Local IT Care

Microsoft's antivirus deletes users' e-mails

www.zdnet.com.au — Wed, 14 Mar 2007 22:22:25 GMT

Microsoft has admitted that its Live OneCare security suite has been accidentally deleting some users' Outlook and Outlook Express e-mails. According to postings on Microsoft's OneCare forum, erasures have been caused when the antivirus programme finds a virus in an e-mail attachment. Instead of then quarantining that single e-mail, users have reported that entire .pst or .dbx files -— the personal folder where non-Exchange Server users' messages and other details are kept -— have been quarantined or, in some cases, even deleted. One user commented on the forum: "Is there a chance to recover it? If not, OneCare will have done more damage than any virus in my 30 years of active computing." Forum postings indicate, however, that recovery is possible in some cases, where the .pst or .dbx file is still available in OneCare's quarantine facility. Stephen Boots, a forum administrator, commented that he was "very unhappy about this problem as it was reported over a year ago and fixed in the 1.0 release", adding: "It never appeared throughout the beta, but suddenly appeared when 1.5 was released". In a statement reported on Computerworld, a Microsoft spokesperson confirmed that the company was "working to address an issue where the antimalware engine for OneCare is erroneously quarantining Outlook .pst files or Outlook Express .dbx files, when the .pst file or .dbx file contains an infected attachment". The spokesperson added that a fix would be included in the next OneCare update, which is due on 13 March. OneCare has been hit this year by ongoing criticism, having only days ago failed to achieve certification in an independent test of security products. Shortly before that, it emerged that the product did not sufficiently protect users of Microsoft's Vista operating system against malware.

Microsoft's OneCare takes last place in anti-virus evaluation

www.computerworld.com — Fri, 2 Mar 2007 23:29:58 GMT

Microsoft's Windows Live OneCare came in dead last out of a group of 17 anti-virus programs tested against hundreds of thousands of worms, viruses, Trojan horses and other malware, an Austrian anti-virus researcher reported yesterday. The AV Comparatives Web site, which is maintained by Andreas Cleminti from Innsbruck, Austria, posts quarterly results of tests that pit the top anti-virus products against a dynamic list of nearly half a million individual pieces of malware. Top dog, according to Cleminti's tests, was G Data Security's AntiVirusKit (AVK), which nailed 99.5% of the malicious code. Not far behind were AEC's TrustPort AV WS, at 99.4%, Avira's AntiVir PE Premium, at 98.9%, MicroWorld's eScan Anti-Virus, at 97.9%, F-Secure's Anti-Virus, at 97.9%, and Kaspersky Labs' AV, which stopped 97.9% of the malware. Better known products such as Symantec's Norton Anti-Virus and McAfee's VirusScan posted results of 96.8% and 91.6%, respectively. Holding the bottom spot was Microsoft's Windows Live OneCare, the consumer security suite that the Redmond, Wash. developer launched last year. OneCare took care of just 82.4% of the malware. Cleminti also tested the 17 products against polymorphic viruses, those which produce sometimes vast numbers of variants as they try to sneak by scanners. "The results of the polymorphic test are of importance because they how flexible an anti-virus scan engine is and how good the detection quality of complex viruses is," said Cleminti in his write-up. Only Symantec's Norton AntiVirus and ESET's NOD32 Anti-Virus caught every variant of the 12 polymorphic families, he said. In that test, OneCare placed 15th, detecting every version of only two families, and missing seven of the polymorphic families completely. Cleminti's report is available online (download PDF). This is not the first evaluation to give a Microsoft security program a black eye. Last week, for example, Australian security company PC Tools released research that claimed Windows Defender -- Microsoft's anti-spyware title -- detected just 46% to 53% of spyware. "We are looking closely at the methodology and results of the test to ensure that Windows Live OneCare performs better in future tests," a Microsoft spokesperson said.

Windows Vista Patch for DNS client

www,support.microsoft.com — Fri, 2 Mar 2007 09:31:06 GMT

Microsoft just released a Windows Vista Patch. A client computer that is running Windows Vista registers an old IP address when the GUID of a network adapter changes When the GUID of a network adapter changes on a client computer that is running Windows Vista, the computer registers an old IP address that was associated with the old GUID. The client computer also registers new IP addresses that are associated with the new GUID. However, because the client computer registers old IP addresses, another client computer may try to use the old IP address. If the old address is not valid, a connection failure may occur.

