I’m pleased to announce that there is an update available (v188.8.131.52) for the Smokey’s Choice Awarded top-notch security software Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Norton Antivirus and Norton Security Suite. As with all previous Norton Security software updates, this version is being released in a phased manner. The update is available in all supported languages. To download it, run LiveUpdate.
Changes in this release
* Fixes an issue where ‘iTunes Hangs when trying to Eject’
* Fixes an issue where ‘Display driver issues leading to ‘product not starting’
* Fixes an issue where ‘Nothing happens when I click on Scan’
* Several fixes for desktop flickering issues’ and other problems with Win10 upgrades.
* Clean up left over items during a Windows 10 upgrade to prevent Live Update errors
* Fix for a crash in Hebrew specific layouts.
* Fixes the alignment issue on clicking help in main UI
* Fixes an issue where ‘Auto-Protect is Greyed out’
– and other fixes…
It’s easy to verify you have the update, just launch the Main User Interface, click on Help, and select About.
This update v184.108.40.206 is currently officially available via LiveUpdate only, however there is also the possibility for a direct download from the Symantec/Norton servers. You can install the downloaded update/patch over the top of your existent Norton product. This time too the update will be no problem at all, all previous Norton Security settings will remain unaltered after the update. The update will be accomplished within a few minutes, reboot is not not be required. Important: run LiveUpdate after updating to the new version!
Direct downloadlinks full version / update / trial / Norton Security v220.127.116.11 (patch 22.5.4)
– Norton Security 18.104.22.168 ENGLISH Language: http://buy-download.norton.com/downloads/2015/22.5.4/NS/US/NS-ESD-22.214.171.124-EN.exe
– Norton Security with included Backup 126.96.36.199 ENGLISH Language: http://buy-download.norton.com/downloads/2015/22.5.4/NSBU/US/NSBU-ESD-188.8.131.52-EN.exe
– Norton Security and Norton Security with included Backup 184.108.40.206 in all other supported languages: change language by changing to e.g. Norton Security 22.5.4 DUTCH: http://buy-download.norton.com/downloads/2015/22.5.4/NS/NL/NS-ESD-220.127.116.11-NL.exe
Today Microsoft have released an emergency out-of-band update (2965111) to fix a zero day publicly disclosed vulnerability in Internet Explorer (Microsoft Security Advisory 2963983). The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
This security update is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.
More info about the fix here: MS14-021 :Security update for Internet Explorer: May 1, 2014 The advance notification of the update lists Windows XP as among the affected platforms, indicating that it will be among the platforms patched, in spite of its support period ending weeks ago.
Users with Automatic Updates enabled do not have to do anything, although running Windows Update will apply the fix immediately.
It’s just ‘great’, you are relying on a well-known company selling Backup & Recovery software, Acronis GmbH. On their website they are promising potential customers that their Acronis True Image 2013 software is fully compatible with Windows 8, so you are buying or upgrading a previous version of the software in full faith and trust, assuming that Acronis will save you in case an disaster will happen with your PC and you will be able to boot from a recovery image in case of an disaster.
Well better forget efforts to restore the Acronis image, Acronis will let you down without mercy, your Windows 8 system will tell you: “Selected boot image did not authenticate. Press ‘Enter’ to continue”. So now you have a serious problem…
Cause of the failure message is Secure Boot, a Windows 8 Anti-Rootkit feature that will prevent the PC from booting an unrecognised operating system. Unpleasant side effect: it will also blocking Linux-based recovery environments, such as Acronis Start Up manager.
Despite the fact that Acronis is informed about the issue, they still sell Acronis True Image 2013 as being Windows 8 Compatible. I call this product sale scam. My advise to Windows 8 users: don’t buy the Acronis crap, on your Windows 8 PC it’s a useless piece of emergency software.
Microsoft Security Bulletin MS13-008 – Out-Of-Band Critical Security Update for Internet Explorer (2799329)
This security update resolves one publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 and Internet Explorer 10 are not affected. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by modifying the way that Internet Explorer handles objects in memory. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
This security update also addresses the vulnerability first described in Microsoft Security Advisory 2794220.
Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.
For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.
Known Issues. None
Affected and Non-Affected Software: see the Security Bulletin.
Some Frequently Asked Questions (FAQ) Related to This Security Update, for all FAQ’s see the Security Bulletin.
Is this update, MS13-008, a cumulative security update for Internet Explorer?
No. This security update, MS13-008, only addresses the vulnerability described in this bulletin.
Do I need to install the last cumulative security update for Internet Explorer, MS12-077?
Yes. In all cases MS13-008 protects customers from the vulnerability discussed in this bulletin. However, customers who have not installed the latest cumulative security update for Internet Explorer may experience compatibility issues after installing the MS13-008 update.
