Smokey's Security Weblog

veritas odium parit

What is it with MSN Space?

I am Starbuck, substitute site owner at ‘Smokeys’ and will sometimes blog here.

For a few days i’ve been unable to get into my Msn Space. so i emailed them to see if the ‘Spaces’ were down.
this is the reply i had from them:

Hello Peter,

Thank you for writing to Windows Live Spaces Customer Support.

My name is Joy and I acknowledge that you are unable to access your Space, starbuck50. I know how inconvenient this may have been for you and I am here to assist you.

We have found your Space, starbuck50, to be in violation of the Windows Live Spaces Code of Conduct as it has inappropriate content. As this violation is serious in nature, we were forced to close down your Space.

Please note that there is no Adult rating for Windows Live Spaces. Posting of profane messages, pornographic, sexually suggestive or provocative images is not allowed in our service, even if your Space is set to Private or Messenger.

Also, if your Space is disabled, you will not be able to access your Windows Live SkyDrive and Windows Live Profile accounts.

We encourage you to review the Windows Live Spaces Code of Conduct by visiting this link:

http://help.live.com/help.aspx?mkt=en-us&project=tou&querytype=keyword&query=coc

Windows Live Spaces has comprehensive online help available to you. For more information, click the “Help” button at the top of any Spaces page.

Thank you for using Windows Live Spaces.

Sincerely,

Mary Joy
Support Specialist
Windows Live Support Team

My Msn Space is all about helping people and providing help on ‘Pc Security’ matters.
If there’s anything ‘Pornographic’ on my Space, i’d love to see it!!!
Why are these replies from MSN always sent using ‘Canned speeches’…. i wanted a reply from a human.

The reply i received didn’t actually explain what the problem was.
If MS and MSN want to convey a good working relationship with people, then start by answering questions and problems using normal speech and explain things to members.
I still don’t know what the problem is!

The ridiculous reply didn’t even say how to correct things!
How can i even think about correcting things if i can’t even get into my Msn Space? … or even see what they are talking about.

Starbuck

November 14, 2009 Posted by starbuck50 | Security, Uncategorized | , , , , , , , | 1 Comment

Front USB ports not recognized: How-To-Fix

Some time ago I posted how to fix Windows Vista / USB device detection problems. Because till today this how-to is one of the best readed posts on my blog it is clear that numerous people suffer from problems with USB devices.

Some investigation learned me that a huge amount of people also have problems with the front USB ports. In this particular case it regard a recognition problem. On internet I found a possible solution:

1- Remove the side panel (with the computer off)
2- Follow the cables from the back of the front I/O ports where your front USB is located (maybe on the memory card reader)
3- Follow those cables to where they connect to a header (a set of pins) on the motherboard
4- Disconnect the cables from the motherboard but leave them connected to the front
5- Turn on the computer and wait till Windows fully boots
6- After the full boot turn off the computer
7- Reboot one more time Windows in the same manner
8- Turn off the PC, plug the cables back to the motherboard, replace the side panel
9- Turn on the PC

Enjoy yourself :)

September 13, 2009 Posted by Smokey | Advisories, Uncategorized | , , , , | No Comments Yet

Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 RTM Released

Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 – Five Language Standalone DVD ISO Released.

This is a DVD ISO image that contains Service Pack 2 for Windows Server 2008 SP2 for x86, x64, IA-64 and Windows Vista for x86, x64. This image is only applicable to computers that have one or more of the following languages: English, German, French, Japanese, or Spanish.

File Name: 6002.18005.090410-1830_iso_update_sp_wave0-RTMSP2.0_DVD.iso
Version: 948465
Knowledge Base (KB) Articles: KB948465
Date Published: 5/25/2009
Language: English, German, French, Japanese, Spanish.
Download Size: 1376.8 MB
Microsoft download page: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=9f073285-b6ef-4297-85ce-f4463d06d6cb

Supported Operating Systems:

Windows Server 2008; Windows Server 2008 for Itanium-based Systems; Windows Vista; Windows Vista Business 64-bit edition; Windows Vista Enterprise 64-bit edition; Windows Vista Home Basic 64-bit edition; Windows Vista Home Premium 64-bit edition; Windows Vista Ultimate 64-bit edition.

