Apple Watch SDK and More Great App Developer News!

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Removal instructions for Search Safer

What is Search Safer?

The Malwarebytes research team has determined that Search Safer is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.


In November, a presentation is planned for professional organizations in our area.  This represents a planning outline that will be further refined.  

¬†1. SECURITY = SEC-U-R-IT-Y¬†was once shared by a class leader that¬†“you are it“.¬† Careful and¬†well planned human behavior is your BEST¬†defense,¬†even over technological safeguards.¬† Fort Knox has some of the world’s¬†best security, but if the guards open the doors¬†and let unauthorized folks in¬†— what good is all of that fortification?¬† For the best safety for yourself, family, and corporately, one must¬†“think security” and then integrate those concepts¬†in all actions.

2. THINK DEFENSIVELY –¬† ¬†Avoidance is your #1 risk management tool.¬†¬†For email or¬†internet actions —¬†safety should always be a primary concern.¬† It’s good to get¬†secondary verification before acting on items.¬† When a site is encountered that will not allow you to exit —¬†use CTRL+SHIFT+ESC to bring up task manager to close¬†malicious web pages & exit safely.¬†¬† Lock down your browser settings with restrictive security settings.¬† Patch immediately from trusted sources quickly to fortify your system.

3. THINK BEFORE YOU CLICK РThink of every action being potentially dangerous on Internet.  While most actions are safe, there is still the potential of danger.  It is better to pause and double check than to act to emotions or initial responses sometimes.   The good news is that it takes one or more clicks by the user to install most malware.  The bad news is that many folks click anyway, without realizing this gives permission to possibly plant malicious code in a stealth like manner on the system.

4. STAY INFORMED ON DANGEROUS RISKS ‚Äď When a leading bank with restrictive security¬†has millions of accounts compromised, it is a wake call for security to be a top safety theme¬†in our well connected society.¬† Security is only as strong as weakest point.¬†¬†Recently,¬†telephone call scams pretending to be the IRS, Microsoft, and other entities have emerged.¬† However in most cases, they use postal mail to contact folks on serious matters.¬† These are scams intended to rob folks ultimately.¬†¬† There are “no free lunches on the Internet” and the appeal of winning or being chosen, may temp users to click on unsafe items.¬† Please avoid temptations to click on even¬†false news alerts.¬† A few years ago a bad European 100 year storm hit and there was a “Storm Worm” virus that impacted many users.¬†¬† Today, there are false Ebola¬†news alerts circulating and¬†clicking those links may implant a virus.¬†¬†Sensationalized news alerts can be used to trick user.¬† Stay informed on security news bulletins & visit beneficial blog sites to stay educated on the dangers.

5. STAY UP-TO-DATE ON SOFTWARE¬†‚Äď Update Windows, Anti-Virus and all other products on your system as soon as this is offered. Stay on latest version of browser, flash, and other software. Reboot your PC often to give it a fresh start and ensure latest patched components load for your protection.

6. USE SECURE PASSWORDS РUse strong password techniques and don’t use the same one for each site, but vary them to reduce harm if the bad guys happen to discover one. Consider putting an asterisk (*) or exclamation point (!) at end of password that you like using. Use 2-pass security and other approaches in lieu of passwords when feasible.

7. WIRELESS NETWORK SAFETY ‚Äď Use or setup these resources with security in mind, as unsecure connections can be easily intercepted. Be especially careful with your mobile smartphone as it can provide a wealth of personal and sensitive information, if lost or stolen.¬† Please consider wireless as HIGH RISK both at home or away.

8. PHYSICAL SECURITY ‚Äď Carefully handle laptops or mobile phones while traveling by air or driving or at hotel. Hide, lock, and secure these resources. Encrypting the hard drive is beneficial for frequent travelers and anyone desiring high levels of security.

