April 10th, 2014
Adware is the name for software that automatically generates advertisements. Usually it finds its way onto a computer by piggybacking on another program. Once on a user’s computer, ads can pop-up without warning either. Sometimes, these ads are displayed while using a web browser to disguise where they’re coming from and other times they pop-up seemingly from nowhere. As Lucian Constantin reports at Network World, however, Microsoft is implementing new guidelines for programs to discourage adware.
Starting July 1st, adware will be blocked by default, which seems like a move Microsoft would’ve taken ages ago. Up until now, it was up to users to decide what action to take when adware was detected by Microsoft’s security software.
The criteria for classifying adware is also becoming much more strict. Any program that displays ads of it’s own window or inside of another program like a web browser will risk being labeled as adware and blocked. Advertisements that stay within the program that displays them will be free of Microsoft’s wrath.
Those that do get flagged will have to pass the next level of tests. First, ads must have a clear way to be closed. This can be an “x” or the word “close” in the corner of the ad. Ads also must be clearly labeled to tell users what program they stem from. Microsoft suggests using language like “Ads by [blank]” or “Powered by [blank]”. Programs will also need to provide an uninstall method through Windows control panel to make it easy for users to remove them.
The idea behind the adware criteria is to give users more control over what is allowed to run on their own systems.
In the past, adware developers intentionally made it nearly impossible for average users to remove the entirety of the programs or reset changes made by them. The most popular forms of adware are browser toolbars, which are notoriously difficult to remove once installed.
These changes aren’t expected to put an end to what has become a lucrative business, but it will hopefully cut down on the amount of adware capable of penetrating computers with Windows operating systems.
If your computer is infected with adware, spyware or malware, bring it to Geek Rescue or call us at 918-369-4335.
March 31st, 2014
Email has become a tool that most of us check and use multiple times per day. Businesses run on email and it’s vital for many users to have constant access and an ability to quickly respond. Accessibility is one of the primary reasons that webmail has surged in popularity. Services like Gmail allow users to have access from virtually anywhere with very little downtime. As Alan Henry of LifeHacker explains, however, there are still some benefits to using desktop email clients like Microsoft Outlook.
While webmail is portable and mobile, it requires an internet connection even to read emails stored in your inbox. While there are fewer and fewer environments where you have to be without an internet connection, there are situations where you’re required to work without one. When that happens, desktop email has the advantage. With a platform like Outlook, you’ll be able to read old messages, organize your inbox and queue up responses to send once a connection is available. This helps you be productive in an otherwise unproductive environment or ensures that an email with valuable information is always available even when your internet connection is having issues.
Have you ever considered what would happen if your email account was suddenly deleted? If most users lose access to their account, they likely lose access to many contacts and vital information. That’s why it’s important to regularly back-up everything stored in your email and back-ups are much easier to create and manage yourself with desktop clients. You’re able to back-up messages stored in your inbox and sent folder, all of your contacts and even your folder structure. This way, if you need to change email provider’s or the unthinkable happens to your account, you’ll have everything you need to pick up where you left off.
To be clear, it’s certainly possible to encrypt webmail, but it usually requires handing at least some control over to a third party app or add-on. For the most secure encryption, you’ll want to store keys and generation tools yourself. To do that, you need a desktop email client. Email is constantly at risk to be hacked or messages intercepted. If you’re sending valuable information via email, you should at least be encrypting it. Effective encryption for desktop mail can be implemented quickly.
There are pros and cons to both webmail and desktop email so you’ll want to carefully diagnose how you regularly use email to help you decide which option is best for you.
Geek Rescue has all the email solutions you need. From hosting email, to setting up your office with Microsoft Exchange, to improving email security and fixing issues, we have the answers you need. Call us at 918-369-4335.
March 26th, 2014
The danger of a zero-day exploit is that users are left vulnerable to a known vulnerability while a manufacturer scrambles to patch it. This can sometimes result in weeks of known vulnerabilities being available to attackers. The latest zero-day reported involves Microsoft Word and would allow for remote code execution if exploited. A post at the Symantec blog explains the details of this issue.
Microsoft has alerted the public through a security advisory that the Word exploit exists, but have not yet released a patch that fixes it. In the advisory, they report that attacks, although limited, have been observed using this exploit in the wild. Those attacks have only exploited Word 2010, but other versions are considered vulnerable. Those versions include Word 2003 and 2007, Office for Mac 2011, Office Web Apps 2010 and Office Web Apps Server 2013.