Non-DVD versions:

32-bit: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a4dd31d5-f907-4406-9012-a5c3199ea2b3
64-bit: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=656c9d4a-55ec-4972-a0d7-b1a6fedf51a7

Programs that are known to experience a loss of functionality after you install Service Pack 2 for Windows Vista or for Windows Server 2008: http://support.microsoft.com/kb/969707

Warning: ESET NOD32 Anti-Virus v4.x programs can cause severe problems (e.g. BSODs) after Service Pack 2 install. More info on the official ESET Support Forum: http://www.wilderssecurity.com/showthread.php?t=241025

May 26, 2009 Posted by Smokey | Uncategorized | , , , , , , , , , , , , , , , | No Comments Yet

Watch your steps: Leaked copies of Windows 7 RC contain Trojan…..

By ComputerWorld – Gregg Keizer 05 May

Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade. Some of the pirated builds include a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.

“Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE,” said someone identified as Frank Fontaine on a Neowin.net discussion thread. “The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe.”

Source:  ComputerWorld

Get the official Windows 7 RC download:

The 32- and 64-bit versions of Windows 7 RC are available in five languages: English, German, Japanese, French, and Spanish. Just choose the version that fits the system you’ll be using, pick your language, and click go to register for and download the RC.

Downloading the Windows 7 RC could take a few hours. The exact time will depend on your internet provider, bandwidth, and traffic. The good news is that once you start the download, you won’t have to answer any more questions – you can walk away while it finishes. If it gets interrupted, it’ll restart where it left off. (txs NICK_ADSL_UK!)

Official downloadlink Windows 7 RC: Microsoft

May 6, 2009 Posted by Smokey | Uncategorized | , , , , , , , , , , | No Comments Yet

Temporary no time available for posting on this blog

Well folks, you will have noticed it is already a couple of weeks ago I posted here. Reason: lack of time.
At the moment I am really occupied by several security related projects, and are also testing security software. And to overflow my calendar notably, I am trying out all kinds of  forum software. BTW, please keep in mind I have to manage my own forum too…

The forum software evaluation is not only performed for community sake but also in my own interest. My forum “Smokey’s Security Forums” is currently running with phpBB3, and for several reasons, security related ones included, I decided to migrate to another forum software package. So you see, (temporary) I have no time available for other issues like posting on this blog.

I will continue with posting here asap, probably next week.

See you,

Smokey

March 15, 2009 Posted by Smokey | Uncategorized | , , , , , | 1 Comment

Safe Computing and Preventing Malware Infections

The current outbreak of the polymorphic worm Downadup, aka Conficker and Kido, and all its variants make very clear that many users don’t act in a responsable and secure way. After all, at the moment 9 (nine) million PCs are contaminated by that worm for reason of a missing Microsoft Security Update for Windows (KB958644). At the same time numerous users don’t posses safe computing and surfing habits, ignore standard precautions, haven’t the slightest idea how to prevent malware and in case they have a PC contaminated by malware they are trying to clean the PC by themselves or by self-declared “security experts”. Keep in mind that malware cleaning/removal isn’t a job for amateurs, it is a dedicated job for well trained and full qualified malware hunters.

Safe computing/surfing and preventing malware is a matter of education. Only well educated users have the reasonable possibilty to remain “clean”. The sole aim of me and my staff on Smokey’s Security Forums is to fulfill this aim by providing the user for free with Education, Support, Help and Advice, and in case the PC of the user is infected by malware to offer malware cleaning/removal by real security experts: comprehensive trained, full qualified HJT/OTListIt2 Analysers/Malware Hunters.