9. RECOVERY FROM SECURITY EVENT ‚Äď When personal information has been compromised or malware infections occur, quickly change all passwords, alert banks, change account numbers, and take other actions to minimize damages associated with loss of information.¬† The key is to quickly change credentials for¬†anything that has been disclosed and ensure your security in future processing is restored under new & improved controls.

10. SECURITY IS A CONTINOUS IMPROVEMENT PROCESS ‚Äď the bad guys are improving their tactics & defensively we must proactively respond as developments occur. The defense mechanisms of five years ago won‚Äôt work for today‚Äôs threats. Security requires re-thinking and re-evaluation of safety techniques constantly.

Removal instructions for AppLow

What is AppLow?

The Malwarebytes research team has determined that AppLow is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

Microsoft Security Advisory Notification Issued: October 15, 2014

Security Advisories Updated or Released Today

* Microsoft Security Advisory (3009008)
– Title: Vulnerability in SSL 3.0 Could Allow Information
– ¬Ľ¬∑¬∑¬∑/3009008
– Revision Note: V1.1 (October 15, 2014): Advisory revised to
include a workaround for disabling the SSL 3.0 protocol in

Patches to keep an eye on:

KB30000061 is a kernel update:
KB3000061 fails to install on Server 2012:   Also impacting Windows 8. EDIT:  Cases opened: 114101711916740 and 114101711915623


Two issues with KB2984972 Рthis is a patch to update the RDP restricted admin mode

“Heads up, KB2984972 on Server 2008R2 RD server caused issues with our Wyse thinclients – it caused them all to span desktops across multiple monitors rather than presenting multiple monitors to the host OS. After uninstalling & rebooting clients are presented with multiple monitors again.”¬† <<<< will impact MultiPoint Server as well too <<<<<

Another thread on the issue here:

App v and KB2984972 impact:   << case opened on this issue SRX 114101611907865.


KB2949927 Рthe SHA-2 update: Also seeing issues with KB2949927 getting installed:  and
EDIT:  KB2949927 has been pulled from Microsoft update on 10/17/2014


Then KB2995388 8.1 cumulative update causing issues with VMware workstation:

Workstation 10 issue with recent Microsoft Windows 8.1 Update | VMware Workstation Zealot – VMware Blogs:
We noticed that a recent Windows 8.1 Update (KB2995388) may cause issues when running VMware Workstation on a Windows 8.1 host with this update installed. User will see an error message ‚Äúnot enough physical memory‚ÄĚ when booting up a virtual machine

Removal instructions for Share This

What is Share This?

The Malwarebytes research team has determined that Share This is adware. These adware applications display advertisements not originating from the sites you are browsing.

Default formatting

If you run get-process you will see something like this for each process

£> Get-Process | select -f 1

Handles NPM(K) PM(K) WS(K) VM(M)  CPU(s)   Id ProcessName
——- —— —– —– —–  ——   — ———–
     80      7   960  4096    44         1560 armsvc


You’ll get the same display if you use

£> Get-Process | select -f 1 | ft


If you ask for a list ‚Äď you get something different

£> Get-Process | select -f 1 | fl

Id      : 1560
Handles : 80
CPU     :
Name    : armsvc


Looking at all of the data for a single process give you this:

