I guess this is one of those situations that shows just how difficult good, secure software development really must be. A bug in the core of the Windows operating system, which was brought to attention earlier this year, could be exploited by malware (spyware, viruses, etc.), to prevent security software from detecting them. This programming error affects all versions of the Windows operating system from Windows 2000 onward. You can see a list of them here (just start reading the chart from Windows 2000 and after). The summary and full article are worth a read. The technical details of the bug are available here.

This is not shaping up to be a good year for the security of some of Microsoft's biggest products, with last month's Word doc flaw, and this month now as well, with a HUGE flaw in the Windows Defender scanning engine, which is built into (and affecting) Windows 7, Windows 8 & 8.1, Windows 10, and Windows Server 2016. A few other less notable products are also affected. On Monday, Microsoft issued the security advisory for CVE-2017-0290, a remote-code execution flaw, originally reported to Redmond by Google Project Zero security research experts Natalie Silvanovich and Tavis Ormandy. Ormandy tweeted "I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way." To Microsoft's credit, they issued the patch only a couple days after receiving the information, which is much faster than many recent vulnerabilities have been fixed.

For many people, the .doc file is the de-facto word processing standard. Microsoft is scrambling to patch a flaw in the Office Suite's .doc file that could allow an attacker to take complete control over a victim's PC just by opening a carefully crafted Word document, wether it be by downloading it or by opening it from an email attachment, making it ripe for use as a social engineering attack vector. Cybersecurity firm FireEye stated they are coordinating with Microsoft on the problem, which comes from the Windows Object Linking and Embedding (OLE) feature.

For this year's Pwn2Own 2017 hacking event in March, Microsoft's new Edge web browser for Windows 10 seemed to take a beating. Contrary to the PR that Microsoft is putting out, touting the speed and security of their latest browser, it turned out that Google Chome proved to be the most secure browser, with none of the participants being able to find any new method for hacking into Chrome. This year's score: 5 successfull hacks against Edge, three and a half against Apple's Safari browser, one success against Firefox, and none for Chrome.

While it should not come as a great surprise to many, given the bad rep that Windows Vista earned with the public, Microsoft will end ALL support for the Windows Vista operating system on April 11th, 2017. No more bug fixes. No more security patches. Not even paid corporate customers will get support. It has been 10 years since Vista was released, which is a lot longer than other companies support their operating systems. Other software vendors have already taken this path, with web browsers and many major software packages no longer allowing their installer to run of Vista computers. With Windows 7 having been a comparitively huge success, there shouldn't be too many holdouts still running Vista, but for those who still do, be prepared for your machine to become less secure with each passing month of use.

One of the latest attempts to gain access to people's account information is using one of the most popular email services in the country. While this attack is currently limited to Gmail, users of all email services would be wise to keep an open eye, as this particular tricky approach could eventually be modified to work with any email service, since virtually all of them allow for attachments and links of various kinds, which is how the attackers are tricking people into clicking what they believe to be a legitimate attachment, which is in turn linked to a fake Google/Gmail login page, that then collects the victims' usernames and passwords.

For whatever reason, Microsoft is VERY anxious to get everyone moved over to the Windows 10 operating system. They have now taken the additional step - as it seems not enough people have taken the bait to accept the free upgrade from the annoying little icon down it the right side of the Taskbar - to put Windows 10 Upgrade into the "Recommended Updates" section of Windows Update. So if you have your computer set to get Recommended Updates the same way it gets Important Updates, you could find yourself in a situation where it could automatically install the Windows 10 upgrade. Please be aware that we have seen some of our clients have problems with their computer (they didn't call us first to ask about it) after upgrading to Windows 10, due to software that was ALREADY on their computer that it not compatible with parts of Windows 10.

I want one. I really do. I think that they are actually, from an operational standpoint, safer than skateboards. There's been talk about a number of injuries from people that are riding these, but I'd bet money that if you added up all of the skateboard injuries compared to the number of skateboarders, it would be a far higher percentage than the percentage of "hoverboard" users that have had injuries. That's not to say that the average person won't fall or slip when using one of these, but that there are any number of ride-able kids toys that people are getting hurt on, that aren't being banned from public streets and sidewalks. But on to my larger point: Even the few companies that make (relatively) high quality devices are still buying batteries from many different sources, based on price and availability, and therein lies the problem. Industry analysts figure there are over 150 factories, just in China, that are producing these units and the batteries they use. So it's nearly impossible to know where a battery came from in nearly any of these 2-wheeled wonders. It's the fact that there are a number of these that are just catching on fire or exploding, even when not connected to a charger, that is the biggest safety problem. It's like Russian Roulette for toys. At least a regular skateboard isn't going to suddenly blow up or catch on fire. Until there are manufacturers that are making these units and using batteries that are coming from know sources that they can trace back to, that are passing rigorous quality control testing, this is still one item that gives the wrong meaning to "hottest toy of the season".