Some basic rules for safe computing, related links at the end of this post:

- Activate the automatic update function in Windows. Always accept and install all updates offered by Microsoft.
- If you don’t like automatic updates, consider to use the Microsoft Baseline Security Analyzer (MBSA). MBSA is an easy to use free tool that helps individuals, small and medium businesses to determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It will improve your security management process by using MBSA to detect common administrative vulnerabilities and missing security updates on your computer systems.
- Always install all Service Packs offered by Microsoft.
- Educate and protect yourself, e.g. by visiting my board and reading the FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware.
- In case your PC is infected by malware, adware or any other undesired badware or nasties visit my board to get rid of such crap. Only full qualified HijackThis & OTListIt2 Log Analysers/Malware Hunters will care about these infections and help you in a professional way, of course for free, to get rid of it. Note: only registered board members will receive malware removal/cleaning help, registering on my board is also for free.

Links

- Smokey’s Security Forums
- FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware
- HijackThis (HJT) & OTListIt2 Log Analysis and Malware Removal/Cleaning Assistance and Services
- Microsoft Baseline Security Analyzer (MBSA) Frequently Asked Questions
- Download Microsoft Baseline Security Analyzer

Safe computing!
.

asap1
Smokey’s Security Forums is Site Member ASAP

January 17, 2009 Posted by Smokey | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Phishing, Security, Toolbarware, Vulnerabilities | , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | No Comments Yet

Troubleshoot driver problems in Vista with the Driver Verifier Manager

Author: Greg Shultz / TechRepublic

If you are encountering unpredictable errors, lockups, or BSODs in Windows Vista, chances are that your system is suffering from the effects of a faulty third-party driver. As you know, the device drivers that come with Microsoft Windows Vista have a digital signature that indicates that the driver has met a certain level of testing and that it has not been altered. You also know that any hardware that carries a Certified for Windows Vista logo will come with drivers that have a digital signature from Microsoft that indicates that the product was tested for compatibility with Windows Vista.

However, not all third-party hardware manufacturers are willing to take the time and effort to submit their products to Microsoft for certified testing and aren’t really interested in having a digital signature from Microsoft assigned to their drivers. And, unfortunately, uncertified drivers are a big source of problems in Vista.

Fortunately, Vista comes with a great utility called the Driver Verifier Manager. While not a new utility (it came with Windows 2000 and Windows XP), the version that comes with Vista has some new features that make it easier to use. In this edition of the Windows Vista Report, I’ll show you how to use the Driver Verifier Manager to troubleshoot driver problems in Windows Vista:

Source / How to use the Driver Verifier Manager: TechRepublic

January 10, 2009 Posted by Smokey | Advisories, Friends, Uncategorized | , , , , , , , , , , | No Comments Yet

Some words of thanks to all vendors participating Smokey’s Seasonal Competition 2008

Now Smokey’s Seasonal Competition 2008 is closed and all winners are notified about their luck to win a prize it is time to speak some words of thanks to all participating vendors:

Grisoft/AVG, Avira, Comodo, Jetico Inc., Kaspersky Labs, Malwarebytes Corporation/MBAM, Tall Emu/Online Armor, PrevX, Sunbelt/VIPRE and SuperAntiSpyware.

These vendors made it possible that numerous members of Smokey’s Security Forums are now provided for free with valuable top-notch security software licenses and therefore are better protected than before against all kind of malware.

Smokey

December 23, 2008 Posted by Smokey | Friends, Malware, Security, Uncategorized | | No Comments Yet

Windows Server 2008 Service Pack 2 Beta and Windows Vista Service Pack 2 Beta Released

Windows Server 2008 Service Pack 2 Beta and Windows Vista Service Pack 2 Beta – Five Language Standalone (KB948465)

Overview

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta is prerelease code offered to the public through our Customer Preview Program. Please see the Windows Server SP2/Windows Vista SP2 Customer Preview Program page on TechNet/MSDN for additional details, documentation, and forums.

