be on the safe side.
5. Right-click the HCP key, and then click Delete.

I read that it may cause some problems in your Control Panel, but I’ve tried most of the links and everything seems to be working on my XP computer.

[Editor's Note: This vulnerability was fixed in this month's Windows Update (July 13th), so make sure your computer is set to update Windows automatically or open your IE browser and go to Tools/Windows Update to download the security patch].
————————
HOSB RSS Feed

Anti-virus Software Recommendations

We often get clients asking us for a recommendation on anti-virus software. This occurred last week when one of our clients was infected with a scareware trojan (again).  He couldn’t download anything off the web because the trojan was blocking it and was standing at the anti-virus software rack at the local Office Max. He had been using AVG on his new computer, which didn’t block the scareware.

So let’s talk about antimalware protection for your home office or small business. First, there are Internet security suites that can contain a firewall, anti-virus, antimalware, anti-phishing, anti-spam, parental control, identity theft protection, backup software and any number of other features which you may or may not need.

Then there is dedicated anti-virus/antispyware software that specializes in protecting your computer from a virus/worm/trojan. Read more.
————————
HOSB RSS Feed

Using Your Browser To Save Passwords Is Not Secure

Using the autocomplete function in Internet Explorer to save user names and passwords or having Firefox remember passwords for sites is not a secure method of storing passwords.

I was recently checking out a handy little utility program called System Information for Windows when I clicked on an icon called ‘Secrets’ and BAM! there were all of my user names and passwords that were stored in my Firefox browser.

Eeek! I did a little research and found free utilities that can access your Firefox and Internet Explorer saved passwords – a potential security hole a mile wide. The video below shows the problem and what to do about it.

The solution for Firefox passwords can be adding a master password that you enter each time Firefox starts and you go to a page that needs your user name and password. It stays in effect until you close Firefox.

There’s no remedy for Internet Explorer other than to disable autocomplete. While the passwords are encrypted, all you need is to be logged into your Windows profile to access the passwords.

The video also shows how to turn autocomplete on and turn autocomplete off in IE and to clear your autocomplete file.

One solution discussed is RoboForm. It cost $29.95 but may be worth it. It sits in your browsers and stores encrypted passwords, name, address, etc. for use as needed.

If anyone out there has another solution please comment below..
————————
HOSB RSS Feed

Think Your USB Drive Is Encrypted? Not So Fast

We always recommend that our clients use secure measures for their data, including encrypting data on USB Flash drives. That way, if they get lost or stolen, no harm done, right?

Not anymore. Certain Kingston, SanDisk and Verbatim drives using AES-256 encryption are no longer safe, and the reason is so stupid as to be unbelievable.

Here’s how it works. You enter your password, a signal is sent to the encryption program which then encrypts or decrypts the file(s).

The problem is, no matter what your password is, if it’s valid the same signal is sent to the encryption/decryption process. All three manufacturers have USB drives with the same problem! Read more.
————————
HOSB RSS Feed

2 “Must Haves” For Your Business Computer

If you are running a home office or small business, your computer is no longer just a toy – it’s a vital part of your business. What happens to your business if your computer is down for a week or, worse yet, all your business data is lost forever?

There are two things you must have on a business computer… an Internet security suite and a data backup system.

A security suite contains, at its core, a software firewall, antivirus and anti-spyware. There will be add-ons like Identity Theft protection, spam protection and parental control, but the main things you NEED are the first three. Read more.
————————
HOSB RSS Feed

Your Solution To Scareware

Been under the weather for a few days but I’m back in tip-top shape…

I’ve written a few posts on scareware recently. The folks at ZDNet have just come out with an in-depth look at scareware that goes into recognizing, avoiding and reporting scareware. They also include 57 photos of scareware examples.

This problem has grown much bigger than I originally thought. ZDNet, actually Ryan Naraine and Dancho Danchev of their Zero Day blog, say that scareware has “emerged as the single most profitable monetization strategy for cybercriminals”.

This is not just pop-up come-ons, but legitimate looking sales pages for anti-virus software.

The problem is that people who are susceptible to these scams don’t read ZDNet warnings about identifying the hazards.

Here’s your solution.

Buy a reputable security suite. We use ZoneAlarm. It doesn’t take over your computer. It does its job efficiently and, lo and behold, you can actually, manually, shut it down if you need to. The license covers three computers for a year. Renew it annually.

Symantec’s Internet Security Suite is supposedly improved over previous versions, which is when I gave up on them. I’ve never liked McAfee. There are others out there. Buy one. Install it on all of your computers. That’s it.

Now you won’t be tempted to buy something like ‘eAntiVirus Pro 2008′ or ‘Antivirus 2009 Protection’. Once you are familiar with your suite you won’t be tempted by pop-ups claiming to have scanned your computer and found malware.

If you are in business on the web, your business is through your computer. Spend the 60 bucks a year to keep it safe..
————————
HOSB RSS Feed

Eco-friendly Scareware?

About six weeks ago I posted about scareware, pop-ups that entice you to click on a button to “fix” your computer.

You’ve probably seen it… you’re surfing along and up pops a window saying something like “Your computer is infected with 182 viruses – click here to fix”.

It’s extortion. They infect your computer and then want money to fix it. It’s another form of phishing, luring you in under false pretenses. The term for it is “scareware”.

community.ca.com  just posted about a new version of scareware, Green Scareware. This variation, called GreenAV,  promises to donate $2 to Amazon rain forests or some such nonsense.

A word to the wise – don’t let your better nature get you into a jam. If you come across this, just close your browser. Hackers often change the X to close the popup to mean it will download the malware.

When you open your browser again, don’t opt for “restore session”, choose new session. You can use your History to go back to any tabs you had open..
————————
HOSB RSS Feed

Shockwave Player Vulnerability

An Adobe Security Bulletin in late June 09 stated there was a security vulnerability in their Shockwave Player (Version 11.5.0.596 and earlier).

This is not the Flash player, it’s more for animated games and such, but there are an estimated 450 million computers with the Shockwave player installed.

To see if it’s installed on your computer go to Start/Control Panel/Add and Remove Programs (Vista: Start/Control Panel/Programs/Programs and Features) and see if Shockwave Player is installed.

If it’s installed, remove it and go to http://get.adobe.com/shockwave/ to download the newest version.

Paul

P.S. To stay up-to-date on all software on your computer you might want to try a free utility that we use called Secunia Personal Software Inspector..
————————
HOSB RSS Feed

Next Page »