Archive for the ‘Computer repair, laptop repair’ Category

There is  a vulnerability affecting Microsoft Windows. This
vulnerability is due to the failure of Microsoft Windows to properly
obtain icons for .LNK files. Microsoft uses .LNK files, commonly
referred to as “shortcuts,” as references to files or applications.

By convincing a user to display a specially crafted .LNK file, an
attacker may be able to execute arbitrary code that would give the
attacker the privileges of the user. Viewing the location of an .LNK
file with Windows Explorer is sufficient to trigger the vulnerability.
By default, Microsoft Windows has AutoRun/AutoPlay features enabled.
These features can cause Windows to automatically open Windows
Explorer when a removable drive is connected, thus opening the
location of the .LNK and triggering the vulnerability. Other
applications that display file icons can be used as an attack vector
for this vulnerability as well. Depending on the operating system and
AutoRun/AutoPlay configuration, exploitation can occur without any
interaction from the user. This vulnerability can also be exploited
remotely through a malicious website, or through a malicious file or
WebDAV share.

Microsoft has released Microsoft Security Advisory 2286198 in response
to this issue. Users are encouraged to review the advisory and
consider implementing the workarounds listed to reduce the threat of
known attack vectors. Please note that implementing these workarounds
may affect functionality. The workarounds include
* disabling the display of icons for shortcuts
* disabling the WebClient service
* blocking the download of .LNK and .PIF files from the internet

Microsoft has released a tool, Microsoft Fix it 50486, to assist users
in disabling .LNK and .PIF file functionality. Users and
administrators are encouraged to review Microsoft Knowledgebase
article 2286198 and use the tool or the interactive method provided in
the article to disable .LNK and .PIF functionality until a security
update is provided by the vendor.

Update: Microsoft has issued a Security Bulletin Advance Notification
indicating that it will be releasing an out-of-band security bulletin
to address this vulnerability. Release of the security bulletin is
scheduled for August 2, 2010.

In addition to implementing the workarounds listed in Microsoft
Security Advisory 2286198, US-CERT encourages users and administrators
to consider implementing the following best practice security measures
to help further reduce the risks of this and other vulnerabilities:
* Disable AutoRun as described in Microsoft Support article 967715.
* Implement the principle of least privilege as defined in the
Microsoft TechNet Library.
* Maintain up-to-date antivirus software.

Relevant Url(s):
<http://support.microsoft.com/kb/967715>

<http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx>

<http://support.microsoft.com/kb/2286198>

<http://technet.microsoft.com/en-us/library/bb456992.aspx>

<http://www.microsoft.com/technet/security/advisory/2286198.mspx>

The main difference between email clients is the user interface. Regardless
of which software you decide to use, follow good security practices when
reading or sending email.

How do email clients work?

Every email address has two basic parts: the user name and the domain name.
When you are sending email to someone else, your domain’s server has to
communicate with your recipient’s domain server.

For example, let’s assume that your email address is johndoe@example.com,
and the person you are contacting is at janesmith@anotherexample.org. In
very  basic  terms, after you hit send, the server hosting your domain
(example.com)  looks at the email address and then contacts the server
hosting the recipient’s domain (anotherexample.org) to let it know that it
has a message for someone at that domain. Once the connection has been
established, the server hosting the recipient’s domain (anotherexample.org)
then looks at the user name of the email address and routes the message to
that account.

How many email clients are there?

There are many different email clients and services, each with its own
interface.  Some  are  web-based  applications,  some  are stand-alone
applications installed directly on your computer, and some are text-based
applications. There are also variations of many of these email clients that
have been designed specifically for mobile devices such as cell phones.

How do you choose an email client?

There is usually an email client included with the installation of your
operating system, but many other alternatives are available. Be wary of
“home-brewed” software, because it may not be as secure or reliable as
software that is tested and actively maintained. Some of the factors to
consider when deciding which email client best suits your needs include
* security – Do you feel that your email program offers you the level of
security you want for sending, receiving, and reading email messages?
How does it handle attachments (see Using Caution with Email Attachments
for more information)? If you are dealing with sensitive information, do
you have the option of sending and receiving signed and/or encrypted
messages  (see  Understanding Digital Signatures and Understanding
Encryption for more information)?
* privacy  – If you are using a web-based service, have you read its
privacy policy (see Protecting Your Privacy for more information)? Do
you know what information is being collected and who has access to it?
Are  there  options for filtering spam (see Reducing Spam for more
information)?
* functionality – Does the software send, receive, and interpret email
messages appropriately?
* reliability – For web-based services, is the server reliable, or is your
email frequently unavailable due to maintenance, security problems, a
high volume of users, or other reasons?
* availability – Do you need to be able to access your account from any
computer?
* ease of use – Are the menus and options easy to understand and use?
* visual appeal – Do you find the interface appealing?

Each email client may have a different way of organizing drafted, sent,
saved, and deleted mail. Familiarize yourself with the software so that you
can find and store messages easily, and so that you don’t unintentionally
lose messages. Once you have chosen the software you want to use for your
email,  protect  yourself and your contacts by following good security
practices (see US-CERT Cyber Security Tips for more information).

Can you have use more than one email client?

You can have more than one email client, although you may have issues with
compatibility.  Some email accounts, such as those issued through your
internet service provider (ISP) or place of employment, are only accessible
from a computer that has appropriate privileges and settings for you to
access that account. You can use any stand-alone email client to read those
messages, but if you have more than one client installed on your machine,
you should choose one as your default. When you click an email link in a
browser or email message, your computer will open that default email client
that you chose.

Most vendors give you the option to download their email software directly
from their websites. Make sure to verify the authenticity of the site before
downloading any files, and follow other good security practices, like using
a firewall and keeping anti-virus software up to date, to further minimize
risk (see Understanding Firewalls, Understanding Anti-Virus Software, and
other US-CERT Cyber Security Tips for more information).

You  can also maintain free email accounts through browser-based email
clients  (e.g.,  Yahoo!,  Hotmail, Gmail) that you can access from any
computer. Because these accounts are maintained directly on the vendors’
servers, they don’t interfere with other email accounts.
_________________________________________________________________

Author: Mindi McDowell

Oracle has released a critical patch update to address 27
vulnerabilities in Java SE and Java for Business. These
vulnerabilities are in the following components: ImageIO, Java 2D,
Java Runtime Environment, Java Web Start, Pack200, Sound, JSSE, and
HotSpot Server.

US-CERT encourages users and administrators to review the critical
patch update and apply any necessary updates to help mitigate the
risks.

Relevant Url(s):
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html>

Microsoft Internet Explorer Vulnerabilities

Source: US-CERT

Systems Affected

* Microsoft Internet Explorer

Overview

Microsoft has released out-of-band updates to address critical
vulnerabilities in Internet Explorer.

I. Description

Microsoft has released updates for multiple vulnerabilities in
Internet Explorer, including the vulnerability detailed in
Microsoft Security Advisory (981374) and US-CERT Vulnerability Note
VU#744549.

II. Impact

By convincing a user to view a specially crafted HTML document or
Microsoft Office document, an attacker may be able to execute
arbitrary code with the privileges of the user.

III. Solution

Apply updates

Microsoft has released updates to address these vulnerabilities.
Please see Microsoft Security Bulletin MS10-018 for more
information.

Apply workarounds

Microsoft has provided workarounds for some of the vulnerabilities
in MS10-018.

IV. References

* Microsoft Security Bulletin MS10-018 -
<http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx>

* Microsoft Security Advisory (981374) -
<http://www.microsoft.com/technet/security/advisory/981374.mspx>

* Microsoft Internet Explorer iepeers.dll use-after-free
vulnerability -
<http://www.kb.cert.org/vuls/id/744549>

Microsoft has issued a Security Bulletin Advance Notification
indicating that it will be releasing an out-of-band security bulletin.
This bulletin will address a vulnerability in Microsoft Internet
Explorer 6 and Internet Explorer 7. The notification states that
release of this bulletin is scheduled for March 30, 2010. Additional
information can be found in Microsoft Security Advisory 981374 and in
the Vulnerability Notes Database.