Windows Vista SP2 TechNet
Windows Server 2008 SP2 TechNet

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta apply to people, organizations, and technical enthusiasts who are comfortable evaluating prerelease software. This prerelease software is provided for testing only. Installation of Service Pack 2 Beta will result in Microsoft collecting information about the installation process, even if the installation is not completed. We do not recommend installing this software on primary or mission-critical systems. We recommend that you have a backup of your data before you install any prerelease software.

SP2 is an update to Windows Server 2008 and Windows Vista that addresses feedback from our customers and partners. By providing these fixes integrated into a single service pack, Microsoft provides a single high-quality update that minimizes deployment and testing complexity for customers.

In addition to all previously released updates, SP2 will contain changes focused on addressing reliability and performance issues, supporting new kinds of hardware, and adding support for several emerging standards. SP2 will also continue to make it easier for IT administrators to deploy and manage large installations of Windows Server 2008.

Service Pack 1 is a prerequisite for installing Service Pack 2. Please make sure that your system is running Service Pack 1 before you install Service Pack 2.

Windows Server 2008 SP2 Beta and Windows Vista Service Pack 2 Beta – Five Language Standalone version can be installed on systems with any of the following language versions: English, French, German, Japanese, or Spanish.

Support for Windows Server 2008 SP2 Beta and Windows Vista SP2 Beta can be received by visiting the Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 TechNet forum.

Quick Details

File Name: Windows6.0-KB948465-X86.exe
Version: 948465
Knowledge Base (KB) Articles: KB948465
Date Published: 12/4/2008

Source/download

Microsoft Download Center

Windows Server 2008 SP2 and Windows Vista SP2 RTM Released (KB948465)

Released on 2009-25-05

Release info and downloads: http://smokeys.wordpress.com/2009/05/26/windows-server-2008-service-pack-2-and-windows-vista-service-pack-2-rtm-released/

December 6, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, News, Security, Uncategorized | , , , , , , | No Comments Yet

An excellent openSUSE 11 Review & Tutorial by Dedoimedo aka Mrkvonic

Like usual, Dedoimedo aka Mrkvonic have written an excellent review and tutorial, this time it concern openSUSE 11.

Mrkvonic:

“This review/tutorial including the use and installation on a laptop, so you can expect to see the following:

Wireless support, multimedia support (MP3, Java, Flash, VLC, K3B, DVD), NTFS support, Samba sharing, virtualization – VMware Server, including running Windows and Linux guests from remote Windows and Linux machines, all using wireless, games, an extensive guide on partitioning and installation and the use of the Updater (updating system, adding repositories, zypper), and more.”

To the openSUSE adherents this review is an absolute must!

Full review: Dedoimedo

November 15, 2008 Posted by Smokey | Advisories, Friends, News, Uncategorized | , , | No Comments Yet

Multiple Highly Critical Vulnerabilities in Apple Safari 3.x for Windows and Mac OS X

Multiple highly critical vulnerabilities are reported in Apple Safari 3.x for Mac OS’s and Safari 3.x for Windows XP and Vista, it concern all versions prior to 3.2

Impact of the vulnerabilities

- Multiple vulnerabilities exist in zlib 1.2.2, the most serious of which may lead to a denial of service.
- Processing an XML document may lead to an unexpected application termination or arbitrary code execution.
- Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
- Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
- Viewing a large maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution.
- Viewing a maliciously crafted image may lead to an unexpected application termination or arbitrary code execution.
- Sensitive information may be disclosed to a local console user.
- Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
- Visiting a maliciously crafted website may lead to the disclosure of sensitive information.

Original Advisory: Apple

Vendor patches to close these vulnerabilities are available, please update to version 3.2 asap.

