Monthly Archives: April 2012

Facebook – New PrivacyScore app rates privacy risks of popular apps

Facecrooks security highlights a new tool available to assess privacy for popular Facebook apps

QUOTE:  Privacyscore, a project conducted by Privacychoice, recently released a Facebook application that rates the privacy risks of the most popular Facebook applications. Pictured below is what you’ll see when you visit the app. Hovering over one of the featured apps, displays their score.

Microsoft – Security Essentials v4 BETA release

As with all BETA products, a good working knowledge of how to work around issues is essential:

Microsoft – Security Essentials v4 BETA release

QUOTE: Microsoft has released Security Essentials 4.0, the latest version of its lightweight, straightforward antivirus package. The bulk of the changes this time are under the hood. MSE’s “Automatic Remediation” now does a better job of quarantining threats on its own, for instance, no user intervention required. And Microsoft claims scanning performance and malware detection rates have both improved on the previous build.

Facebook Security – AV Products being promoted for better security

Facebook is now actively promoting AV solutions that include free 6 month trial periods plus products like MSE, AVG, or AVAST that are completely free

Facebook Security Page

Facebook Security – AV Products being promoted for better security

QUOTE: One of the more exciting announcements made in the post is that the security companies mentioned above will be sharing educational materials on the Facebook Security page.

Microsoft SIR Volume 12 release – Huge release of analytical information

Hundreds of pages of data are highlighted in the latest release

Microsoft SIR Volume 12 release – Huge release of analytical information

QUOTE: Today we released the latest volume of the Microsoft Security Intelligence Report (SIR) containing a large body of new data and analysis on the threat landscape.  This volume of the SIR includes:

• Latest industry vulnerability disclosure trends and analysis
• Latest data and analysis of global vulnerability exploit activity
• Latest trends and analysis on global malware and potentially unwanted software
• Latest analysis of threat trends in more than 100 countries/regions around the world
• Latest data and insights on how attackers are using spam and other email threats
• Latest global and regional data on malicious websites including phishing sites, malware hosting sites and drive-by download sites

Event Viewer fun and games..

Every now and again, I like to go into Event Viewer to see what Windows is throwing out of the cart. You can always rely on having some errors, warnings etc. and sure enough, I had some.

One was a PMEM error. This was simple enough. I removed the vestiges of an old Lotus Organiser 6 installation and the PMEM key from registry.

The next was a DHCP error with the integrated NIC. Apparently, the NIC’s IP address was outside of the range set in the router. It wasn’t but I uninstalled the NIC, but didn’t check the box to remove the drivers. A reboot saw the NIC discovered and the fault gone.

The final one was an ICS/TCP/IPV6 error.  The common thinking is that ICS is set up or there is a problem with Virtual Memory or the memory manager. Ostensibly, none of the three apply.. or do they?

I have the XP Mode Virtual Machine installed. Is this the ICS connection? Short of uninstalling XP Mode, I have no way of finding out, and I don’t feel up to uninstalling XP mode today.

So, two out of three is not so bad. None were crippling the computer, affecting boot up times, or stopping anything from working as far as I am aware. What was interesting  was a result I had from Bootracer after making changes to the second problem. Boot times will obviously be longer if the system has to accommodate changes made to the system.

Bootracer gave a rating of excellent to 5.23 minutes. I would show you the actual result but I didn’t think to save it.

Windows 7 = 1    Bootracer = 0

I think that a PC which boots to a desktop 99.99% of the time is a good one and if it gets there and is completely usable within 2.5 minutes, that is good too. It isn’t like you are losing huge chunks of your life while waiting, especially as it gives you time to adjust your chair, give the keyboard a dust-off and generally settle down before typing in your password.

A case in point.. With just one error appearing in EV, this one shows that my computer can boot faster than I can get a cup of coffee and a cheese and cracker snack..

snip 29 2

Have a great day..

PowerShell news April 2012

As April comes to close so does the extension for grading scripts in the recent games. I’ve been so busy grading haven’t had time to blog about the games. I’ll start to catch up on the backlog over the next few weeks.  This years games have been huge with more than 150% growth in the number of scripts submitted. That is a lot of PowerShell.


The Deep Dive starts tonight – with keynotes tomorrow. This is shaping up to be the PowerShell event of the year.


Powershell and WMI will be available very soon.


Advanced Powershell – is well on the way and still on target for a release soon after Windows 8 and Powershell v3


Windows 8/windows 2012 release candidate will be with us in early June. Already had one user group session on the topic and there will be another one in May

Mobile Security – How can you tell your phone is infected?

A good article documenting the need to review phone bills in detail each month:

Mobile Security – How can you tell your phone is infected?