Update for Windows Vista for x64-based Systems (KB929451)

Update for Windows Vista (KB929451)

Just five years support for Vista Home, Ultimate

www.computerworld.com — Fri, 2 Mar 2007 09:25:32 GMT

Microsoft Corp. yesterday said it would limit support for three versions of the Windows Vista operating system, including its most expensive, to five years rather than the usual 10 years. The company defended the difference by noting that the clock just started ticking. "End of life-cycle support for Windows Vista is still five years out," a spokesperson said in an e-mail response. However, the software maker left the door ajar. "As we've done in the past, Microsoft will continue to evaluate the support life cycle for Windows Vista and make decisions about extending support if and when it is necessary," the spokesperson added. Although the corporate editions of Vista -- Business and Enterprise -- will be supported for the usual "5 + 5" span that includes five years of what Microsoft calls "mainstream" support and another five of "extended" support, the consumer versions currently have an end date of April 10, 2012. Vista Home Basic, Home Premium and Ultimate will stop receiving updates, even critical security updates, after that. Ultimate, which retails for $499 ($299 for an upgrade), is the priciest Vista edition, and is touted by Microsoft in its marketing materials as offering "all of the features found in Windows Vista Home Premium [and] also all of the features found in Windows Vista Business." Vista Business and Vista Enterprise users will receive security updates into 2017. The decision to cut off consumer Vista support after five years seems odd in light of a January move by Microsoft that added extended support to Windows XP Home and XP Media Center. Windows XP Home and XP Media Center, which were scheduled to drop off the support chart in mid-April 2009, were given an extension to April 2014. At the time, Ines Vargas, Microsoft's director of support policy, said the decision had been made in part because the company recognized that consumers were keeping their computers for longer lengths of time. Yesterday, Microsoft explained its reason for extending XP while keeping Vista at five years. "Microsoft's decision to provide an extended support phase for Windows XP Home and Windows XP Media Center was limited to those specific versions of the OS," the spokesperson said. "Given that Windows Vista recently became available to consumers, it is premature to make any decisions about an extension of consumer support at this time." Michael Cherry, an analyst at Directions on Microsoft, said he knows why Microsoft is, at least for now, holding the Vista line at five years. "Because they're optimists, they think they will have Vista's replacement out in time to beat that deadline," Cherry said. Likewise, the decision to extend XP support was taken for more reasons than keeping customers happy, Cherry added. "Microsoft was so late in getting Vista out, that there was a danger of XP falling off support within a very short time."

Online Petition asks Blair to pressure Microsoft

Paul Milne — Thu, 22 Feb 2007 19:24:01 GMT

An online petition at the 10 Downing Street government "e-petitions" web site started by Paul Milne has requested that the British Prime Minister Tony Blair put pressure on Microsoft for the huge price difference between the UK/US retail version of Windows Vista, specifically the Ultimate version of which an example is given.

The petition reads: "There is a huge difference in the price that people in the US and the UK are paying for Windows Vista the new Microsoft Operating System. As an example of this, in the UK a full copy of Vista Ultimate would cost you £350, in the US it would cost you £195. The US version of Vista is exactly the same as the UK version. There is no difference. Therefore I can see no reason for there to be such a huge difference in prices between the UK and the US other than Microsofts belief that the UK customers will pay more than their US counterparts. I ask people to sign this petition in the hope that the Prime Minister will bring pressure to bear on Microsoft over their pricing as it is my belief they are simply overcharging the people of the UK and therefore are ripping us off." At the time of posting, the petition has mustered 182 signatures with a deadline set for April 20th 2007. It has to be noted that Blair emailed an official response to over 1.7 million people just two days ago regarding another petition started on the government website. So who knows how far this can go.

Sign the petition

Another Word Exploit: Microsoft Security Advisory (933052) Vulnerability in Microsoft Word 2000/XP Could Allow Remote Code Execution

Microsoft — Fri, 16 Feb 2007 10:27:49 GMT

Microsoft is investigating new public reports of very limited, targeted attacks against Microsoft Word “zero-day” using a vulnerability in Microsoft Office 2000 and Microsoft Office XP. In order for this attack to be carried out, a user must first open a malicious Office file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. Microsoft has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability

Microsoft Security Bulletin Summary for February, 2007

Microsoft.com — Wed, 14 Feb 2007 12:40:02 GMT

Included in this advisory are updates for newly discovered vulnerabilities. These vulnerabilities

