Microsoft Silverlight Vulnerability Leads To Malware Infections

November 19th, 2013

Microsoft sign

Do you have Silverlight installed on your computer? The Microsoft product, similar to Adobe Flash, is used for running internet applications, most notably the streaming video client on Netflix. Subscribers alone account for 40-million Silverlight users worldwide. As Zeljka Zorz of HelpNet Security reports, all of these users are at risk of becoming a victim of a malware attack that exploits a critical vulnerability in Silverlight.

The malware, which could allow remote code execution, finds it way onto your machine when you visit an infected website. This website could be specifically set-up by hackers to infect unsuspecting users, it could be a compromised site that’s infecting users without the owners knowledge, or a site that allows user submitted content.

When you land on one of these websites, an Angler exploit kit, which is a tool used by hackers, determines what version of Silverlight you have installed. It determines whether you are vulnerable to an attack and, if so, the malware is downloaded to your computer.

The reason the Angler is needed is because Microsoft has already released a patch that fixes the security flaw being exploited. However, a number of users fail to update and are still using out-dated versions of Silverlight. If you’re using Silverlight, be sure you update to close vulnerabilities that could otherwise lead to a malware infection. If you don’t use Silverlight, but have it installed, you can remove it completely to protect yourself from this attack.

This is another example of why it’s important to keep all applications up to date and install each patch when it’s released. Enabling automatic updates for trusted applications makes this job easier.

If you have experienced a malware attack and your computer’s performance is suffering, bring your machine to Geek Rescue or call us at 918-369-4335.

Administrator Tools To Improve Windows 8

November 13th, 2013

Laptop running Windows 8

Microsoft’s latest operating system, Windows 8, has some great features, but there’s room for improvement. As Preston Gralla of Computer World writes, Windows offers some built-in tools for boosting performance if you know where to look. The first step is to unhide them.

To do so, press the Windows key and ‘I’ to bring up the settings. Click on “Tiles” and change “Show Administrator Tools” to ‘Yes’. This gives you access to some of Windows more complex, powerful performance tools, but also opens the door to disrupting your system. If you’re a novice user, it’s probably best to leave this to a professional. Even if you are more advanced, it’s a good idea to go back and hide Administrator Tools after finishing the work outlined here.

  •  Resource Monitor

This tool has been available since Windows Vista and lets users see what applications are using the most resources. By typing “resmon” at the Start screen, the Resource Monitor icon will appear. Once opened, you’ll see a list of all of the apps and services currently running and a graph of your computer’s used resources. With this information, you can make informed decisions about which applications can be closed to improve performance. You may also decide that a replacement is needed for a particularly taxing program.

  • Reliability Monitor

Also available since Vista, the Reliability Monitor is for tracking system stability and monitoring crashes. Access it by typing “reliability” at the Start screen, then click ‘Settings’, then ‘View Reliability History’. You’ll see a graph of your system’s stability with a rating between 1 and 10. Each time there’s a application or system failure, the rating drops. Every day there’s no crashes, the rating improves. In addition to this simple rating system, you’ll be given a list of all of the failures your system has experienced. You’ll be able to read details of each. By studying this report, you’ll be able to see where fixes and changes are needed.

  • Start-Up

For many users, their system starts slowly because they’re asking too many programs to load automatically on start-up. To thin this list, use the Task Manager. There are many ways to access it in Windows 8, but perhaps the easiest is the classic ‘control-alt-delete’. Click the start-up tab once in Task Manager, which you may need to click “More details” to see. This tab shows you what programs are asked to launch upon start-up. You’ll also see an impact rating, which judges how much each application slows start-up time and how much disk space it takes to load. Use this information to only load programs you constantly use and don’t greatly impact start time.

Even though it should be enabled by default, it’s also a good idea to check that you’re using Fast Startup. Rather than closing all sessions when you shut down your computer, Fast Startup saves your Windows kernel session to disk, which is called hibernating. This session is loaded when you start-up again to cut the time it takes to restart. To check if you’re using Fast Startup, type “Power” at the Start screen, then click ‘Settings’ and ‘Power Options’. From there, click ‘Choose what power buttons do’ and the Fast Startup option will be under ‘Shutdown Settings’.

The Task Manager itself is also a powerful tool in Windows 8. It contains tabs to track each user, the performance of your CPU, Memory, Wi-Fi and more and to track the history and usage of applications. Again, using these tools incorrectly can have a negative impact on your system so be careful what you click.

