Thursday, February 22

Are Your Computers DST-Compliant?


Computer firms are alerting their customers of an impending problem related to the change in daylight savings time next month, which could throw their computer clocks off by an hour.

The issue stems from the change in dates for daylight savings time, that quaint tradition best defined by the phrase "spring forward, fall back." In April, most of the U.S. would set its clocks forward an hour. In October, they set their clocks back an hour. The reasons for it are numerous.

In 2005, Congress passed and President Bush signed into law the Energy Policy Act, which amended the Uniform Time Act of 1966 to change the beginning and ending of Daylight Saving Time (DST).

Beginning this year, DST begins on the second Sunday of March instead of the first Sunday in April, and ends on the first Sunday in November instead of the last Sunday of October.

The impact on hardware and software is that daylight savings time changes are programmed into their internal clocks, and systems developed before the 2005 law have the wrong dates in them. Therefore, old hardware and operating systems are still operating on the April/October date change rather than March/November.

This alert has led to some hyperbole and inevitable comparisons to the Y2K bug (define). However, it's nowhere near an apples-to-apples comparison, as this is a fix anyone can make. All a person needs to do is apply the patches from the vendors, or at worst alter their system clock manually. It's not like sifting through millions of lines of code to make date changes.

Still, Gartner has sent out an advisory to its clients not to downplay the risk. "Few IT organizations have any formalized risk assessment and remediation program in place to address the potential impact of this time modification," the research firm wrote.

There is the real risk of business damage and liabilities could occur from applications performing their processing at the incorrect time, the company wrote. It went on to say that patches for major operating systems and other infrastructure components appear to be readily available.

"Because code changes will usually not be required and most applications take their time from the underlying operating system (and hence only this needs to be patched), the overall remediation effort will pale in comparison to that of Y2K," concluded the Gartner report.

Microsoft (Quote) has issued its own warning for customers. Windows Vista and Office 2007 have already had this adjustment programmed in, but Office 2003 and prior versions, as well as Windows XP and older operating systems do not have this fix.

A fix for Windows XP Service Pack 2 (SP2) was pushed out as part of Patch Tuesday this week. There is also a fix on the Microsoft DST site for Outlook 2003 and prior versions.

For complete coverage Read here.

Saturday, February 3

PC Security in Simple Steps

Simple Steps to Secure your PC:


Securing your computer isn't a very difficult task. It's just that people are not aware of their requirements and the best solutions for those. There are some common problems that everyone faces with an internet-connected computer. These include Viruses, Trojans, All kinds of Malware like Spyware, Adware. There are excellent programs and utilities to combat these pc security threats, but, most of the people are hardly aware of these. Even free pc security software is decently powered to protect an internet connected computer from all the malicious threats. Of course, if you want premium protection, you have to pay. Here's a list of steps you can do to protect your computer with free computer security software. These steps primarily aim to secure your computer from Virus, Trojan, Spyware, Malware infections. And, remember free doesn't mean that it's not worth it.

1. Make sure your Windows OS is secure to its core:You are more vulnerable to attacks if your OS is not secured properly. Windows in particular comes packed with lots of vulnerabilities. Pay particular attention to all the critical patches and bug fixes that microsoft provides for windows. You should make a habit of regularly updating your Windows with all the service packs. Don't ever miss critical patches and updates. Also download patches for your internet explorer or other software like email clients. If possible switch to a more secure browser.

2. Firewall is essential for security: Internet connected and without a firewall, thats' a folly. Whenever you are connected to internet, you must turn on a firewall solution to protect yourself of hacker attacks, identity thefts etc. Can't afford to buy one? Get ZoneAlarm free. Zone Alarm free excellently protects your computer and doesn't hog on system resources much. Get zone alarm free if you don't have one.

3. Free Antivirus solution: AVG is a good antivirus tool and keeps most of the active and dangerous viruses in tight control. Updates are fast and easy. Interface needs a face-lift though and you are presented with a few options in free version. There comes packed a schedular, email scanner, resident shield. AVG is just sufficient enough for a home-user needs having no special requirements.

4. Spyware protection: You have to have atleast two antispyware programs installed. Spybot Search and Destroy is good and freely available. It can find out many of the common nuisances. Comes with a bundle of other features as well. You get a robust spyware scanning engine, an immunizer to protect your browser of spywares, and an array of other tools available in advanced mode. It must be in your arsenal to combat spyware infections. The second I'd recommend is Ad-aware free version. Also, get a copy of AVG antimalware which functions as a fully functional version for 30 days and then as free version. Not to mention, free version is quite good in removing all the malware threats.