US-CERT will provide additional information as it becomes available.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/744549>

<http://www.microsoft.com/technet/security/advisory/981374.mspx>

<http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx>

Apple has released Security Update 2010-002 and Mac OS X v10.6.3 to
address multiple vulnerabilities that affect a number of applications.
These vulnerabilities may allow an attacker to execute arbitrary code,
obtain sensitive information, cause a denial-of-service condition,
bypass security restrictions, or operate with elevated privileges.

US-CERT encourages users and administrators to review Apple Article
HT4077 and apply any necessary updates to help mitigate the risks.

Relevant Url(s):
<http://support.apple.com/kb/HT4077>

US-CERT is aware of public reports of an active email scam. These
emails, which appear to come from seemingly legitimate law firms,
indicate that someone has filed a copyright lawsuit against the
message recipient. The messages may contain malicious attachments or
web links. If a user opens the attachment or follows the link,
malicious code may be installed on the user’s system.

US-CERT encourages users to take the following preventative measures
to help mitigate the security risks:
* Do not follow unsolicited web links and do not open unsolicited
email messages.
* Maintain up-to-date antivirus software.
* Use caution when visiting untrusted websites.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://isc.sans.org/diary.html?storyid=8497>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

In the past, US-CERT has received reports of an increased number of
phishing scams and malware campaigns that take advantage of the United
States tax season. Due to the upcoming tax deadline, US-CERT reminds
users to remain cautious when receiving unsolicited email that could
be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include the following:
information that refers to a tax refund, warnings about unreported or
under-reported income, offers to assist in filing for a refund, or
details about fake e-file websites. These messages, which appear to be
from the IRS, may ask users to submit personal information via email
or may instruct the user to follow a link to a website that requests
personal information or contains malicious code.

At this time, US-CERT is aware of public reports indicating that there
is active circulation of a tax season malware campaign. This malware
campaign may be using malicious code commonly known as Zeus or Zbot.

US-CERT encourages users and administrators to take the following
measures to protect themselves from these types of phishing scams and
malware campaigns:
* Do not follow unsolicited web links in email messages.
* Maintain up-to-date antivirus software.
* Refer to the IRS website related to phishing, email, and bogus
website scams for scam samples and reporting information.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

<http://www.irs.gov/privacy/article/0,,id=179820,00.html?portlet=5>

The Mozilla Foundation has released Firefox 3.6.2 to address multiple
security issues, including a critical vulnerability that may allow a
remote attacker to execute arbitrary code.

US-CERT encourages users and administrators to do the following to
help mitigate the risks:
* Review the Firefox 3.6.2 release notes.
* Review Mozilla Foundation Security Advisory 2010-08.
* Upgrade to Firefox 3.6.2

Additional information regarding this vulnerability, including a
workaround for users who cannot upgrade, can be found in the
Vulnerability Notes Database.

Relevant Url(s):
<http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/>

<http://www.mozilla.org/security/announce/2010/mfsa2010-08.html>

<http://www.kb.cert.org/vuls/id/964549>

<http://www.mozilla.com/>

US-CERT is aware of public reports of malicious code circulating via
spam email messages impersonating the Department of Homeland Security
(DHS). The attacks arrive via unsolicited email messages that may
contain subject lines related to DHS or other government activity.
These messages may contain a link or attachment. If users click on
this link or open the attachment, they may be infected with malicious
code, including the Zeus Trojan.

US-CERT encourages users and administrators to take the following
measures to protect themselves:
* Do not follow unsolicited web links or attachments in email
messages.
* Maintain up-to-date antivirus software.
* Refer to Cyber Security Tip ST04-014 – Avoiding Social Engineering
and Phishing Attacks
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

Archives

You are currently browsing the archives for the Computer repair, laptop repair category.

Search