Archive for the ‘Security’ Category

Our news inboxes were lit up this morning with warnings on a new botnet named for the “Chuck Norris” internet meme.  The botnet installs itself onto targeted machines through exploits and pre-existing malware on Windows based computers.   The botnet then tries several different methods of attack on routers and modems within the local network.  When the infection spreads to routers and modems, any computers on the same network will get redirects for facebook and google, etc.  The redirects are most commonly used to install malware, but we can only assume similar methods will be employed over the next few days to create phishing attacks for email, social networking, ecommerce, and banking websites.

Lastly, always heed the warnings of the dying internet meme:

“If you can see Chuck Norris, he can see you. If you can’t see Chuck Norris you may be only seconds away from death.”

“Chuck Norris Doesn’t sleep.  He waits.”

Microsoft’s regular “Patch Tuesday” for February 2010 is recommended for all machines in place at VCC clients.  If you aren’t on our regular security and backup rounds, you can find this update at http://update.microsoft.com/microsoftupdate ; This month’s patches include 13 security bulletins, including several that allow remote attacks.  There are sti quite a few recent vulnerabilities left unpatched, and when they are released, we plan to provide the links here.

As always, if you have a problem when installing security patches, you can get ahold of us on our contact page.

We’ve seen a few calls this week from home users who are getting pop ups telling them that AVG has recently updated and will no longer be supporting their previous versions.  Several users have had a hard time tracking down the latest update executable, so as a reminder, it can be found on our tools page.  We’ve taken the latest version through testing and are quite satisfied.  Updating to 9.0 is strongly encouraged.

Microsoft today released six security patches, 3 of which are ranked “Critical,” the highest security level that Microsoft acknowledges.  All versions of the Windows Operating System, Microsoft Office, and Internet Explorer have been patched for several vulnerabilities and the fixes are on the Microsoft Servers today.  VanceCoffman reccomends using your favorite method to get all your operating system and office updates, and running a vulnerability scanner against your system.

Several flaws have hit other common applications in the last few weeks; I just listened to a fascinating talk about broken security in Adobe Flash (installed on most machines for using interactive websites and videos) AND Mac OSX, Apple of Cuppertino’s “crash-free” operating system.

Linux servers this week were also handed a few important updates; VCC managed boxes will be automatically patched, and if you need advice, we’re always available at 515.309.2532

These vulnerabilites have been known in hacker communities for some time, so patching quickly may save you a BIG headache.  Good Luck!

-TJ

More information: ARS TECHNICA