Essential Tools for Removing Spyware, Adware, and Malware

Mark Sinclair — Wed, 31 Jan 2007 15:40:00 GMT

If you have been on the Internet for any length of time, you've probably ran across the topic of spyware, adware, or malware. This is software that has been installed on your computer, many times without your permission, or accidentally by clicking on a popup ad, etc. The problem with these programs is they will slow your computer down, they can also make changes to your desktop, homepage, search pages, load programs into your taskbar tray and otherwise get in the way. In the worst cases, they will even transmit information from your computer to servers on the Internet. So the question becomes, if your computer is infected with these problematic programs, how do you get rid of them. In most cases, you can run a free removal program to remove these infections, in more serious cases, you may have to download a specialized removal program to free yourself of these problems. Listed below you will find the best freeware programs available on the Internet for removing spyware, adware, and malware: Adware and Spyware Removal Lavasoft Ad-Aware SE 1.06 Spybot Search and Destroy 1.4 Microsoft Windows Defender Ewido Anti-Malware a² (a-squared) Scanner Spybot Search and Destroy 1.4 is a solid removal program with constantly current updates. Even though many of the issues found were simple cookies, I would still recommend running it on a regular basis and using it to remove many programs that are not wanted, however you may need to use it in conjunction with other manual methods or other removal programs to get rid of everything.

Can't Open Attachments in Outlook Express 6

Mark Sinclair — Wed, 31 Jan 2007 15:36:50 GMT

If you receiving this error message when viewing an email in Outlook Express, here is how to fix it. With the introduction of Outlook Express 6, Microsoft has added an additional feature to prevent customers from infecting their machines with viruses. Outlook Express uses the Internet Explorer unsafe file list and the Confirm open after download setting in Folder Options to determine if a file is safe. Any e-mail attachment with a file type that is reported as "unsafe" is not downloaded, and access to the attachment is removed. However there are times, you may want to view an attachment that Outlook Express has deemed as unsafe. In these cases, follow these instructions to allow Outlook Express to show the attachment. Start Outlook Express. On the Tools menu, click Options. Click the Security tab, click to clear the Do not allow attachments to be saved or opened that could potentially be a virus check box under Virus Protection, and then click OK. To better protect yourself from viruses, its a good idea to leave this option checked unless you definitely want to open the attachment. Another way to help protect yourself from email viruses infecting your computer if you use Outlook Express is to disable the Preview Pane. There are certain viruses that will infect a computer even if you just preview the message. To disable the preview pane: Start Outlook Express Click on View, Layout Uncheck the Show Preview Pane, and then click OK.

To protect your computer, you need the proper updates for your operating system to protect your computer.

Mark Sinclair — Wed, 31 Jan 2007 15:34:51 GMT

Any operating system must be kept up to date. Without the updates, your computer will become increasingly more vulnerable to new threats. Some of these threats are made possible by weaknesses discovered in Windows after Windows was released. Other weaknesses became apparent as new technology creates a weakness where there was none before. Windows has made it easy to keep up to date You can perform Windows Update automatically, prompted or manually. Windows ME, 2000 & XP: To set Windows Update on automatic (recommended for most home users) Right click "My Computer" Click "Properties" Click "Automatic Updates" Place check in "Keep my computer up to date" Also place a bullet in "Automatically download the updates" NOTE: Be sure your computer is powered on the day/time you set. To set Windows Update to prompt for the updates choose one of the other two bullets on that page.

Microsoft Tailors Vista to Meet EU Requirements

Mark Sinclair — Wed, 31 Jan 2007 14:34:10 GMT

As Windows Vista appeared in computer stores worldwide, Microsoft said today that part of the design of the new operating system is the work of the European Commission. "Following discussions with European Commission, Microsoft committed to make a number of changes to the Windows Vista operating system prior to release," the software maker said in a statement, pointing to three functions of the operating system: security, search, and fixed document formats.

Bill Gates Celebrates Worldwide General Availability of Windows Vista and the 2007 Microsoft Office System

Mark Sinclair — Mon, 29 Jan 2007 14:32:47 GMT

From Times Square in New York City, Microsoft Chairman Bill Gates hosted the worldwide launch of Windows Vista and the 2007 Microsoft Office System. The celebration paid tribute to the millions of Microsoft customers, partners and product testers around the world who provided input and feedback on these products -- helping Microsoft transform the way people communicate, create and share content, and access information and entertainment in the new digital age.

Customer Support Section

Mark Sinclair — Fri, 5 Jan 2007 14:24:57 GMT

Local IT Care have set-up a customer support page listing some of the most common problems with PC today. We will be adding the more information to this part of the site over the next few months.

