Is The Honeymoon Over?
Windows Update's been spoofed by hackers, Firefox reveals critical JavaScript vulnerability, one-time Winzip-clone ZipGenius morphs into powerful archive and data backup suite
Did you know there's a very convincing scam circulating. That purports to come from Microsoft but actually disguises the installation of a deadly Trojan on your computer! The e-mail wrapper directs users to a very convincing faked version of the Windows Update Site. The Phish takes advantage of some recent web-induced confusion regarding upgrades to the Windows Updates site program.
Yes, there is
Windows Update Beta in
progress. That's still in a semi-restricted Beta. And is most unlikely that any casual user will routinely access it. But it's very possible that unlettered users will accidentally click-thru via the infected email to the faked Update site. Which includes links to "new" patches that are actually malicious programs including back doors, viruses and Trojans. Including Troj/DSNX-05 that lets an attacker remotely take control of the infected PC. And Although most (regularly-updated) antivirus software will detect and remove this Trojan. It's a good idea to remain alert. And check any hyperlinks embedded in an email message before downloading any linked software.
In somewhat un-related news, I finally was able to resolve my nagging
PC-Cillin 2005 component update problem. Trend Micro's technical support was very responsive and worked with me to resolve the bug. Acting on their advice, after we'd exhausted every single possible solution, was to uninstall the software. Clean out all traces from the Windows Registry. And install a fresh copy. Which is what I did, and now can access to both an auto-updated antivirus, firewall, junk mail filter and spyware and Trojan detector. Trend Micro's security solutions are the best ever. And don't cost all that much either.
And if you want to trust your privacy (and to a greater extent your personal security), don't use relatively insecure email clients like the Outlook family. Instead try Thunderbird and make sure that your View Messages in Simple HTML or best in Plain text mode only. Thunderbird can be asked to display linked images on demand.
I'm also noticing a disturbing trend with
Firefox. As this becomes the more popular browser, its natural that hackers focus on
disrupting its safe deployment. A recent security audit found that there were 31 known Firefox vulnerabilities as compared to just 13 for Internet Explorer! And I no longer use Firefox to access potentially unsafe content. For that the best browser is Opera running in Opera emulation mode. Few sites can trip the browser up. No matter how malicious the intention.
As a responsible (Firefox) user you should upgrade to
Firefox 1.0.3 RC (
updated) immediately. Don't trust in the automated software alert feature as it (consistently) fails to detect the availability of the update. This specific release resolves a critical JavaScript-related security issues. As reported by the
Secunia web site, an error in the JavaScript engine exposes arbitrary amounts of heap memory after the end of a JavaScript string. An
online test is available too.
And courtesy Asa Dotzler, here's a
sneak preview of what's planned for
Mozilla Firefox 1.1,
Mozilla Thunderbird 1.1 and the new
XULRunner software release. The main Mozilla Extensions site, MozSource, has re-launched itself as
RoundTwo. The company offers paid support for Mozilla products. And uses this revenue to underwrite the develop of several extensions and fund the
Extensions Mirror web site.
If you use Windows 2000, XP or Windows Server 2003, you can preview the next version of Windows Update. This now combines Windows Update, Windows Marketplace and Office Update. To enable the new version you need to download an ActiveX-powered software upgrade of the Windows Installer software.
April 12 sees Microsoft releasing several significant software Updates. This first Patch Tuesday for April 2005 includes an updated version of Microsoft Windows Malicious Software Removal Tool. This checks your computer for, and removes infections by, prevalent malicious software including the Blaster, Sasser and Mydoom viruses. Other updates include 5 Windows updates tagged Critical (require restart post-installation) as well as updates for Microsoft Office, MSN Messenger and Microsoft Exchange. There's also a new MSN Messenger version released. However if you hate ads, then stay away from this build. Rumor has it Microsoft has found new places to display in-your-face advertising!
There's also an updated Firetune 1 just released. This now uses a 3-pane view to separate performance optimizations from other settings and useful tweaks. And like previous versions it does improve the overall Firefox browsing experience. But I still prefer Emilsoft's FlexBeta FireTweaker utility as this affords much more control over individual tweaks. However, you need to install the .Net framework to use the software.
Maxthon 1.2.2 version update too is out. This fixes a potential security problem and enhances the pop-up and Float AD blockers. You can choose to auto-updated your copy from within the browser. Or download a fresh copy.
And finally, if you have begun to tire of Winzip nag screens, but are so familiar with the interface that you're loathe to change to a free alternative. Do try out the free ZipGenuis 6.0. This Winzip-clone builds upon the familiar interface and brings the aging GUI into the Windows XP-themed era. This free compression suite supports the Zip64 format (can archive files larger than 4 GB), the open-source 7zip and many more. The new version can also backup Mozilla Firefox and Thunderbird profiles. And improves the default compression ratios for OpenOffice.org and StarOffice documents (which are actually XML files contained within a compressed archive format).
Click Here To Send Feedback
# posted by seeolfreeloader : 10:19 PM
If you use Windows 2000, XP or Windows Server 2003, you can preview the next version of Windows Update. This now combines Windows Update, Windows Marketplace and Office Update. To enable the new version you need to download an ActiveX-powered software upgrade of the Windows Installer software.
April 12 sees Microsoft releasing several significant software Updates. This first Patch Tuesday for April 2005 includes an updated version of Microsoft Windows Malicious Software Removal Tool. This checks your computer for, and removes infections by, prevalent malicious software including the Blaster, Sasser and Mydoom viruses. Other updates include 5 Windows updates tagged Critical (require restart post-installation) as well as updates for Microsoft Office, MSN Messenger and Microsoft Exchange. There's also a new MSN Messenger version released. However if you hate ads, then stay away from this build. Rumor has it Microsoft has found new places to display in-your-face advertising!
There's also an updated Firetune 1 just released. This now uses a 3-pane view to separate performance optimizations from other settings and useful tweaks. And like previous versions it does improve the overall Firefox browsing experience. But I still prefer Emilsoft's FlexBeta FireTweaker utility as this affords much more control over individual tweaks. However, you need to install the .Net framework to use the software.
Maxthon 1.2.2 version update too is out. This fixes a potential security problem and enhances the pop-up and Float AD blockers. You can choose to auto-updated your copy from within the browser. Or download a fresh copy.
And finally, if you have begun to tire of Winzip nag screens, but are so familiar with the interface that you're loathe to change to a free alternative. Do try out the free ZipGenuis 6.0. This Winzip-clone builds upon the familiar interface and brings the aging GUI into the Windows XP-themed era. This free compression suite supports the Zip64 format (can archive files larger than 4 GB), the open-source 7zip and many more. The new version can also backup Mozilla Firefox and Thunderbird profiles. And improves the default compression ratios for OpenOffice.org and StarOffice documents (which are actually XML files contained within a compressed archive format).
Click Here To Send Feedback
Post a Comment