QUOTE:  On a PC the signs are pretty obvious. Your computer slows to a near-screeching halt, your browser re-directs you to random websites, your friends are suddenly calling asking about your career change to become a Viagra distributor (since your email has probably been hacked). Your IT guy can often tell by looking at your process names, as malware authors might name their malicious process ‘svchsot.exe’ to look like a legit one ‘svhost.exe’ (see what I did there?). 

Harder To Tell On a Phone  — According to Kaspersky malware researcher Tim Armstrong, users usually don’t discover something’s wrong until they look at their phone bills and don’t recognize the numbers of text message recipients. Premium rate SMS Trojans are the most common type of mobile malware. This malware disguises itself in a legit-looking app, and secretly sends SMS short codes that bill the caller. Nor will an average user really be able to tell by checking app permissions. Android developers can choose from dozens of permissions, and as Armstrong notes, it’s often impossible to guess which are legitimate and which are warning signs.

FlashBack – New variant attacks both Mac and Windows PCs using Java vulnerability

Both Windows and Mac users are protected if they are up-to-date on security patches.

QUOTE: A malware attack called Flashback infested well over a half-million Macs last week by exploiting a Java vulnerability. All Mac users have since updated to Apple’s recently-released Java update, thereby rendering all Flashback variants powerless. Right. In your dreams! In the real world, hundreds of thousands of Macs remain infested, and a new threat has surfaced that gains entry using the same exploit but goes on to wreak even more havoc.

According to a post by Graham Cluley on Sophos’s Naked Security blog, Sophos researchers determined that this new threat is attacking both Mac and Windows computers through the same Java vulnerability Flashback used. Windows users who permit automatic updates should be safe, as Microsoft patched the vulnerability in mid-February. Windows and Mac users who haven’t updated are vulnerable.

Apple Security – Flashback Removal Tool

ISC highlights recent security update and the creation of a removal tool for the Flashback Trojan attacks circulating in-the-wild. 

Apple Security – Flashback Removal Tool

QUOTE:  Earlier in the week Apple released a Java update which included software to remove the Flashback Trojan from OS X Lion machines running Java.  The Flashback Trojan removal tool is now also available for OS X Lion machines not running Java. This Flashback malware removal tool is available through the OS X Software Update tool, or from Apple’s download site

Oracle – Critical security advisory for April 2012

DBAs and security teams should apply these patches promptly as numerous products were updated

QUOTE: Affected Products and Versions Patch Availability

Oracle Database 11g Release 2, versions, Database
Oracle Database 11g Release 1, version Database
Oracle Database 10g Release 2, versions,, Database
Oracle Application Server 10g Release 3, version Fusion Middleware
Oracle BI Publisher, versions, Fusion Middleware
Oracle DB UM Connector for Oracle Identity Manager, Version Fusion Middleware
Oracle Identity Manager 11g, versions, Fusion Middleware
Oracle JDeveloper, version Fusion Middleware
Oracle JRockit versions, R28.2.2 and earlier, R27.7.1 and earlier Fusion Middleware
Oracle Outside In Technology, versions 8.3.5, 8.3.7 Fusion Middleware
Oracle WebCenter Forms Recognition, version Fusion Middleware
Enterprise Manager Grid Control 11g Release 1, version Enterprise Manager
Enterprise Manager Grid Control 10g Release 1, version Enterprise Manager
Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3 E-Business Suite
Oracle E-Business Suite Release 11i, version E-Business Suite
Oracle Agile, version 6.0.0 Supply Chain
Oracle AutoVue version 20.0.2 Supply Chain
Oracle PeopleSoft Enterprise CRM, version 9.1 PeopleSoft
Oracle PeopleSoft Enterprise HCM, version 9.1 PeopleSoft
Oracle PeopleSoft Enterprise HRMS, versions 8.9, 9.0, 9.1 PeopleSoft
Oracle PeopleSoft Enterprise FCSM, versions 9.0, 9.1 PeopleSoft
Oracle PeopleSoft Enterprise PeopleTools, versions 8.50, 8.51, 8.52 PeopleSoft
Oracle PeopleSoft Enterprise Portal version 9.1 PeopleSoft
Oracle PeopleSoft Enterprise SCM, versions 9.0, 9.1 PeopleSoft
Oracle Siebel Life Sciences, versions 8.0.0, 8.1.1, 8.2.2 Health Sciences
Oracle FLEXCUBE Direct Banking, versions 5.0.2, 5.3.0-5.3.4, 6.0.1, 6.2.0 Contact Oracle Customer Support
Oracle FLEXCUBE Universal Banking, versions 10.0.0-10.5.0, 11.0.0-11.4.0 Contact Oracle Customer Support
Primavera P6 Enterprise Project Portfolio Management, versions 6.2.1, 8.0, 8.1, 8.2 Primavera
Oracle Sun Product Suite Oracle Sun Product Suite
Oracle MySQL Server, versions 5.1, 5.5

Recent Comments