£> Get-Process | select -f 1 | fl *

__NounName                 : Process
Name                       : armsvc
Handles                    : 80
VM                         : 46186496
WS                         : 4194304
PM                         : 983040
NPM                        : 7136
Path                       :
Company                    :
CPU                        :
FileVersion                :
ProductVersion             :
Description                :
Product                    :
Id                         : 1560
PriorityClass              :
HandleCount                : 80
WorkingSet                 : 4194304
PagedMemorySize            : 983040
PrivateMemorySize          : 983040
VirtualMemorySize          : 46186496
TotalProcessorTime         :
BasePriority               : 8
ExitCode                   :
HasExited                  :
ExitTime                   :
Handle                     :
MachineName                : .
MainWindowHandle           : 0
MainWindowTitle            :
MainModule                 :
MaxWorkingSet              :
MinWorkingSet              :
Modules                    :
NonpagedSystemMemorySize   : 7136
NonpagedSystemMemorySize64 : 7136
PagedMemorySize64          : 983040
PagedSystemMemorySize      : 89712
PagedSystemMemorySize64    : 89712
PeakPagedMemorySize        : 1212416
PeakPagedMemorySize64      : 1212416
PeakWorkingSet             : 4300800
PeakWorkingSet64           : 4300800
PeakVirtualMemorySize      : 50155520
PeakVirtualMemorySize64    : 50155520
PriorityBoostEnabled       :
PrivateMemorySize64        : 983040
PrivilegedProcessorTime    :
ProcessName                : armsvc
ProcessorAffinity          :
Responding                 : True
SessionId                  : 0
StartInfo                  : System.Diagnostics.ProcessStartInfo
StartTime                  :
SynchronizingObject        :
Threads                    : {1564, 1572}
UserProcessorTime          :
VirtualMemorySize64        : 46186496
EnableRaisingEvents        : False
StandardInput              :
StandardOutput             :
StandardError              :
WorkingSet64               : 4194304
Site                       :
Container                  :


Notice that you don‚Äôt see anything corresponding to  any of these fields from the default display – NPM(K)    PM(K)      WS(K) VM(M)   CPU(s)


That‚Äôs because they are calculated by PowerShell when the data is formatted to display.  See about_Format.ps1xml for more details

Cannot build a SSRS project in TFS build due to expired license

If you want to get your TFS build process to product SSRS RDL files you need to call the vsDevEnv custom activity to run Visual Studio (just like for SSIS packages). On our new TFS2013.3 based build agents this step started to fail, turns out the issue was not incorrect versions of DLLs or a some badly applied update, but that the license for Visual Studio on the build agent had expire.

I found it by looking at diagnostic logs in the TFS build web UI.


To be able to build BI project with Visual Studio you do need a licensed copy of Visual Studio on the build agent. You can use a trial license, but it will expire. Also remember if you license VS by logging in with your MSDN Live ID that too needs to be refreshed from time to time (that is what go me), so better to use a product key.

Source: Rfennell

Spybot Search & Destroy Weekly Update – October 15, 2014


++ AdExpertBrowser + Firseria + InstallMonetizer ++ MultiPlug + Win32.AddLyrics
+ AntiVirGear + Win32.Neuraxon ++ ++ Win32.Cabby ++ Win32.Startpage.eyuyan
++ ButtonGuide ++ OpenShopper ++ ShareBox ++ Win32.Startpage.MailRu
+ Win32.Muollo + Win32.DarkKomet
Total: 2600957 fingerprints in 810863 rules for 7351 products.


Microsoft Security Advisory Notification Issued: October 14, 2014

Security Advisories Updated or Released Today
* Microsoft Security Advisory (3009008)
– Title: Vulnerability in SSL 3.0 Could Allow Information
– ¬Ľ¬∑¬∑¬∑/3009008
– Revision Note: V1.0 (October 14, 2014): Advisory published.

PowerShell Summit Europe 2014 – All videos available

All of the recordings from the recent PowerShell Summit in Amsterdam are now available through the channel on youtube. The playlist for the Summit is


Thank you again to the speakers, and attendees, who made for a wonderful first Summit in Europe and more thanks to the people who donated to our appeal to raise funds for the recording equipment.

Update Tuesday..

Another successful round of updates with three Windows 7 machines, one Windows 8.1 machine and the Windows 10 Tech preview showing no ill effects this morning.

The Netbook gave me a scare though. Last night, I left it installing the updates, and this morning woke up to find it stone cold dead. A few minutes of messing with it turned up the problem. The power cable was in the surge protector and the power brick was plugged securely into he side of the machine, but the two were not connected.

