Today, Microsoft released a patch (KB958644) that resolves a critical vulnerability found on all versions of Windows.
You can read the security bulletin for more information.
While Vista and SErver 2008 are not rated critical, it is important that everyone install this regardless of what Windows version you have.
You can download it manually at Microsoft’s website or via Windows Update.
This one is really a great application. Pismo File Mount Audit Package can be used to mount ZIP and ISO files as virtual folders to access the contents of the files.
The great value here is that for ISO disc images the contents are made available as a folder right where the image is located without the need to use a virtual drive as with many other free products that mount disc images. However, Pismo only supports ISO and Compact ISO format for disc images.
Another great feature is the ability to create private folders. This works like this: you create a .pfo file and you set a password for it. Then you can mount it and unmount it right away using the password and you can add or delete files inside it. When you unmount it, the folder is reverted to a .pfo file and is encrypted.
The only downside is that you can carry this file with you but you will need Pismo to mount it and use it in another computer. But besides this, the feature is great.
Highly recommended.
I stumble upon this promotion the other day. It is a 6-month license for Avira AntiVir Personal Edition Premium completely free.
AntiVir is a capable antivirus that has won several awards. I must say however, that my favorite security company is Kaspersky, with its Internet Security and Anti-Virus leading my personal preferences.
But you have to pay because they are not free. If you want to give AntiVir a try (and save some money, by the way), go to this page and enter you information to receive the free 6-month license.
It seems that the old way of delivering malware, using bogus audio or video files, is in practice in great scale once more. This, according to McAfee Avert Labs Blog.
Detection of a trojan named Downloader-UA.h was added to the McAfee DAT files several days ago. Since that time more than 360,000 McAfee VirusScan Online users have reported detections, a whopping 32% of those reporting in the past 24 hours alone. Now Downloader-UA.h is not your everyday trojan, this detection covers fake music and video files associated with fastmp3player.com.
When a user attempts to load one of these MP3 and MPG files, they don’t get the music/video they were hoping for; instead they’re directed to download a file named PLAY_MP3.exe. In fact, the MP3/MPG file they downloaded was completely fake, playing no media clip what so ever. [...]
Researchers with Princeton University and the Electronic Frontier Foundation have found a flaw that renders disk encryption systems useless if an intruder has physical access to your computer — say in the case of a stolen laptop or when a computer is left unattended on a desktop in sleep mode or while displaying a password prompt screen. The attack takes only a few minutes to conduct and uses the disk encryption key that’s stored in the computer’s RAM. The attack works because content as well as encryption keys stored in RAM linger in the system, even after the machine is powered off, enabling an attacker to use the key to collect any content still in RAM after reapplying power to the machine.
“We’ve broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers,” said J. Alex Halderman, one of the researchers, in a press release. “Unlike many security problems, this isn’t a minor flaw; it is a fundamental limitation in the way these systems were designed.” The researchers successfully performed the attack on several disk encryption systems — Apple’s FileVault, Microsoft’s BitLocker, as well as TrueCrypt and dm-crypt — but said they have no reason to believe it won’t work on other disk encryption systems as well, since they all share similar architectures. They released a paper about their work as well as a video demonstration (available at YouTube) of the attack.
Source: Wired News.
Spybot Search & Destroy is a free Anti-Spyware program. It can help you with removing those annoying and sometimes dangerous spyware threats.
Publisher’s Description:
Spybot Search and Destroy searches your hard drive for so-called spy- or adbots; that is, little modules that are responsible for the ads many programs display. Many of these modules also transmit information, including your surfing behavior on the Internet. If it finds such modules, it can remove them. In most cases the host still runs fine after removing the spyware/adware.
Another feature is the removal of usage tracks, which makes it more complicated for unknown spybots to transmit useful data. The list of last visited websites, opened files, started programs, cookies, all that and more can be cleaned. Supported are the three major browsers Internet Explorer, Netscape Communicator, and Opera.
It is recommended to scan your computer from time to time to ensure you are free of spyware/adware.
Some days ago there were reports of a flaw in the Macrovision SafeDisc component in Windows XP and Windows 2003. For those of you who didn’t know SafeDisc is embedded in Windows as a part of the Microsoft DRM security scheme. The vulnerability is not critical as it may seem because it requires a local system account to exploit it.
The component responsible for the flaw is the SafeDisc driver SECDRV.SYS.
Microsoft has said that it will provide an update in the next Patch Tuesday on November 13th. If you want to resolve the issue right away, Macrovision has released an updated driver.
Windows Vista users are not affected by this flaw.