Downloads

Safari 3.2 for Windows: here
Safari 3.2 for Tiger: here
Safari 3.2 for Leopard: here

November 15, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Malware, Security, Vulnerabilities | , , , , , , , , , | 1 Comment

Microsoft Security Bulletin Advance Notification for November 2008

Published: November 6, 2008

Microsoft Security Bulletin Advance Notification issued: November 6, 2008
Microsoft Security Bulletins to be issued: November 11, 2008

This is an advance notification of security bulletins that Microsoft is intending to release on November 11, 2008.

This bulletin advance notification will be replaced with the November bulletin summary on November 11, 2008. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

Executive Summaries

This advance notification provides the software subject as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. The security bulletins for this month are as follows, in order of severity:

Critical (1) -

Bulletin Identifier: Windows Bulletin 1
Maximum Severity Rating: Critical
Impact of Vulnerability: Remote Code Execution
Affected Software: Microsoft Windows, Microsoft Office. For more information, see the Affected Software section.

Important (1) -

Bulletin Identifier: Windows Bulletin 2
Maximum Severity Rating: Important
Impact of Vulnerability: Remote Code Execution
Affected Software: Microsoft Windows. For more information, see the Affected Software section.

Full bulletin: Microsoft TechNet

November 8, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Security, Vulnerabilities | , | No Comments Yet

Security upgrade: Opera 9.62 for Windows released, upgrade now!

Today, Opera released v9.62 of their browser. Because this is a highly recommended security upgrade I strongly advice all Opera users to upgrade without delay.

Changelog

- Fixed an issue where History Search could be used to execute arbitrary code, see the Opera Advisory.
- The links panel no longer allows cross-site scripting, see the Opera Advisory.

Downloadpage Opera 9.62 for Windows: here

Note: Opera 9.62 incorporates the Opera Presto 2.1.1 user agent engine.

October 30, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Malware, Security, Vulnerabilities | , , , , , , , , | No Comments Yet

Highly critical vulnerabilities in all OpenOffice versions prior to v2.4.2

According to heise Security, despite the fact that OpenOffice v3.0 is released, many users of the suite of productivity applications may be in a controlled environment, such as a government organisation, and are not able to rapidly migrate to the latest release but are prepared to install updates that do not change functionality. For these users this OpenOffice v2.x highly critical vulnerabilities alert is important, they are advised to upgrade asap to v2.4.2

The vulnerabilities in all OpenOffice versions prior to v2.4.2 are:

1. A security vulnerability with the way OpenOffice 2.x process WMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.

2. A security vulnerability with the way OpenOffice 2.x process EMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.

Sources and background information:

- WMF security advisory from OpenOffice
- EMF security advisory from OpenOffice
- heise Security

October 30, 2008 Posted by Smokey | Advisories, Alerts, Downloads, Friends, Malware, Security, Vulnerabilities | , , , , , , , | No Comments Yet

New Official Jetico Inc. Support Forums Opened: Jetico BestCrypt for Linux and BCWipe for UNIX

On behalf of Jetico Inc. I am pleased to announce that on my board Smokey’s Security Forums two new Jetico Inc. Support Forums are opened: Jetico BestCrypt for Linux and BCWipe for UNIX.

The addition of these new support forums to the board is good news for consumers using these Jetico products, like in all other Jetico support forums they will be provided with support, help and advice by engineers and developers of Jetico Inc.

Survey of all Official Jetico Inc. Support Forums on Smokey’s Security Forums

- Jetico Personal Firewall v1
- Jetico Personal Firewall v2
- Jetico BestCrypt for Windows
- Jetico BestCrypt for Linux
- Jetico BCVE -BestCrypt Volume Encryption
- Jetico BCArchive
- Jetico BCWipe for Windows
- Jetico BCWipe for UNIX

See you on Smokey’s!

October 27, 2008 Posted by Smokey | Downloads, Friends, News, Security, Uncategorized | , , , , , , , , , , , , , | No Comments Yet

« Previous Entries