Unfortunately, there have been no specific details released about how attackers are exploiting the vulnerability. The issue comes from opening a malicious .RTF file with Word. But, even previewing an .RTF file attached to an email in Outlook could allow an attacker access to a user’s system. So, the attack could stem from malicious email attachments, or it could stem from websites that trick users into downloading and opening a file.
There has been a temporary solution released through Microsoft’s FixIt tool, which makes it impossible for Word to open any .RTF document until a more permanent solution is found. Similarly, Outlook can be configured so that previews of attachments open as plain text, rather than through Word, which would also serve as a temporary solution, but could also be a safer way to operate from now on.
All Word and Outlook users are urged to watch for a patch that fixes this vulnerability and update as soon as it’s made available.
At Geek Rescue, we help help make your computer and your network as secure as possible. We also help you recover from attacks. Call us at 918-369-4335.
March 14th, 2014
Once each month, Microsoft releases a batch of patches to close security vulnerabilities and fix bug and compatibility issues in their products. Last month, just days after the monthly patch release, an exploit was discovered and publicized for Internet Explorer 10. That exploit stayed vulnerable until this week when March’s patch release included a fix. This situation, as Antone Gonsalves of Network World points out, reveals the flaws in the current patching schedule for Microsoft and many other software manufacturers.
Not only was a known exploit unpatched for weeks, but that exploit was also made public. That means those with the means and motivation to attack unprotected users knew exactly how and where to strike.
After a few days, Microsoft did release a temporary solution in their “Fix It” tool. Unfortunately, very few users know how to access that tool, which leads to low numbers of installations. So, while a temporary fix was available, it was neither widely publicized or used.
The other option for overcoming this particular vulnerability was to upgrade from IE 10 to IE 11. For most individual users, this was a viable solution. However, for enterprise level users, changing web browsers company-wide often takes more time and planning.
Meanwhile, attackers struck multiple websites in multiple countries on multiple continents.
Despite this specific shortcoming in the patch schedule, Microsoft is actually ahead of many other software companies in this regard. For example, while Microsoft routinely releases new patches and updates once per month, Oracle releases updates quarterly and Cisco releases updates only twice per year.
The best solution suggested so far is to remove Internet Explorer from this monthly patching schedule. While it’s more than enough to update most applications once per month, IE faces a high number of attempted attacks and exploits each day. It’s much more likely that a critical vulnerability will be found and immediately exploited in IE than other applications. Even with a faster patch release, however, some IT departments might struggle to stay up to date and fully patched.
For those companies affected by unpatched vulnerabilities, there are some ways to better protect yourselves while you wait for the application manufacturer. Segmenting network assets, limiting user permissions and using application whitelisting are all ways to significantly improve security and lower the chances of a devastating and costly attack.
For help implementing an improved security infrastructure, call Geek Rescue at 918-369-4335.
February 19th, 2014
The year 2001 may not seem that long ago to some, but for Microsoft, it was an eternity ago. Windows XP launched in October of 2001 and since then, Microsoft has moved on to three more operating systems, Windows Vista, 7 and 8. In April, support for Windows XP will end and users will be left to choose between upgrading to a newer operating system, or using one with no hope of bug fixes or security patches. At Information Week, Jeff Bertolucci published a list of what XP users need to know ahead of the April expiration date and what they should be thinking about.
- Windows XP will still run
Just because Microsoft will no longer support XP, it doesn’t mean that your computer running XP will no longer work. The only change will be that Microsoft won’t be releasing updates. That means newer devices won’t be compatible with XP machines. It also means you’ll become more vulnerable to attacks as vulnerabilities are uncovered but unpatched.
- Office and Exchange 2003 also expiring
Lost in the news of XP’s end of support is the end of support for both Office 2003 and Exchange 2003. Online content, security updates and bug fixes will no longer be released for these popular applications after April 8th. If you’re unsure of what version of Office you’re using, go to the ‘Help’ menu in Microsoft Word and select “About Microsoft Office Word”.
- Security Essentials gets a reprieve
Microsoft Security Essentials is far from a complete malware protection program, but Microsoft won’t be continuing updates for Security Essentials on XP until July of 2015. That, in addition to an up to date antivirus program, will help keep you more secure even after the XP updates cease.