Here is news that reports on what we've been reminding many of our clients about for quite some time. You get a call from someone claiming to be from Microsoft or another tech company and that they see your computer is infected. Or you get a similar message in a popup window on your PC with a phone number to call. More often than not (most of the time, actually), these calls and popups are completely bogus. If you let these people into your PC remotely, they can install hidden backdoors or even malware that could encrypt your files. Remember, if you get a unsolicited call from out of the blue, or a popup window that does not explicitly identify itself as a software product you know for certain is installed on your system, treat it with suspicion.

For about a week, Yahoo inadvertantly displayed ads on its' web properties which had infected code, designed to take advantage of a security hole in Adobe Flash Player browser plugin software. The "malvertising" campaign was discovered by Malwarebytes researchers (we have long recommended their software to our clients). The attack has finally been resolved, but Yahoo! websites have hundreds of millions of visitors each week, so it would be difficult to determine the (potentially huge) numbers of computers that could have been potentially affected by this breach.

Now that Windows 10 has been released by Microsoft, it's giving the scammers yet another opportunity to see who they can sucker in with another bogus email: this one claiming to have the Windows 10 installer as an attachemnt. It is, of course, actually a bad piece of malware, which can lock you out of (encrypt) all the files on your computer. PLEASE READ EVERY email you get CAREFULLY, looking for mis-spellings, bad grammar, etc.
NOTE: You will be notified via the Windows Update Service on your computer, not by an email, when your Windows 10 updater is ready to be downloaded, if you have signed up for it.

I've been telling people about these kinds of scams for years. Whether it's the commercials on TV, an ad on some website, or a "piggyback" installer included with some other program or update which you may actually need (I'm pointing a finger at you, Java), fake PC cleaning/speed-up/registry/protection programs are out there, seemingly everywhere, and what seems like a great deal at first, can end up making your life more miserable than ever. I have had clients who were taken in by some of these bandits before they came to me, and a couple lost over $700 and were then locked out of their computer when they wanted to cancel their "service".

Well, some of these scammers are finally seeing their day in court. A Federal Court has even shut down operations and frozen assests for some organizations, because the harm they see happening is so great and can affect so many innocent people, that it would be criminal to let them continue while these cases are being wrapped up in the courts. PC Cleaner and Boost Software are among organizations and individuals perpetrating these scams. Jessica Rich, director of the FTC’s Bureau of Consumer Protection said, "These operations prey on consumers’ lack of technical knowledge with deceptive pitches and high-pressure tactics to sell useless software and services to the tune of millions of dollars...." and this is happening every day, all over this country.

The time for this to stop is now! One of the easiest things you can do to keep junk like this off of your computer is to do a couple minutes of search by typing in the name of the program or company into Google, Bing, Yahoo, etc. and if the first page or two of results is glowing reviews and links to the software being sold on legitimate sites like Amazon, Fry's, Best Buy, etc., then great, maybe it's worth a try; but if those first pages are full of security websites talking about it in a negative way or telling you how to get it off of your PC, or forum posts with people asking how to get rid of it, then that should be a red flag that you don't want it on your system.

You should read this article right now. It may save you from a lot of grief later.
 

What started as a limited problem, targeting a regional bank, has now escalated to global proportions affecting major banks in the United States, Canada, and several other countries. This attack has infiltrated both the servers of large banking institutions as well as the computers of their customers via social engineering, injection code, and network sniffing techniques. This article describes Tinba in some detail, along with a list of the affected banks. This serves as another reminder of how important it is to keep your anti-virus and spyware protection, your Operating System, as well as your internet connected apps and plug-ins (Flash, Silverlight, Java, Adobe Reader, web browsers, etc.) patched and up to date.

Anybody want a great price on an iPhone?!? The promise of a good deal is once again responsible for luring unsuspecting eBay customers into a trap, designed to trick them into divulging their sensitive account information. A legitimate looking fake eBay login page was presented to users when they clicked on links in the bogus listing(s). In addition to people giving up account password information to the perpetrators, there was malicious code running in the background which could slip in through unpatched vulnerabilities to carry out further actions on the visitor's computer. Although eBay officials downplayed the number of imposter listings, even a couple of fake item pages could potentially impact thousands of people.

So far for the first half of this year, there have been more than twice as many (public) vulnerabilities and exploits for IE than for all of 2013, according to research by Bromium Labs, a security reseach and security endpoint management company. While exploits for the Chrome and Firefox browsers are on track for a major decline in vulverabilities from last year, as are well known technologies such as Adobe Reader and Flash, Internet Explorer continues to be a favorite target of hackers. Java, by contrast, has not experienced a single public vulnerability so far this year, even though it had been the leader in vulnerabilities last year. We would venture to guess that Mac users, who experience a lower number of security threats (because of the smaller percentage of market penetration), are not missing that fact that Internet Explorer for Mac was discontinued well over a decade ago.

Security companies are constantly testing virus and spyware protection offerings from the major players in the game. Recently, reviews of Microsoft Security Essentials have been less than stellar, at a time when computer and data security is high in the public consciousness. Microsoft, in a typical corporate 'pass-the-buck' response, said their product was not intended to offer more than "baseline" protection. Since a PC should never have more than one full-blown anti-virus solution installed, because of the resources involved and the potential for conflicts, this makes us wonder why they would ever bother to release this type of product in the first place.

Windows XP will be 13 years old by April 2014, when Microsoft stops releasing updates for the operating system. Three major operating systems have been released for Windows desktop PCs since then. It's an enigma that in an age where the trend is toward always having the newest technology and devices, that an operating system this old is still in use on such a large percentage of active computers. So, many of these users however, deal with the knowledge and frustration of their computers not performing how they once did. One reason is, as newer and newer (versions of) programs are installed, which require more and more resources, that older systems often struggle to match the performance of a newer PC running that same app. A new (and more troubling) problem has been discovered that is actually programmed right into Windows XP itself. More specifically, it's part of the Windows Update system that's integrated into XP that is the culprit. An algorithm that determines what updates might be needed, was written in such a way that each subsequent patch causes the subsystem to take an exponentially longer amount of time to process that list, causing a large amount of resources to be eaten up when the computer starts. It can take an hour or more to process that list, once a PC is a few years old. Microsoft has tried to issue fixes for this condition, but so far their real world effects are not showing themselves to every day users.

Last year, the Federal Trade Comission busted a half-dozen fake tech support groups for perpetrating similar scams. Now it seems that new groups have stepped in to take their place, offering bogus services, sometimes with spoofed US phone numbers, and separating unsuspecting victims from their money and using their credit card information for further illegal gains. We at MBS have helped clean computers that have been compromised by these groups, who often leave tracking or spying software on the computers in order to get more of the customer's information. Just remember that if you receive a phone call out of the blue from anyone telling you that your computer has a problem and they're calling you to "help fix it", that not even Microsoft has the money and resources it would take to keep tabs on the hundreds of millions of computers in the USA, so they could somehow be notified when your computer developed a problem. Apparently, only the NSA may have that kind of capability.

A common USB stick, also known as a flash drive, was brought on board the International Space Station, and managed to infect the SCADA computer systems on board, according to Eugene Kaspersky, founder of the popular Anti-virus software company that bears his name. This is not the fist time that computers aboard the ISS have been hit by infections.

Facebook issued a message from its' White Hat program on Friday stating that a technical flaw in the way user information that is upploaded into their database, and linked with their Friend Recommendation system, exposed the user contact information to some other Facebook users who used the Download Your Information (DYI) tool to download an archive copy of their Facebook account. This problem actually started last year, but was only recently discovered. Facebook has issued a fix for the affected code, according to their blog. You can read the full message directly on the Facebook.com website.

Fake anti-virus and spyware scanning apps, rigged websites, infected email attachments....   Now ransomeware, bogus messages that take over your computer and try to scare you into giving in to their demands, is one of the fastest growing types of system infections.

Well, I hate to be one of the bearers of bad news, but things just keep getting worse for Mac users out there in virus land. This time though, the bad guys are bringing it to a whole new level. In what may be a 'first of its kind' scenario, this secuity threat can actually break through the 'sandbox' walls, so to speak, and make its way onto a (VMware) virtual machine, by actively searching out virtual machines and copying itself onto them. This has traditionally been one of the big benefits of running virtual machines, in that they are separated from the host computer, so that a compromised virtual machine, running in its own little world, can't infect the host computer (although technically speaking this is doing the inverse of that process). The other part of this that has the potential to be a game changer is that this can also migrate onto Windows Mobile devices, which can then be synced with multiple PCs, further spreading the infection. Fortunately, at this time, iOS and Android devices appear not to be succeptible to infection.

The individual who discovered the flaw, and goes by the online name "pod2g", rates this flaw as "severe" and has found that the flaw allows an attacker to falsify (or spoof) the number that the SMS text message is coming from. This could lead the receiver into believing the message was coming from a friend, your bank, or virtually anyone the attacker wanted to impersonate.

You should always be aware of anything you receive via mail, email, or text message. As more and more companies sell mailing and information lists for a profit, unscrupulous groups and individuals will find newer and more clever ways to part you from your money and/or personal information. These types of social engineering attacks, unfortunately, are an ever more present fact of life online. Please be careful of what you click on.

We want to thank you for taking the time to come to our site. We want the information, services, and support to be useful and relevant to you. Please feel free to contact us to take advantage of our services, to offer suggestions, or to inquire about our work. We're looking forward to working with you to help you be more productive and successful with all your computing needs.

Click this pic for a larger image.

Now YOU have a brother in the computer business! ^™
 

     
 
Website updated on Jan. 1st, 2018