I am noticing a trend that Spyware/Malware attacks are making a comeback and are getting more sophisticated.

In the good old days Spam e-mail used to be just advertising but increasingly that innocuous looking spam e-mail has other ideas.

It can be one or more of the following:-

Malware: Malicious software designed to get on your PC without your knowledge.

Spyware: They steal your passwords via keystrokes that are sent back to the spyware author.

Virus: Designed to cause harm to your computer.

Phishing: Designed to get you to impart privileged information.

Problem Area’s

Internet Surfing: The number of malicious or infected web sites is in the millions. You can no longer just click, click on every link you see.

Tip: Make sure you have your Phishing Filter on and have up to date Anti-Virus Software running.

Inbox: Even with good Anti-Spam defences Spam e-mail gets through about one third will have a link to something bad.

Tip: Don’t even get curious with suspect e-mails and click links just to see. Delete, Delete and Delete.

Stay Safe online Link: http://news.bbc.co.uk/1/hi/technology/5414992.stm

Ars Technica published a great easy to read three page article on securing your wireless network.

Wireless security is a nightmare of different competing encryption standards. The Ars article published yesterday is up to date with all the different flavours of Wireless and has some great tips and suggestions.

It also contains a handy table that lists out some of the more common wireless consumer devices and what Wireless encryption they support.

Link: http://arstechnica.com/guides/tweaks/wireless-security.ars/1

One of the December 2007 security updates from Microsoft can cause IE6 to crash if you are running on Windows XP SP2.

**Update 21/12/2007: A Fix has been issued (<<Click)

From the source:-

After downloading the Internet Explorer Cumulative Security Update for December 2007, some customers using IE6 on Windows XP Service Pack 2 have experienced an unexpected crash or hang upon launching Internet Explorer.

This might occur while navigating to a website hosting considerable media content (for example: http://msn.com) resulting in Internet Explorer displaying a dialogue that states “Internet Explorer has experienced a problem and needs to close”. If you experience this issue, implement the applicable workaround provided in the following knowledge base article:

• Microsoft Knowledge Base article 946627

For your security, we strongly recommend that you deploy the Internet Explorer Cumulative Security Update for December 2007.

Terry McCoy
Program Manager
Internet Explorer Security

Link: post-install-issues-with-ms07-069-ie6-on-xpsp2.aspx

Registry Fix: http://support.microsoft.com/kb/946627

____________________

Dear Microsoft

A few things

1) If one of your updates causes problems, would it not be prudent to remove it, fix it and replace it.

2) Expecting end users to carry out a complex registry modification to fix a problem you created is beyond a joke.

3) I am confused about Terry’s Post. He says “We have known problems with MS07-069, but we recommend you install it”.

Social Comment: The blogs are wild today with how IE8 has passed the acid test

Link: Internet Explorer 8 and Acid2- A Milestone

IE8 has an installed base of zero, IE6 is still used by tens of millions. Go back to the well and fix the plumbing.

Your friend in Tech

Colin

I cannot wait until the day all our software lives running on web servers and some poor web admin has to take care of the security updating, because running a Windows Vista/Office 2007 PC requires quite a lot of Windows Updating/Rebooting to keep it going.

In total my laptop has received 156 important updates via Windows Update, each was classed as “important”. So I haven’t counted the optional or recommended ones.

A quick word about my Microsoft Office 2007 Service Pack 1 Deployment experience.

I downloaded and installed the Office 2007 SP1 yesterday morning. The install ran fine and I worked quite happily in Office 2007 for the rest of the day.

At the end of the day I noticed that this months Windows Updates were out and I noticed that the Office 2007 SP1 was listed as important. Mmmm I thought I already have that installed.

For the hell of it I just clicked to install all the “important” updates (like a user would) to see if Windows Vista would spot that the Office 2007 SP1 was already installed. NOPE. It download the 200mb+ Service pack again and installed the Office 2007 SP1 over the SP1 I installed earlier in the day.

In related news Windows Vista SP1 RC1 is now available for public download. I have decided to be a sensible chap and not install the RC1 on my work laptop. I will try it out on a test machine in the next few weeks.

I have been fighting tooth and nail all morning getting Norton Anti-Virus Corporate 10.0 uninstalled on 20 PC’s.

15 were fine, but 5 chose to fail having their uninstall roll back.

The installers inbuilt repair option did not work. Likewise Installing on top of the current version made no difference.

Symantec provide users of their consumer/home products with automated removal tools for bad or corrupted installs. However Corporate users get  3 or 4 pages worth of registry hacks that have to be done manually key by registry key.

Out of desperation I followed the instructions in one of the documents and it took nearly 40 minutes to clean up one machine by hand.

The link below is for  the various manual removal procedures for the Corporate version.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2002031914291648

If anyone knows a better way to remove this product let me know (use the comments).