Microsoft Security Bulletin Re-Release: MS06-078

Steve Bink — Tue, 19 Dec 2006 14:22:29 GMT

Reason for Revision: Bulletin updated has been revised and re-released for the Korean only package on Microsoft Windows Media Runtime Format 7.1 and 9.0 Series Runtime on Windows 2000 Service Pack 4 to address the issues identified in Microsoft Knowledge Base Article 923689. Additional clarity around file versions in the "I've installed the Windows Media Format Runtime security update. What version of Windows Media Format Runtime should I have installed?" in the "Frequently Asked Questions (FAQ) Related to this Security Update" section. - Originally posted: December 12, 2006 - Updated: December 19, 2006 - Bulletin Severity Rating: Critical - Version: 2.0

Microsoft confirms first Windows Vista vulnerability

MSRC — Tue, 19 Dec 2006 13:51:32 GMT

MSRC Blog: We are closely monitoring developments related to a public posting of proof of concept code targeting an issue with the Client Server Run-Time Subsystem. The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems. Initial indications are that in order for the attack to be successful, the attacker must already have authenticated access to the target system. Of course these are preliminary findings and we have activated our emergency response process involving a multitude of folks who are investigating the issue in depth to determine the full scope and potential impact to customers. Currently we have not observed any public exploitation or attack activity regarding this issue. While I know this is a vulnerability that impacts Windows Vista I still have every confidence that Windows Vista is our most secure platform to date. As always, we here at the MSRC encourage everyone to enable a firewall, apply all security updates and install anti-virus and anti-spyware software.

Microsoft Security Advisory (929433) :: Vulnerability in Microsoft Word Could Allow Remote Code Execution

Mark Sinclair — Fri, 15 Dec 2006 13:43:07 GMT

Vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Belkin to Pay Up For Microsoft's Plug And Play

Mark Sinclair — Wed, 13 Dec 2006 13:39:07 GMT

Microsoft and wireless electronics accessory maker Belkin settled their patent infringement dispute today with Belkin agreeing to license Microsoft's U2 technology. The settlement comes more than two years after the companies began negotiations and four months after Microsoft filed an infringement complaint over the issue with the International Trade Commission. According to Tom Burt, Microsoft's corporate vice president and deputy general counsel for Microsoft, the Compton, Calif.-based Belkin persisted in importing unlicensed U2 products into the United States. "We're glad to have reached a settlement with Microsoft and we are satisfied with the outcome," said a company spokesman. The technology allows a computer peripheral device to auto-sense whether it is plugging into a PS2 or USB port and to connect to it. The plug-and-play U2 technology allows users to attach devices to computers without having to deal with connection settings. Microsoft did not seek monetary damages against Belkin. Belkin joins Targus, KYE Systems, Monterey International, Behavior Tech Computer and Fellowes, among others, who have licensing agreements with Microsoft to use the U2 technology. "We are committed to licensing our patents on reasonable terms to all who use our technology," Burt said.

Microsoft denies flaw in Vista

Mark Sinclair — Mon, 11 Dec 2006 13:36:55 GMT

Microsoft has confirmed that Vista can be affected by malware from 2004, but argues this is not a flaw in the operating system. Security vendor Sophos reported last Thursday that Microsoft's Vista is vulnerable to at least three pieces of widespread malware, two of which date back to 2004. At least three well-known internet worms -- labelled Stratio-Zip, Netsky-D and MyDoom-O by Sophos -- are able to execute on the operating system, according to Sophos. However, because these attacks rely on user interaction to execute the code, Microsoft has denied this is a flaw. Microsoft said that these attacks rely on social-engineering techniques to be successful. "Microsoft is aware of a report by Sophos that claims variants of existing malware may affect users running Windows Vista," the software giant said in a statement. "Based on our initial investigation, Microsoft can confirm that these variants do not take advantage of a security vulnerability, rather they rely on social engineering to infect a user's system." Social engineering relies on tricking users into executing malicious code themselves -- a user has to open an infected attachment on an e-mail for these worms to infect the system. Windows Mail Client -- the Vista replacement to Outlook -- will block the worms, but businesses running third-party e-mail clients such as Lotus Notes, or webmail such as Yahoo or GoogleMail, could be vulnerable to social-engineering attacks. Microsoft stopped short of blaming third-party e-mail clients for the problem, but said that User Account Control (UAC) -- which limits users' ability to install applications unless they have administrator privileges -- can "help to provide better protections". IT managers can run Vista end-user accounts with limited "standard user" privileges, rather than administrator privileges. Users are also given security prompts when attempting to run executable code. "In those cases where other e-mail clients may not have made the same aggressive security design decisions as Microsoft did with Windows Mail Client, other protections such as UAC can apply still to help provide better protections against email-based social-engineering attacks," Microsoft's statement said.