- Windows 7 features Windows XP mode
If you decide to update to Windows 7, there’s an XP mode to help make the transition easier. This allows you to run applications designed for XP effectively. A separate window will open on the desktop, which will be a fully functional version of XP. There’s one catch, however. XP mode also will stop getting support in April. It will still be available, but it won’t be getting updates and patches.
- Compatibility troubleshooting
The hesitation for many users in upgrading their operating system is a concern that programs they consistently use won’t be compatible with a newer version of Windows. Microsoft has publicly stated that they can’t guarantee that programs that ran on XP will work in Windows 7 or 8. There is, however, a troubleshooting tool to help you adjust an application’s settings to make it work. To access the tool, right click on the program’s icon and select “troubleshoot compatibility”.
Hard drive space has increased exponentially since the days when Windows XP ruled the world. Now, Windows 8.1 requires at least 16 GB of free space for 32-bit systems and 20 GB of free space for 64-bit systems. This free space is allocated for updates. If you’re planning to upgrade from XP to 8.1, you’ll have to make sure you have enough space on your hard drive to make it work.
If you need help upgrading your personal computer or an entire office of XP machines, or if you have computer issues that extend beyond an out-dated operating system, call Geek Rescue at 918-369-4335.
February 14th, 2014
This week, in the monthly edition of Patch Tuesday, Microsoft released a number of patches to fix vulnerabilities in Internet Explorer. Just days later, Microsoft has confirmed that a zero-day exploit is being used in an active attack campaign that targets IE 9 and 10. Brandan Blevins of Search Security reports more details.
The label ‘zero-day’ categorizes attacks that exploit vulnerabilities before a patch can be created. By definition, this is a case where attackers learned of a vulnerability before the developers.
The attack is also categorized as a “watering hole attack”, which means that a specific website is being targeted in order to infect the group that typically visits that site. In this case, the U.S. Veterans of Foreign Wars’ website has its HTML code tampered with in order to load a malicious web page for visitors. When that page loads, malware is downloaded and executed on the user’s machine.
The attack exploits what’s being called the “use-after-free” bug, which allows for one byte of memory to be modified at “an arbitrary address”.
Microsoft has not announced whether a patch will be rushed out to fix the vulnerability or if users will have to wait for March’s Patch Tuesday. In the meantime, there are two options for IE 9 and 10 users.
One is a complicated fix using Microsoft’s Enhanced Mitigation Toolkit Experience.
A simpler fix is to stop using IE 9 and 10 until a patch is released. Either change browsers to Chrome, Firefox or another popular choice, or upgrade Internet Explorer to version 11.
If your computer has already been infected with malware, bring it to Geek Rescue, or call us at 918-369-4335.
February 12th, 2014
Office 365 contains vital tools for businesses of any size. With so many companies relying on Microsoft’s applications, there’s a need for improved security to protect valuable data. As Alexandra Gheorghe reports for Hot For Security, Office 365 users will now be using two-factor authentication to keep the data used within applications safer.
Previously, data being stored in the cloud through Office 365 was protected only by a password, except for those users with administrative roles who have had access to two-factor authentication since June. Now, all users will have be able to use the enhanced security.
Before you are able to log-in, users will need to correctly enter their password, then use a separate, one-time code that’s sent to them via text message or app notification on their smartphone. Users also have the option of having Microsoft call their smartphone or office phone and simply hitting pound to authenticate. This will verify the device being used to access Office 365. To access your account from another device, the authentication process would have to be used again.
Two-factor authentication isn’t foolproof. Attacks that successfully compromised two-factor systems have already been observed in the wild. But, it’s considered much more secure than using a password alone. Since the aim is to protect data stored in the cloud, protecting it from remote access by unknown sources is important.
While two-factor authentication is not yet available for desktop applications, Microsoft is adding App Passwords to offer additional security for those users.
For help implementing Office 365 at your business, or for help improving your security infrastructure, call Geek Rescue at 918-369-4335.
February 7th, 2014
Many internet users believe that the key to avoiding a malware infection is to only visit legitimate websites and never open suspicious looking email or download attachments. While this is certainly going to keep users safe from a large amount of malware, it doesn’t keep them safe from all of it. This is evidenced by a recent exploit of a vulnerability in Adobe’s Flash player. As Lucian Constantin reports for PC World, this exploit infected victims with malware capable of stealing users’ log-in credentials for a variety of websites.