For help getting the most out of your computer, or to fix a device that isn’t working correctly, call Geek Rescue at 918-369-4335.

Beware Unpatched Windows Security Vulnerability

November 11th, 2013

Windows 7

A zero-day exploit that affects Internet Explorer, Windows XP and Windows 7 users won’t be getting a patch from Microsoft any time soon. Microsoft’s Patch Tuesday for November is only a day away and, as Paul Ducklin of Naked Security reports, news is already spreading that a patch for this exploit won’t be included.

The “remote code execution vulnerability” is dubbed a zero-day because hackers were the first to discover it. Rather than security experts, or Microsoft themselves, discovering the vulnerability and patching it, cyber criminals have been able to launch attacks in the wild before any precautions could be taken.

The attacks seen so far that exploit the vulnerability use .TIFF image files that contain malware. When a user opens the seemingly innocent image file, malware infects the machine, but no warning or notice is given. This silent infection allows hackers to remain undetected while they claim access to files and control a computer remotely.

So far, most of the attacks stem from email attachments. The .TIFF is hidden in a Word document and automatically loaded when the document is opened. There are a number of other ways the exploit could be attacked, however. Inserting the infected image file directly into the body of an email could infect your system through only a preview of the message. Hackers could also set-up websites specifically to infect visitors, or insert malware into existing sites using .TIFF images.

While there’s no patch coming from Microsoft this week, there are ways to protect yourself. A Fix it tool released by Microsoft will tell your computer to stop processing .TIFF files. This is a broad stroke, but one that will ensure the vulnerability will be closed until a more permanent patch is made available.

In the meantime, some simple advice will also help improve your security. You should always be wary of unsolicited emails and their attachments. Often, all it takes is opening the email to try to verify its authenticity is all it takes to become a victim. Also, make sure you have an antivirus program in place and it’s updated. Because of the way this exploit gives a hacker access to all of the files you’re current user account is able to access, it’s useful to use a non-administrator account. That way, if you are attacked, only part of your system is at risk, and solving the problem from an administrator account is much easier.

If any of your devices are infected with malware, bring them to Geek Rescue or call us at 918-369-4335. We’ll find the problem, fix it and help you protect yourself from future attacks.

Microsoft Patches Cause Confusion

November 11th, 2013

Computer user

Software companies like Microsoft, Apple and Adobe release patches regularly to fix bugs and close security vulnerabilities. This is a common practice, but as Tyler Reguly of TripWire’s State of Security blog reports, Microsoft often makes a mess of it.

There are a number of factors that contribute to the confusing nature of Microsoft’s patch practices. Patch Tuesday occurs once a month and involves the patching of multiple Microsoft products and fix multiple vulnerabilities at a time. The downside to this bulk patch release is that new vulnerabilities that crop up are left open for weeks while users wait for the next Patch Tuesday to come around. There have been instances in the past when Microsoft has pushed out a patch outside of this schedule and other companies follow a similar patching process, but users are still left in the lurch from time to time.

In addition, patches are far from uniform. Microsoft could release multiple patches to fix a single vulnerability in a single product, or they could release one patch per product for each instance of a vulnerability. Some patches replace older patches, but sometimes multiple patches are needed to replace a single patch.

In an attempt to simplify this process, Microsoft introduced a single service that would automatically update Windows users with any applicable patches for all Microsoft products in use on their device. This actually caused more confusion, however. A user who has enabled automatic updates might think they’re fully patched at all times, but that’s rarely the case. That’s usually because an older version of an application is being used that Microsoft no longer supports or that won’t work with automatic updates.

Unfortunately, users aren’t warned that applications aren’t being updated. Instead, it appears they’re patched and safe from vulnerabilities. In many ways, this makes them more susceptible to breaches than if they knowingly avoided all patches to begin with.

Keeping your devices and networks safe requires an investment. Geek Rescue offers help for improving security for your home or business. Call us at 918-369-4335.

 

Windows XP Users At Increased Risk Of Malware Infection

October 30th, 2013

Windows

The Windows XP operating system was initially released in 2001. More than twelve years later, it still accounts for about a fifth of the operating systems in use on machines. This wouldn’t necessarily pose a problem, except that, as Kelly Jackson Higgins reports for Dark Reading, XP users are at a much greater risk of malware infections and Microsoft is cutting off support on April 8th, 2014.