Windows Vista crack is actually a trojan

Mark Sinclair — Fri, 8 Dec 2006 13:27:09 GMT

Malware makers are starting to take advantage of the number of users searching for cracks for the pirated copies of Vista floating around. A new download has started circulating around the crack boards called "Windows Vista All Versions Activation 21.11.06". It purports to be an activation crack for any version of Vista. However, the file is actually a trojan-carrier which will install Trojan-PSW.Win32.LdPinch.aze onto your PC.

How Microsoft Wrapped the "Ribbon" in a Bow

mark.sinclair@loclaitcare.co.uk — Thu, 7 Dec 2006 13:08:45 GMT

User interface design is tough work. It's a little science, a dash of art and lots of guesswork--all of which Microsoft applied to Office 2007's "ribbon." Last week, I spoke with Julie Larson-Green, who joined Microsoft in 1993 and has worked on user-interface design for her career there. Larson-Green played a pivotal role in the development of the new Office user interface, which main element is the ribbon. Now as corporate vice president for Windows Experience Program Management, she is responsible for taking some of the concepts introduced in Office 2007 and applying them to Windows. Shifting Design Priorities The process for revamping Office's look and feel started about the time version 2003 shipped three years ago. The Office team faced two ongoing problems: Customers continually asking for features that had been in the software for years and upgrade resistance from perceptions little substantially changed version after version. Microsoft would have to rethink fundamental design concepts before looking to the user interface as solution to these two problems. Consistency was "in the fabric of our team," Larson-Green said. For previous versions, consistency was the top design principle. Microsoft sought to create consistency across Office applications and maintain it version after version. While the Office user interface evolved from its Windows 3.1 heritage, the basic design principles remained largely the same until version 2003.

Microsoft warns of Word exploit

mark.sinclair@localitcare.co.uk — Tue, 5 Dec 2006 13:05:48 GMT

Microsoft has warned of a new, unpatched memory corruption error in its word-processing software, and said that its investigating reports of "limited" attacks that exploit the problem. The bug can be exploited by adding a string of characters in a Word file that can corrupt the PC's memory and allow the attacker to run unauthorised software on the system, Microsoft wrote in a security advisory. The bug affects many versions of the software, including Word 2000, 2002, and 2003, the Word Viewer 2003 and several versions of Microsoft Works. It is [rated 'critical' by the FrSIRT website, which compiles a list of software vulnerabilities. As automatic security updates have become commonplace, attackers have focused on developing attacks that use this kind of unpatched hole, sometimes called zero day attacks. This trend has forced Microsoft to produce a growing number of software updates in recent months. In particular, hackers turned their attention to Microsoft's Office products, which some researchers consider to be a more fruitful source of bugs than the Windows operating system. "Cyber criminals know that zero days are very vulnerable and can be used to make lots of money," said Cesar Cerrudo, chief executive officer of security research firm Argeniss. These vulnerabilities can be exploited to install spyware or dangerous Trojan horse programs, or to add the victim's computer to a network of compromised PCs, called a botnet, which can then be used to send out spam or attack other systems, he said. Microsoft's next set of security updates is due to be released on December 12.

Dell offers factory installation for Vista

Mark Sinclair — Mon, 4 Dec 2006 13:03:21 GMT

Hardware giant Dell has responded to the launch of Microsofts Windows Vista by offering factory installation to speed business adoption of the new operating system. Dell said its latest server and storage products, desktops and notebooks had been designed and optimised for Windows Vista, along with Microsofts Office 2007 productivity suite and Exchange Server 2007 Business users with volume licensing agreements from Microsoft can now send their Windows Vista image to Dell for factory installation through the hardware giants standard imaging service.Other manufacturers have also responded to the Vista launch with new products and services. IBM announced new provisioning software that to speed up Vista deployments. The Tivoli Provisioning Manager for OS Deployment, based on technology gained from IBMs acquisition of Rembo is designed to help IT departments automatically install or upgrade operating systems on thousands of servers laptops and desktop computers simultaneously.Lenovo announced the integration of its ThinkVantage Technologies suite of system recovery wireless connectivity and security tools with Vista.