MVP Jubo Security Blog

The Blog

Recent Posts

Tags

News

  • Kim's Journal
    My wife's blog, the "alternative" truth...


    MVPs
    2003 - 2004 - 2005 - 2006 - 2007 - 2008


    Jubo





    Locations of visitors to this page

Community

Email Notifications

MVP Sites

Microsoft Links

Blogs

Security Forums

Microsoft Blogs

Archives

October 2006 - Posts

Windows Defender has been released!

Yesteday, Microsoft released their Windows Defender program. Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.

Remember that you cannot install the program on pre-XP OSs. Read the System Requirements and read the Release Notes before installing the Windows Defender program.

More information at: Get Started using Windows Defender.

You can download it at the Download Center.

 

Posted: Oct 26 2006, 01:04 PM by jubo | with no comments
Filed under:
IE7 available for download

Yesterday, October 19th, Microsoft released their new IE7. It can be downloaded from the IE7 site. After you download the file, close all running programs incl. IE. Disable your antivirus program. Stay online and do not turn off your firewall. A best practice seems to be to reboot TWICE after the installation.

You can also wait until IE7 comes down through the automatic update next month.

You'll find more tips and information at Sandi Hardmeier blog: Spyware Sucks. Also read the installation tips to install IE7.

See also: Internet Explorer Developer Center and the Internet Explorer Video.

 

Posted: Oct 20 2006, 10:17 AM by jubo | with no comments
Filed under:
Before you install IE7...

Before installing IE7 make sure you have disabled your antivirus and antimalware protection on your computer. IE7's setup write a large number of registry keys. A common way anti-malware applications protect your computer is by preventing writes to certain registry keys used by IE.  Any registry key write that fails during setup will cause setup to fail and rollback changes.

See for more detailed installation instructions this post: IE7 Installation and Anti-Malware Applications at the IEBlog.

 

Posted: Oct 12 2006, 02:16 PM by jubo | with no comments
Filed under:
Microsoft Security Bulletin Summary for October, 2006

Today, October 10th, 2006, Microsoft released a total of 10 security patches:

  • MS06-057 Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (923191)
  • MS06-058 Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)
  • MS06-059 Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
  • MS06-060 Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
  • MS06-061 Critical Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)
  • MS06-062 Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
  • MS06-063 Important Vulnerability in Server Service Could Allow Denial of Service (923414)
  • MS06-056 Moderate Vulnerability in ASP.NET Could Allow Information Disclosure (922770)
  • MS06-065 Moderate Vulnerability In Windows Object Packager Could Allow Remote Code Execution (924496)
  • MS06-064 Low Vulnerabilities in TCP/IP Could Allow Denial of Service (922819)
More (technical) information can be found in this article: Microsoft Security Bulletin Summary for October, 2006.

An end-user version can be found at: Microsoft security updates for October 2006.

Other steps to enhance the security on your PC can be found at: Security at Home.

A lot of updates today. If you don't want to wait for the automatic update to kick in, then move your mouse and click to update here.

Posted: Oct 10 2006, 08:54 PM by jubo | with no comments
Filed under:
End of Support for XP SP1

Support for Microsoft Windows XP Service Pack 1 (SP1) and Service Pack 1a (SP1a) ends today, October 10, 2006. Microsoft will end support on this date. This also includes security updates for these service packs.

Microsoft is ending support for these products as part of the Microsoft Support Lifecycle Service Pack support policy.

If you still have Windows XP SP1 installed then upgrade to SP2 as soon as possible. More information and how to prepare your computer for the upgrade see: Windows XP Service Pack 2 (SP2).

To determine whether you are running Windows XP SP1, right-click My Computer, and then click Properties. If "Service Pack 1" appears under System, you are running Windows XP SP1. You do not need to install SP1a first, but just install SP2.

 

Posted: Oct 10 2006, 12:16 PM by jubo | with no comments
Filed under:
Coming up: IE7

According to the latest information, IE7 will be shipped this month. But before it's being shipped the IE team still wants to have a Last Expert Zone chat. So, if you want then please join them!

For the Enterprise customers and who may want to block the download, there's a free Blocker Toolkit available and has no expiration date.

IE7 will come through the Automatic Update. This will notify you when IE7 is ready to install. If you decide to install IE7 then you see a welcome screen and you have to accept the EULA. For detailed information see: IE7 to be distributed via Automatic Updates! at the IEBlog site.

There are also tools posted at the IEBlog site if you still want to test your sites, or applications. More detailed information: IE7 Is Coming This Month...Are you Ready?

I still have to get used to those tabs instead of Alt-Tab... Wink

 

Posted: Oct 10 2006, 11:22 AM by jubo | with no comments
Filed under:
October 2006 Advanced Notification

Next Tuesday, October 10, 2006, Microsoft will release 11 new security updates:

  • Six Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.
  • Four Microsoft Security Bulletins affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.
  • One Microsoft Security Bulletin affecting Microsoft .NET Framework. The highest Maximum Severity rating for this is Moderate. These updates will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool. These updates may require a restart.

If you're interested, there will also be a technical webcast. You can register for it at: MS Events.

See also: MSRC Blog.

 

Posted: Oct 06 2006, 08:49 AM by jubo | with no comments
Filed under:
McAfee fixes ePolicy Orchestrator and ProtectionPilot

McAfee released two updates for ePolicy Orchestrator and ProtectionPilot. The software affected are:

  • McAfee ePolicy Orchestrator 3.5.0 Patch 5 and earlier
  • McAfee ProtectionPilot 1.1.1 Patch 2 and earlier

An attacker would be able to remotely execute arbitrary code on the machine running the indicated software. It's recommended to install the latest patches:

  • ePolicy Orchestrator (ePO) 3.5 Patch 6
  • ProtectionPilot (PrP) 1.1.1 Patch 3

Detailed steps for installation of the patches and to obtain the patch binaries, see McAfee's Security Bulletin.

Posted: Oct 04 2006, 09:29 PM by jubo | with no comments
Filed under:
Re-Awarded as Microsoft MVP

MVP

Yes, it's October 1st and it's official now. Today I received the notification that I have been awarded for the 4th consecutive year with the MVP Award.

Thank you Microsoft! Thank you Melissa, thank you Gerard. Thank you anyone else... It's great to be part of this wonderful community.

I'm very grateful to be part of the McAfee Help Forums community too. Proud and thankful to be working with all the other excellent moderators there.

 Thank you Karen Sue...

 

Posted: Oct 01 2006, 10:58 PM by jubo | with no comments
Filed under: