27. April 2010 by admin.

4/27/10

Last week McAfee released a buggy update that deleted a critical system file which caused computers to shut down.

McAfee recently sent out a press release saying that they will cover the repair bills for the machines effected:
For customers who have incurred costs to repair PCs as a result of the security update, McAfee will reimburse them for reasonable expenses, such as a visit by a tech support specialist (such as Networking Delaware).

Details of this program, including instructions on how to submit a reimbursement request, will be posted on McAfee’s Web site within a few days. Check back often.

The press release went on to say; “Additionally, because we value our loyal customers, home or home office users whose PCs were rendered inoperable or severely impaired as a result of the security update will receive a free two-year extension of their current McAfee subscription product at no charge” .

If you were effected by this, here are the steps you can take to get the machine back up and running:

Step 1 - Locate a local toll free support number for your country. A qualified technician will diagnose your computer’s current status and determine the fastest way to get you up and running again.

Step 2 - If the technician can’t get your system up and running over the phone, we’ll get you the software to get your system up and running again. We can get you the software in one of two methods. You can either download the software fix from a working PC, or we will express deliver a CD to you.

Posted in patch testing, Patches, Uncategorized | 1 Comment »

18. April 2010 by admin.

A serious vulnerability exists in Java and Sun has known about this vulnerability since around April 9th. This exploit can occur because the Java Browser Plugin  is running “javaws.exe” without validating command-line parameters.  Last week, when confronted about the problem, Oracle said they did not consider this vulnerability to be of high enough priority to break their quarterly patch cycle.

A U.S.-based Web site, Songlyrices.com was compromised by attackers, and was redirecting visitors to a Russian server feeding the Java attack as well as other exploits.

Now that users have started reporting that they are being infected by the drive-by Java attacks, Oracle has changed its mind and issued a patch.  If you haven’t already patched this vulnerability you can download Java software at http://www.java.com/en/download/index.jsp

Posted in security, Drive-by Infection, Patches, Malware, Computers | No Comments »

10. April 2010 by admin.

The coming “Patch Tuesday on April 13th, 2010 features 11 important security and functional patches.

Here are the patches Microsoft says will be released:

Bulletin 1: Critical (Remote Code Execution) – Affects Windows
Bulletin 2: Critical (Remote Code Execution) – Affects Windows
Bulletin 3: Critical (Remote Code Execution) – Affects Windows
Bulletin 4: Critical (Remote Code Execution) – Affects Windows
Bulletin 5: Critical (Remote Code Execution) – Affects Windows
Bulletin 6: Important (Elevation of Privilege) – Affects Windows
Bulletin 7: Important (Remote Code Execution) – Affects Windows
Bulletin 8: Important (Remote Code Execution) – Affects Office
Bulletin 9: Important (Denial of Service) – Affects Windows & Exchange
Bulletin 10: Important (Remote Code Execution) – Affects Office
Bulletin 11: Moderate (Spoofing) – Affects Windows

To learn more about these patches, visit the Microsoft Security Bulletin page.

Posted in security, patch testing, Patch Tuesday, Patches, Uncategorized | No Comments »

24. March 2010 by admin.

The Antivirus vendor, BitDefender, recently released a damaged update that marks legitimate Windows and BitDefender files as malicious. BitDefender will then quarantine these files identifying them as “Trojan.FakeAlert.5” resulting in Windows becoming un-bootable.

This faulty update only effects the 64-bit versions of Windows and furthermore the update had to occur between 8am and 11:30am on the March 20th

The company has released a press release containing fixes for the various versions located here.

The company released this message:

“On behalf of BitDefender, we are very sorry for the problems that our update may have caused. We have also released a solution to this issue, for all affected users, we invite you to access it here:

http://www.bitdefender.com/site/KnowledgeBase/consumer/#638- home users

http://www.bitdefender.com/site/KnowledgeBase/consumer/#643- BitDefender Business Client users

http://www.bitdefender.com/site/KnowledgeBase/consumer/#642- Bitdefender Security for File Server users

Posted in patch testing, Patches, Virus, Trojan, Malware | 1 Comment »

10. July 2008 by admin.

I feel kinda lucky I am able to write this blog entry… or at least to upload it to this site… This morning I woke up, fired up the old laptop, clicked on IE7 … and …. nothing.  Everything just kept timing out.
Huh… what to do…what to do… I tried different browsers…Firefox, Opera, Safari, Polstergeist… same ole … same ole…

The first troubleshooting step I tried was ipconfig… Yep… I did indeed have a valid IP address all right, and in the right range too…huh… Let’s try…  ipconfig /release;  ipconfig /flushdns;  ipconfig /renew… I got the same IP address I originally had and the same problem too… No web browsing happening here.

Then I tried pinging one of the web sites for my Delaware network support company;  good old www.adminassociates.com …. Huh… weirder and weirder… no lost packets… ping works, so apparently the DNS server is servin’ too but still, browsers don’t work.

Then I tried disabling my Zonealarm Pro Firewall (but turned on the Windows firewall, just in case).  Wow… the browser now works fine… so what’s up with Zonealarm?  I looked at everything and nothing seemed out of  spec. I felt it was odd since this particular firewall has never a problem for me… very reliable; very easy to configure…very trustworthy.  I re-enabled  Zonealarm, disabled the Windows firewall, moved the “Internet Zone” slider down from high to medium and the browser started working again. Move the slider back up and the browser stopped working again.

Like I said… weirder and weirder…so it’s definitely a Zonealarm problem, but why…What could have happened?   Aha… yes… two days ago was patch Tuesday. I’ll have to Google this, but first, what else I need to find out what else is happening in my world.

I went back to my working combo of Windows Firewall on and Zonealarm off and started my email client.  About the third message I received was from Microsoft talking about a major bulletin revision … not a patch revision mind you, just the bulletin:

Bulletin Information:
=====================

* MS08-037 - Important

- http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
- Reason for Revision: V2.0 (July 10, 2008): Bulletin revised to
inform users of ZoneAlarm and Check Point Endpoint Security
of an Internet connectivity issue detailed in the section

So, in the final analysis, downloading a newer version of Zonealarm (that apparently wasn’t available before today) solved my problem, but can you imagine if this happened at a corporate office with a couple hundred workstations?

I know not too many offices use Zonealarm, but what if they did?  What a pain to update 200 workstations, in emergency mode (read pressure), and probably with the expectation that it would (could) be completed in one morning.

This is just another example of why all patches should be thoroughly tested on a lab unit before being put into a production environment.

Now, I became a victim by not following my own advice, but that was on my personal laptop.  I create an image of the drive at least every couple of days and sync important files to my basement server so I am never in danger of losing too much, but it’s a real balancing act when you are responsible for for than your own machine.

On one hand, you want to wait for version 2 of all the patches… let someone else report the pain…and at the same time you know “Day Zero” is a real threat and today might just be that day.

I always make sure I get a really good full backup, especially on Monday nights… just in case.

Good luck and good networking !

From way down in the trenches…. I’m Tom

Custom Search

Posted in Patch Tuesday, patch testing, drive imaging, Patches, Worm, Malware, Trojan, Virus, Networking | No Comments »