Security experts uncovered 11 exploit files targeting this vulnerability, which reveals that the same security flaw was being used by hackers in different ways. Some of the exploit files were designed to execute other files, one downloaded other malicious files and one was a trojan that steals log-in credentials saved in email and web browsers.
Experts found that each file was embedded within Microsoft Word .docx files and target Windows users specifically. Though one attack used malicious emails with a rigged .docx file as an attachment to infect users, most files were found in internet caches suggesting they were downloaded from websites.
These files have already been used in attacks against real-world users, as evidenced by Adobe’s use of the phrase “in the wild” to describe them. Since the vulnerability is known in the hacking community, expect more attacks to be rolled out exploiting it.
To their credit, Adobe scrambled to release a patch that would eliminate the Flash security flaw. This is version 18.104.22.168 for Windows and Mac users. If you haven’t updated Flash on your machine yet, be sure to do that as soon as possible.
If your computer has been infected with malware, bring it to Geek Rescue or call us at 918-369-4335.
February 3rd, 2014
A planned update to the Windows 8.1 operating system is planned to be released in March, but an early, unfinished version has already leaked online. As Wayne Williams of BetaNews reports, this leaked version reveals many features the official update will offer to users.
Many experts surmised this would be part of the official update and it appears they were correct. Any app downloaded from the official Windows Store can now be pinned to the taskbar. To do so, users only need to right click on the app, or holding down on it if you are using a touchscreen, then select “pin to taskbar”. You can also set Windows to display all currently running apps on the taskbar.
On the Start screen, next to your username, this update includes two new buttons. First, a search button allows for easy access to the search function. The second is a Power button. From here, you can shut down or restart. You can also put your computer to sleep.
Those using a mouse can right click apps and have access to a menu full of options. Pin or unpin from the Start screen or taskbar, resize its tile or uninstall completely. There’s also now an alphabetical view on the Apps screen that allows you to filter apps by letter. Any app that comes from the official Windows Store now has a title bar to make it easier to minimize, close or rearrange those windows. Also, for the first time you can access the taskbar even while running an app.
One popular rumor was that part of the official update would make booting to the desktop the default behavior, but that isn’t reflected in the leaked version. There’s still a chance that the official update will include that change, however.
Regardless of what operating system you use, when your computer has issues, bring it to Geek Rescue or call us at 918-369-4335.
January 30th, 2014
Planning is a key step to effective data security for your business. If you know how you’re likely to be attacked, you’ll know how to best protect yourself. At PC World, Tony Bradley published a list of security threats he expects to be common throughout 2014.
The time when you could consider your smartphone immune from the dangers of malware has passed. With a large percentage of the population not only using mobile devices, but using them to access critical data, criminals have begun heavily targeting them with mobile-specific malware. And infection can stem from a number of places. Email, malicious links and text messaging are all popular modes of malware infection, but even connecting to an infected computer via USB has been the root of infection in some attacks.
You’ve likely seen this buzzword in the media and it refers to the growing number 0f items with internet capabilities. Your refrigerator, car, home security system, baby monitor and many other common items can now be online and controlled remotely. While this may present a convenience for you, it also poses a security risk as hackers may also be able to gain control of your things. We’ve already seen a refrigerator used as part of a botnet. Be aware that if an item in your home or business can connect to the internet, it can be hacked.
Patches and security updates for this operating system will be discontinued by Microsoft this April. While Microsoft Security Essentials will receive support until the summer of 2015, this still presents a significant security issue. A large portion of the world’s desktop computers, particularly in offices, are still running XP. Worse is that kiosks and other embedded devices also run off of XP. When Microsoft stops supporting their old operating system, developers will also likely stop releasing updates for their XP applications. This leaves users in a frozen state where known exploits won’t be fixed. Some security experts are forecasting that hackers will wait until support stops and then launch all out attacks on XP systems.
Due to the success of attacks, like those on Target and Nieman Marcus, expect large scale data breaches to continue. Cyber criminals understand how valuable data can be and are willing to launch intelligent attacks to steal it. Staying protected requires planning, putting proper security tools in place and being smart about what you download and who you allow on your network.
For help improving the security at your company or on your home PC, call Geek Rescue at 918-369-4335.