Customers need to ensure that the latest cumulative security update for Internet Explorer, MS12-077, is installed to avoid compatibility issues.
If I applied the automated Microsoft Fix it solution for Internet Explorer in Microsoft Security Advisory 2794220, do I need to undo the workaround before applying this update?
Customers who implemented the Microsoft Fix it solution, “MSHTML Shim Workaround,” in Microsoft Security Advisory 2794220, do not need to undo the Microsoft Fix it solution before applying this update.
However, since the workaround is no longer needed, customers may wish to undo the workaround after installing this update. See the vulnerability workarounds in this bulletin for more information on how to undo this workaround.
Where are the file information details?
Refer to the reference tables in the Security Update Deployment section for the location of the file information details.
Where are the hashes of the security updates?
The SHA1 and SHA2 hashes of the security updates can be used to verify the authenticity of downloaded security update packages. For the hash information pertaining to this update, see Microsoft Knowledge Base Article 2799329.
How are Server Core installations affected by the vulnerability addressed in this bulletin?
The vulnerability addressed by this update does not affect supported editions of Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 as indicated in the Non-Affected Software table, when installed using the Server Core installation option.
The information provided in the Microsoft Knowledge Base is provided “as is” without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
ExynosAbuse Exploit: obtaining root on Exynos4 based Samsung Android devices without ODIN flashing, malicious apps will be able to gain total control over the device by gaining root without asking and without any permissions on a vulnerable device.
Source: XDA Developers (alephzain, Chainfire)
Samsung solution status: unfixed
– Samsung Galaxy S2 GT-I9100
– Samsung Galaxy S3 GT-I9300
– Samsung Galaxy S3 LTE GT-I9305
– Samsung Galaxy Note GT-N7000
– Samsung Galaxy Note 2 GT-N7100
– Samsung Galaxy Note 2 LTE GT-N7105
– AT&T Galaxy Note 2 SGH-I317
– Verizon Galaxy Note 2 SCH-I605
– Samsung Galaxy Tab Plus GT-P6210
– Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020
Note: Google Nexus 10 not vulnerable, Exynos5.
Temporary patch (provided by Chainfire): http://forum.xda-developers.com/showthread.php?t=2050297
Note: Chainfire requested not to redistribute the patch, instead please link to http://forum.xda-developers.com/showthread.php?t=2050297
Update Dec 20 2012
Official Samsung Statement Exynos kernel vulnerability issue (in full)
“Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices”
I will only mention Chainfire’s fix. It’s the only one that is secure. Both Supercurio’s and RyanZA’s method leave you with easily exploitable holes any serious malware author will abuse.
About Chainfire’s fix
Chainfire: “This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.
Features for non-rooters:
– Securely patch the exploit
Features for rooters:
– Root the device (SuperSU v0.99)
– Enable/disable the exploit at will
– Enable/disable patching the exploit at boot
– Unroot and cleanup (optionally leaving the exploit patch at boot in place)
Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) – you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren’t rooted, to be able to unpatch this way.
While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves”
Download the fix here: http://forum.xda-developers.com/showthread.php?t=2050297
Note: please do not redistribute the fix!
(CNN – May 2, 2011) — Osama bin Laden, the mastermind of the worst terrorist attacks on American soil, is dead, officials said — almost 10 years after the attacks that killed about 3,000 people.
The founder and leader of al Qaeda was killed by U.S. forces Monday in a mansion in Abbottabad, north of the Pakistani capital of Islamabad, along with other family members, a senior U.S. official told CNN.
In an address to the nation Sunday night, U.S. President Barack Obama called bin Laden’s death “the most significant achievement to date in our nation’s effort to defeat al Qaeda.”
“Today, at my direction, the United States launched a targeted operation against that compound in Abbottabad, Pakistan,” Obama said. “A small team of Americans carried out the operation with extraordinary courage and capability. No Americans were harmed. They took care to avoid civilian casualties. After a firefight, they killed Osama bin Laden and took custody of his body.”
To satisfy the curiosity of many people, here the location of Osama bin Laden’s compound on Google Maps. The compound is located at 34°10′9″N 73°14′33″E, 2.5 miles (4 km) northeast of the center of Abbottabad and three-quarters of a mile (1.3 km) southwest of the Pakistan Military Academy (PMA).
Expect a flurry of e-mails, and likely black hat search engine operations trying to take advantage of the event to distribute malware. Be aware for the dangers of emails proclaiming to have information and searching for websites about his death. If you look-out for news about the death of Bin Laden and related issues, please only visit trusted news sites, also don’t click blindly on images related to the news.
Update May 2: there are reports the Bin Laden death scams are already all over Facebook.
Update May 3: malware is found on numerous sites optimized to show up on Web searches related to the event, also in scams on social networks like Facebook, Twitter & Co.