While Windows 8 users and XP users encountered about the same amount of malware in the first half of 2013, XP machines were about six times more likely to be infected by attacks. Because the OS is so old, hackers have had more than a decade to develop malware for it and find security vulnerabilities. This means that malware attacks are likely to be highly effective because they specifically target known flaws. It’s also likely that users still using XP have not kept it updated properly. Many are likely behind on security patches and may not be running the latest antivirus programs either.

Security experts chalk up the high number of users stuck on XP to its familiarity. While Windows 7 and 8 have focused on better functionality, they’re also quite a bit different from XP. Instead of learning the ins and outs of a new OS, many users choose instead to stick with what’s comfortable.

So, what are these XP users risking? There are 3 types of malware that target these users the most. All are fast spreading worms that infect computers then spread to others.

  •  Sality- Steals personal information, changes security settings on infected machine
  • Ramnit- infects Windows executable files, Office files and HTML files
  • Vobfus- downloads other malware and spread with a USB flash drive

On April 8th, Microsoft won’t completely end support for Windows XP. But users will have to pay for a premium service for critical updates.

Geek Rescue cleans malware infections and fixes all of your devices. Bring your device by one of our locations or call us at 918-369-4335. If it boots up or turns on, we fix it.

Windows Defender Scores Poorly

September 24th, 2013

F on paper

Microsoft Windows users may be tempted to forego any additional security software because of the existence of Windows Defender, a free antivirus program included with Windows. While Defender does offer some security benefits, Mathew J. Schwartz, of Information Week, points out that it hardly is capable of protecting your computer on its own.

In a study conducted with 27 other antivirus programs that tested protection, repair and usability of each, Defender scored the lowest. In fact, out of a possible score of 18 on the test, Defender scored about 5 points lower than any other program.

In a test of about 60-thousand common pieces of malware, Defender was able to detect 97-percent of them. Not so good considering only three other programs failed to achieve 100-percent detection.

Defender does have its advantages, however. It earned top marks in usability and, of course, its price tag can’t be beat.

So, should you run Windows Defender on your computer? Absolutely, but you should have other security in place, as well.

Security experts suggest using multiple layers of security, even if you have the top ranked programs in place. Because malware is constantly changing and new forms are released each day, there’s no way any program can keep up. So, having multiple ways to detect malicious programs gives you a better chance to avoid infection.

For help improving the security on your machine, or to get rid of malware that’s already infected it, call Geek Rescue at 918-369-4335.

These Devices Are Incredibly Difficult For Users To Repair

September 19th, 2013

Device repair

When a device stops working, a lot of us want to try to fix it on our own. For some gadgets, this is possible, but for others, it leads to headaches and possibly worse problems.

Lou Carlozo, of DealNews, has a list of the most difficult to repair devices. If you have a problem with one of these, it’s probably best to take it to a professional.

  • iPod Touch

Apple cases are notoriously difficult to get into. The iPod in particular has no external screws and is held together by adhesive and clips. Many parts are soldered together, which makes replacing individual parts difficult. 

  • iPad and iPad Mini

Once again the case is difficult to open because of a large amount of adhesive. The Mini also uses tiny screws that always seem to disappear after removing them. Parts like the battery or Lightning connector are soldered, or glued, to other pieces, which makes them difficult to remove and nearly impossible to replace individually. 

  • MacBook Pro

The battery is glued in and the RAM is soldered in. Want to replace one or the other? That’s a big and difficult job. There’s also proprietary screws holding everything together that take a special tool to remove. 

  • iPod Shuffle

This device is so small, it is nearly impossible to open its case without damaging it further. Once again, the battery is soldered in further complicating things for those fortunate few who do get it open. 

  • Surface Pro

Microsoft’s laptop/tablet features a display that’s glued in with an excessive amount of adhesive. Once you get inside the case, you’ll find more than 90 screws keeping you from accomplishing anything. 

  • HTC One

This 4G smartphone offering features a battery that hides underneath the motherboard. It’s also strongly attached to the midframe. None of that becomes an issue until you figure out how to open the case without tearing it apart. 

These are among the most difficult gadgets for end users to repair. If you are experiencing a problem with these or any other device you own, bring it to Geek Rescue. If it boots up or turns on, we fix it. Come by or call us at 918-369-4335.