You can get more info on combating security threats and finding best security software on PcSecurityWorld.com.

Exploit Released for Critical PC Hijack Flaw

Exploit Released for Critical PC Hijack Flaw


A fully working exploit for a high-risk vulnerability fixed by Microsoft
two days ago has been put into limited release, prompting new "patch
now" warnings from computer security experts.

The exploit, which allows PC takeover attacks on Windows XP SP2, has
been published to Immunity's partners program, which offers up-to-the
minute information on new vulnerabilities and exploits to IDS (intrusion
detection companies) and larger penetrating testing firms.

Immunity, based in Miami Beach, Fla., sells access to the partners
program for around $40,000, according to founder Dave Aitel.

The company's exploit takes aim at a "critical" bug in the way VML
(Vector Markup Language) is implemented in Windows. It has been
successfully tested on Windows XP SP2 and Windows 2000, with default
installations of Internet Explorer 6.0.

"This is a fully working exploit, [it] will give you full access to do
anything on the target machine," says Immunity researcher Kostya
Kortchinsky.

The exploit was created and confirmed in less than three hours after
Microsoft's Patch Tuesday release on Jan. 9, a fact that clearly
illustrates just how much the gap has narrowed between patch release and
full deployment on enterprise networks.

For consumers, Microsoft uses the Automatic Updates mechanism to push
down updates but, in the enterprise, patches must go through rigorous
test passes to ensure there are no conflicts with mission-critical
applications.

On average, it could take a business a full month to fully test and
deploy updates to every desktop, laptop, server or mobile device.

Kortchinsky said the exploit will be refined to try to get code
execution on Internet Explorer 7.0, the newest version of Microsoft's
dominant Web browser.

According to the MS07-004 bulletin that covers the VML flaw, IE 7.0 on
Windows XP and Windows Server 2003 is indeed vulnerable.

Microsoft said the flaw was originally reported through its "responsible
disclosure" process, but a note in the advisory says it was used in
zero-day attacks before the Patch Day.

There is no public information available on those zero-day attacks.
Microsoft did not release a pre-patch advisory to warn of the VML
attacks.

Officials in the MSRC (Microsoft Security Response Center) are strongly
urging Windows users to treat the VML fix and a "high-priority" update.

In an interview with eWEEK, Mark Griesi, security program manager in the
MSRC, said the risk is high because there is a remote unauthenticated
attack vector that gives an attacker a way to hijack a vulnerable system
without any user action.

"That one should be your absolutely highest priority," Griesi declared.

Microsoft also warned users to pay special attention to MS07-003, a
bulletin that addresses a trio of serious flaws in the Microsoft Outlook
e-mail application.

One of the Outlook flaws, which carries a "critical" rating, allows an
attacker to use malformed VEVENT records to launch executable code when
Outlook handles file parsing routines.

Ominously, a successful attack only requires that an e-mail is sent to
the target if a specially rigged .ICS (iCal) file is embedded into the
body of a message.

Workstations and terminal servers are primarily at risk, according to
Microsoft's advisory.

Microsoft shipped a total of four bulletins in January with patches for
a least 10 holes in Outlook, Excel and Windows. However, there were no
fixes for known code execution holes in Microsoft Word that have already
been targeted in zero-day attacks.

http://www.eweek.com/article2/0,1895,2082416,00.asp

Browser PDF Plug-ins at Risk

Exploit Surfaces in Web Browser PDF Plug-Ins


Several security firms have found a vulnerability in the Adobe Reader that is surprisingly easy to initiate and also very dangerous.

The problem involves passing input from a URL to a hosted PDF file. The data is not properly cleaned by the browser's PDF reader plug-in before being returned to users, so any data can be passed through. This can be exploited to execute arbitrary script code in a user's browser.

iDefense president Ken Dunham provided a simple proof of concept, simply by tacking a little text on to the end of the link with a PDF file.

For example, the link:

"http://[URL]/[FILENAME].pdf#something=javascript:alert(123);"

Would open a PDF file in the browser, and a pop-up box would appear on the user's screen with an alert that reads "123."

Because it initiates a JavaScript script on the client, there is tremendous potential for dangerous activity, such as stealing cookie information or cross-site scripting.

Adobe (Quote) said in a statement sent to internetnews.com that it is aware of the vulnerability "that could potentially affect previous versions of Adobe Reader." Adobe further noted the potential vulnerability does not effect the current, version 8, of Adobe Reader, which it encouraged users to download. "Adobe is also working on updates to previous versions that will resolve this issue," the company said.

Read complete article here.