On re-connection, it resumed update 14 of 17, and is now happily charging itself up ready for the next job where it will be used to reset a router Wi-Fi setup later today. It runs Xirrus Wi-Fi Inspector and is great for little jobs like this.


Use the Fully Qualified Name When Using a Sitecore MVC Controller ‚Äď Sitecore Best Practice

Be sure to check out my latest blog post at (my employer) XCentium‘s blog where I go over details regarding what should be the new Best Practice and why you should use the Fully Qualified Name and Assembly for the Controller When Using a Sitecore MVC Controller. Tags: ,,

Source: ASPAdvice Blog

Microsoft Security Advisory Notification Issued: October 14, 2014

Security Advisories Updated or Released Today

* Microsoft Security Advisory (2755801)
– Title: Update for Vulnerabilities in Adobe Flash Player in
Internet Explorer
– ¬Ľ¬∑¬∑¬∑/2755801
– Revision Note: V30.0 (October 14, 2014): Added the 3001237
update to the Current Update section.

* Microsoft Security Advisory (2871997)
– Title: Update to Improve Credentials Protection and Management
– ¬Ľ¬∑¬∑¬∑/2871997
– Revision Note: V4.0 (October 14, 2014): Rereleased advisory
to announce the release of updates that provide additional
protection for users credentials when logging on to a remote
host server. See Updates Related to this Advisory and Advisory
FAQ for details.

* Microsoft Security Advisory (2949927)
– Title: Availability of SHA-2 Hashing Algorithm for Windows 7
and Windows Server 2008 R2
– ¬Ľ¬∑¬∑¬∑/2949927
– Revision Note: V1.0 (October 14, 2014): Advisory published.

* Microsoft Security Advisory (2977292)
– Title: Update for Microsoft EAP Implementation that Enables
the Use of TLS
– ¬Ľ¬∑¬∑¬∑/2977292
– Revision Note: V1.0 (October 14, 2014): Advisory published.

Microsoft Security Bulletin Re-Releases Issued: October 14, 2014


The following bulletin has undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS14-042 – Moderate

Bulletin Information:

MS14-042 – Moderate

– ¬Ľ¬∑¬∑¬∑ms14-042
– Reason for Revision: V2.0 (October 14, 2014): Bulletin
rereleased to announce the offering of the security update
via Microsoft Update, in addition to the Download-Center-only
option that was provided when this bulletin was originally
released. Customers who have already successfully updated
their systems do not need to take any action.
– Originally posted: July 8, 2014
– Updated: October 14, 2014
– Bulletin Severity Rating: Important
– Version: 2.0

Microsoft Security Bulletin(s) for October 14, 2014, 2014

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: ¬Ľ and ¬Ľ are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

Critical (3)

Microsoft Security Bulletin MS14-056
Cumulative Security Update for Internet Explorer (2987107)

Microsoft Security Bulletin MS14-057
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414)

Microsoft Security Bulletin MS14-058
Vulnerability in Kernel-Mode Driver Could Allow Remote Code Execution (3000061)

Important (5)

Microsoft Security Bulletin MS14-059
Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942)

Microsoft Security Bulletin MS14-060
Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869)

Microsoft Security Bulletin MS14-061
Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434

Microsoft Security Bulletin MS14-062
Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254)

Microsoft Security Bulletin MS14-063
Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579)

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website – visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

Mozilla Firefox 33.0 offered to Release Channel October 14, 2014

Firefox Notes
Version 33.0, first offered to Release channel users on October 13, 2014

Mozilla Firefox 33.0 Released: October 14, 2014

Version 33.0, first offered to Release channel users on October 13, 2014

Check out “What‚Äôs New” and “Known Issues” for this version of Firefox below.
As always, you’re encouraged to tell us what you think, or file a bug in Bugzilla. If interested, please see the complete list of changes in this release.

Swift Programming 101: Generics‚ÄĒA Practical Guide

Hands-on tutorial that helps you fully grasp Swift’s generics.

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Recent Comments