 

Common Computer Problems You Can Fix Yourself

September 4th, 2013

Fixing computer

If you own a computer, or any device really, you’re likely to encounter problems from time to time. But, as Ben Kim of CIO points out, some of the more common problems have easy fixes that you can handle yourself.

Regardless of the problem and before you try anything else, restart your computer. There’s a reason this is cliched advice. For many issues, a restart will put everything right.

  • Slow performance

Your system will slow down when your hard drive gets too full. If you’ve noticed a sluggish performance, try clearing some space. Windows users will also want to use Microsoft’s System Configuration tool to trim down the number of applications that open automatically on start-up. To access it, press Windows-R, type “msconfig” and hit Enter. 

  • Slow downloads

If your downloads are taking longer than they should, test your connection speed. You can do this on a number of websites. Resetting your modem and router is also a good idea before contacting your Internet Service Provider. 

  • Pop-ups

If you’re seeing a high number of pop-ups ads, you’ll want to make sure you have a pop-up blocker enabled in your browser. If they appear when you aren’t even surfing the internet, you’ve got adware. This usually stems from you installing a program that had adware hidden in it. To remove it, try running any security software you may have, or installing new adware-specific programs.

  • Wi-Fi disconnects

If you’re sitting in range of your wireless router, but you still get a weak signal or constant disconnects, there are a couple of fixes. First, try resetting the modem and router. Then, let Windows troubleshoot the problem for you by right-clicking on the Wi-Fi icon in the taskbar and selecting ‘Diagnose Problem” or “Troubleshoot Problems”.

  • Printer doesn’t print

 We’ve all had our share of printer-related headaches. Check to make sure there’s enough ink, toner and paper and the notification light isn’t blinking. Turn the printer off, then back on. You can even completely unplug the power supply and wait a few seconds before plugging it back in. If you still can’t print, check to see if the “Use Printer Offline” option is enabled. Windows will switch this automatically in some circumstances so make sure to uncheck it. 

If these fixes don’t work or you have a more serious issue, call Geek Rescue at 918-369-4335. Our team of techs fix any problem your device may have. Give us a call, or bring your device to one of our convenient locations.

Going Invisible And Staying Safe On The Internet

July 12th, 2013

Invisible man

To many people, being invisible and undetectable on the internet is only necessary for criminals who are partaking in illegal activities. Those people overlook how easy it is for websites and other users to monitor your activity and steal your information. Fortunately, there are plenty of ways to stay safe by going invisible. Chris Gayomali touched on a handful of your options in his recent article for The Week.

Masking your IP address makes it more difficult to track your online activity, which is a particularly valuable skill considering the recent developments with the NSA. Your IP, or internet protocol, address is a set of numbers assigned to your device. Computers, phones, even printers, all have an IP address. To mask your IP, your connection to the internet is rerouted through other machines, which makes it hard to pin down where you actually are. There are programs readily available for download to help with this task, although some websites may not support your masked IP experience. Geek Rescue will outfit your computer with top-of-the-line software to mask your IP and keep you safer online.

Have you ever heard of a VPN? It stands for Virtual Private Network and they supply encrypted tunnels to keep your online activity secure. Again, there are plenty of downloadable tools to help you set-up your own VPN. They come in handy when using free WiFi, which are by definition unsecure networks and attract shady characters. To set up your own VPN, call Geek Rescue or stop by. They’ll have you surfing securely in no time.

You may not be using your email for any illegal activity, but that doesn’t mean you want anyone to have access to your message content. Addresses, phone numbers, bank account numbers and social security numbers are routinely included in emails. Encryption services are readily available and many don’t even require registration. Geek Rescue has the email solutions you need to ensure that no outside sources have access to your private messages.

Google, Microsoft and Yahoo have all been accused of sending information to the government. What do you do if you don’t records of your searches forward to official agencies? A little research can help you discover a new search engine that promises not to track or store records of your searches. Predictably, traffic on these search engines has risen steadily in the past few weeks.

Finally, if the search giants’ sites aren’t safe, neither are their chat clients. Encrypted chat services are often as easy as adding a plug-in to your browser. It may not be quite as convenient as Gchat, but you can be sure that no one else is reading your conversation.

For more information on how to surf safely and keep your computer and data private and secure, talk to the experts at Geek Rescue today. Give us a call at 918-369-4335.